
Google Is Bringing Electronic IDs to Android - jmsflknr
https://venturebeat.com/2019/05/09/google-is-bringing-electronic-ids-to-android/
======
jwr
This is a terrible idea. The last thing I want is for an advertising company
that makes its living off personal data that they gather about me to be able
to reliably link that data to my real identity.

I think that in general embedding legally-empowered digital IDs (in the form
of certificates, not pictures of physical ID cards, mind you) in mobile phones
is a good idea, but it ceases to be a good idea when your phone and your OS
are made by an advertising company with clear incentives to gather data about
you, and a solid history of doing so.

~~~
martronthrow
They already have a payments platform and app store that requires a linking,
which is more than adequate for highly targeted advertising.

I really think that civic engagement and petitioning law makers to protect our
privacy is the main tool we have to get out of these impending messes.

~~~
kevin_thibedeau
You can use the app store without setting up payments.

~~~
lighthazard
You can't use the app store meaningfully without setting up payments.

~~~
kevin_thibedeau
Downloading free apps isn't meaningful?

~~~
ddingus
Sure it is. I am convinced that a is temporary state too.

Enjoy while you can.

------
Avamander
It's weird to see all these crutches and half-assed fixes instead of lobbying
and other work done to fix the ID situation in the US. It's really
unfathomable to me how big of a problem identity theft and unauthorized access
to digital systems for a regular citizen is. Especially compared to what for
example Estonia has built, where I really do not have to worry about that
issue - I have to have my ID card (or my mobile-ID) or I don't have access.
Basically mandatory 2FA everywhere important, since about 2002, in my humble
opinion it should be about time the US properly fixed the issue.

~~~
monocasa
There's a very vocal minority that views any attempt by the government to make
any ID proof that the New World Order exists. There's also a pretty decent
sized part of the Evangelical movement that sees those IDs as potentially the
literal "mark of the beast" from revelations.

Additionally a part of the Republican strategy is to disenfranchise via
selectively reducing access to valid existing IDs while cranking up voting
requirements of those IDs.

This combo basically means that both Republicans as a whole and the Blue Dogs
see it as politically nonviable, which is more than a majority at the federal
level.

~~~
Avamander
> Additionally a part of the Republican strategy is to disenfranchise via
> selectively reducing access to valid existing IDs while cranking up voting
> requirements of those IDs.

Can't the goverment provide the IDs to those who are less well off for free-
of-charge?

~~~
BlackRing
Many states, if not all, provide a free non-drivers ID card.

~~~
abrowne
Definitely not all. Minnesota's at least is paid. As a non-driver, I decided
to skip renewing mine recently and get a passport card instead.

------
kelnos
I wonder about the due process implications for this at, say, a traffic stop.
If you hand a police officer your phone to show them your driver's license, is
that implicit consent to search your phone? Will the ID-showing mode be
special in that it will allow the holder to see the ID, but the rest of the
phone will remain locked?

I like that they're looking for ways to make it so you still have access to ID
documents even when the battery is drained to the point that the phone cannot
boot, but overall I'd still want to carry a physical card as a backup. And if
I'm doing that, I'm just going to use the physical card in most situations
where I need it.

~~~
bduerst
They mentioned there are ways to access the ID in different ways if needed,
i.e. you could allow NFC'ing the ID even if the phone battery is dead, so they
will probably have a way to access the ID without unlocking your phone
entirely.

Kind of like how you double-tap the power button to turn on the phone camera,
but you can't access the phone's photos without unlocking.

~~~
ElijahLynn
This is great to hear. Would suck to get a ticket for driving without a
license if your phone was dead.

------
groovybits
Completely off-topic: If you scroll down past the linked article and onto the
next article, the URL automatically changes (from _/ google-is-bringing-
electronic-ids-to-android_ to _/ cisco-open-sources-mindmeld-conversational-
ai-platform_).

I've never seen this type of behavior from a web page before.

~~~
SXX
If you curios how it's done check here:

[https://infinite-scroll.com/](https://infinite-scroll.com/)

~~~
groovybits
Interesting. I'm wondering what the benefit of infinite scrolling would be for
the site owner. Wouldn't an article site like this want the user to click as
many links within the site as possible to re-generate ads?

~~~
what_ever
I don't think ALL of the ads are generated when you load the original page.
The ads corresponding to the second article are loaded when the second article
loads.

------
newscracker
_> Google would likely launch this functionality with Pixel devices first and
then convince other Android makers to play ball. We’re easily a few years away
from people using their Android devices as IDs._

Any Android announcement that seems useful or valuable is always several years
away for most of the Android devices in use.

I read another article about “Project Mainline”, which is about getting
security fixes quicker to devices directly from Google. That one also had a
similar statement.

If Google spent a little less effort on tracking and advertising, and more on
making the platform secure and consistent across more devices, that’d be good
for everybody (since low priced phones are mostly Android, and are used by
people who cannot or do not want to spend a lot of money).

This [1] is an old talk by Christopher Soghoian that still rings true today
(with added privacy goofs by Google revealed in the meantime).

[1]:
[https://www.ted.com/talks/christopher_soghoian_your_smartpho...](https://www.ted.com/talks/christopher_soghoian_your_smartphone_is_a_civil_rights_issue)

------
jakeogh
Gov issued electronic identification should be treated the same as electronic
voting. It's a bad idea. Goes right to kill switches "internet id" etc.

------
pranau
I get that Google is very powerful and it lives off of our data and I get how
this may be construed as an attack on our privacy but the amount of
misinformation and conspiracy theories I am seeing on this thread is
appalling. First, Google is just implementing an electronic ID standard that
will work as a replacement for traditional paper ID cards. They are also
working on a mechanism to display the ID card even when the phone doesn't have
enough power to boot.

I don't get the concerns about it being mandatory because you can't expect
everyone to have the same set of IDs and besides it's just a convenience
feature like storing our membership cards or our emergency contact information
in a wallet.

There is justifiable concern over the privacy aspect as we don't know if the
IDs are stored locally on the device or if it's synced to the cloud. It will
be troubling if it's the latter but criticising Google about this even before
the feature has been finalized and released seems perplexing to me.

------
drbawb
Great, more tech that relies on hardware keystores that will refuse to work
after I unlock my bootloader and it blows an e-fuse.

------
harshitaneja
This sounds great at first. But I am really concerned about its impact on
subscription services and blocking. If economics of it plays right, the apps
would now have access to a confirmed unique ID for a device that would allow
them to lock support of the service to not only just the number of
devices(which is fine) but also the device itself. I am aware that apps can
currently use multiple sources to get unique IDs like MAC and others. But they
can be spoofed, this if it works would be secured from those concerns.

Maybe(most probably) I am completely wrong in this line of thought. But would
love to hear the thoughts of HN folks on this.

~~~
groovybits
> the apps would now have access to a confirmed unique ID for a device that
> would allow them to lock support of the service to not only just the number
> of devices(which is fine) but also the device itself.

I'm not sure I understand the concern. Could you give an example?

------
darkhorn
I think it will be something like this app
[https://play.google.com/store/apps/details?id=nl.innovalor.n...](https://play.google.com/store/apps/details?id=nl.innovalor.nfciddocshowcase)

------
mtgx
With features like these, I imagine secure Android devices with prompt
software patches will become even more important in the future (whether or not
the people using them realize).

------
TazeTSchnitzel
Meanwhile in Europe, my phone is already a secure electronic ID equivalent to
a government ID card, as a plain old Android app.

------
modzu
would be interesting to see what the counterfit measures are. could a kid with
photoshop buy beer with their phone? or would there have to be some kind of
corresponding tech on the POS to verify the ID? that sounds peachy.

------
user65238
Is there a way to opt out of this or should I buy an iPhone?

~~~
danmg
Most likely, it will be added as a per-app permission like everything else.
Like location and contact information, there will be apps that use dark
patterns which ask for this by default and just bank on enough people being
lazy enough to just click through when they install FlappyBirdsGo2020.

Google will shrug its shoulders and blame its users for not being responsible
and for 'bad actors' who were in no way enabled by the Goog's primary
objective of maximizing its stock price.

------
crooked-v
Cool. How long until they shut it down with one-month notice? If it was Apple
I'd feel reasonably confident that it would be around for at least a couple of
years, but even in the ID/payment space alone Google has kept rotating through
different "wallet" solutions multiple times.

