Comment by Edmond
1 year ago
The QR code is just a convenience feature. If you look at the sticker you see a short alpha numeric code, that's what's on the QR Code.
You can type that alpha numeric code into the Certisfy app to verify the sticker: https://certisfy.com/app/
You'll probably never use a social security certificate directly, it will be used as a IRL "identity anchor" certificate as described here: https://cipheredtrust.com/doc/#pki-id-anchoring
Yes a fraudster will happily take a stolen card but it will be of no use to them if they try to use it via Stripe for instance to post a charge but Stripe requires a cryptographic signature for a certificate for the card :)
So sure the card processor has to require the signatures to make it effective. In other words the secrecy of the card number becomes irrelevant if it requires a certificate signature before it can be used, only the owner of the card has the private key on their device to generate the signature. Secrecy is still useful for privacy.
Thanks for the explanation, still for my own sanity I hope this is not the digital future.
Also still doesn't address that if a minor needs an age proof for xyz.com they couldn't use mine. Whereas at least a photo ID in the real world would require some similar looks.