Comment by BobaFloutist
2 years ago
How hard is it to get access to a database to confirm that a scanned ID is valid, and corresponds to the name written on it?
2 years ago
How hard is it to get access to a database to confirm that a scanned ID is valid, and corresponds to the name written on it?
Easy if you're government (every random cop on a traffic stop must be able to do that after all) but really REALLY hard for private entities.
The exception is anything that is accepted by airports for international travel aka, for you Americans, only a passport - ICAO 9303 is very detailed on how you can access the data stored on them. The specs and a basic understanding on how to communicate with smartcards are decent enough to get you to a readout in maybe a weekend worth of work. The authentication is either via a code derived from the MRZ or a dedicated access code printed on the document.
Hopefully pretty hard.
Not a database you can trawl for your own uses, just something that if you scan an ID pops up validating(/rejecting) it and lists the associated name.
I guess you could abuse that to turn partial IDs into more realistic ones? But that feels like a stretch. I can't see it being that useful for much more than confirming that an ID isn't a fake, which seems hard to abuse.