Comment by voxic11
2 days ago
If that's the case what stops me from making a free public service that allows anyone to verify using my ID? Don't they have to log something to ensure that isn't happening?
2 days ago
If that's the case what stops me from making a free public service that allows anyone to verify using my ID? Don't they have to log something to ensure that isn't happening?
The ID is cryptographically bound to a hardware security device you provide. In the EU system that will initially be an iOS or Android smart phone with a secure enclave, with support for other security devices like YubiKeys or smart cards coming later.
Briefly, your government gives you a digital ID that is signed with a key that is stored in the hardware security device. To demonstrate some fact to a site, such as "My ID says I'm 18+" your phone and the site use a ZKP to show to the site that (1) you have an ID that confirms that fact, (2) the you have the hardware security device that the ID was issued for, and (3) the hardware security device is unlocked.
You can use your ID to verify for someone else, but because the verification has to use your phone and it has to be unlocked this will be mostly limited to people helping a friend in person get around an age limit.