Comment by webhamster
13 hours ago
German implementer here. We have to use some kind of attestation mechanism per the eIDAS implementing acts. That doesn't work without operating system support.
The initial limitation to Google/Android is not great, we know that, and we have support for other OSs on our list (like, e.g., GrapheneOS). It is simply a matter of where we focus our energy at the moment, not that we don't see the issues.
German citizen here. So why is an implementation going forward when you already know it will not serve all citizens? Why are we not refusing to implement this until we know we can make it work on all devices?
Personally I recently switched from an AOSP based android without Google Play to Ubuntu Touch. In the future with better hardware support I will probably switch to postmarketOS.
also German here, we have to get rid of the 100% perfection at launch expectation its crippling this country
Taxpayer money project being tied to a dependency on Apple google is 100% counter what that money should be used for.
You are copy pasting a “correct” argument against eu bureaucracy in the absolute wrong space
But things not in the launch can easily be deprioritized as budget issues indefinitely. “Oh why spend the money adding support for just a few people??” will be the line moving forward.
15 replies →
This is not about 100% perfection at launch, this is about civil equality. Launching without broad support for use cases creates a two-tier society.
Refusing to send all your private data to the US to benefit their megacorps, using the tax payers' money, is not "perfection". It is the only reasonable and legal choice.
A 10% goal would be a good first step. Now excuse me while I read some tea leaves to find out if my trains will be on time tomorrow ( spoiler: they wont).
1 reply →
> Why are we not refusing to implement this until we know we can make it work on all devices?
Simply put: this will never happen. Way too many devices implementations to make this a reality.
It's just a matter of creating a web app.
4 replies →
Do all German hospitals serve vegan food?
If you were averse to carrots (without any health restrictions on eating them), would every government institution in Germany be required to serve you carrot-free food?
If not, why should they be forced to accommodate every smartphone brand in existence, even if there's only 3 people in Germany using it? THe list has to end somewhere.
> Do all German hospitals serve vegan food?
Can't speak for Germany, but they do in the UK. It would be illegal discrimination against a belief for them not to.
9 replies →
Lots of hospitals don't even serve healthy food in any sense, so expecting a good coverage of dietary options is optimistic...
But to answer the question in a real way: Veganism is often regarded as just a dietary choice like any other, when in reality courts in several countries have more or less agreed to classify it as a matter of conscience, which would give adherents some right to it. Though it seems German courts have been reluctant to draw much legal consequence from it - so far at least.
So in that sense, I don't think people have been talking about digital sovereignty and abstaining from proprietary software under another country's jurisdiction much as a matter of conscience yet. We can thank Trump that it might actually become a thing though.
You are forgetting that by not allowing more open platforms they effectively force you to accept Apple/Google EULA's essentially forcing you to give your private data to Google/Apple.
The ones I’m aware of do, yes
They do.
While the example your provide is reasonable fair, the comparison is not.
For it to be fair comparison, the carrots would have to be grown by a foreign company, known for using unsafe growing practices, causing contamination. Eg, poison carrots. This same company would have to be under the control of a very hostile, very actively aggressive and threatening nation.
Such as one currently threatening to annex allies, among other things.
With the US literally tapping and spying on heads of foreign states:
https://en.wikipedia.org/wiki/German_Parliamentary_Committee...
and there being lots of ways to spy, such as push notifications:
https://www.reuters.com/technology/cybersecurity/governments...
Only insane people would objectively decide to use Google or Apple anything for any form of ID. Those platforms should literally be outlawed. Any use of push notifications or identity attention should be looked at as utter fantasy.
Here's a secret for you. There really isn't any urgent requirement to have an electronic identification method. It can wait. Supporting legislation can be passed first. There are lots of ways to do so.
For example, the entire EU could pass legislation stating that all cell phones have open source code available, including all binary blobs for drivers. And that all phones are unlockable, and that (for example) the phone has a version of the rom you can download without any Google services.
(If Apple isn't able to compete here, well... too bad)
The phones would not be legal to sell, unless the open source firmware was compiled in front of regulators. The point of this is another pet-peeve of mine, it would allow people to support their own phones, for that source code would be released the day that phone was no longer supported.
And yes, it's trivial to have open source firmware blobs. There just isn't a market for it. Pass a law, and sellers of SoC and other ICs will capitulate, or maybe more punitive laws will be passed against them. As someone once said, yes companies can have a lot of sway.
But governments have police, courts, and armies.
Right now, Android and Apple devices are a literal arm of the US government's spying apparatus, even if those two companies actively work against it.
Do not trust Google Play. Do not trust Firebase. Do not trust Google. At all.
Are Germans just too trusting? I remember 15 years ago, when nuclear power plants were closing, concerns were raised about the reliance on Russian natural gas. These were waved away. Russia? What's wrong with Russia! They're almost allies, they're capitalists now!
Don't do this again.
Do NOT trust Google. Don't. Don't make it a core part of any identity management.
Imagine, needing an active Google account to even bank! Or to file your taxes, or even to prove who you are!? Google cancels accounts with no recourse, no reason why, won't help anyone, and this is to be the core of identity management for Germany?
The average person won't even be able to install any German Government designed apps, unless they are on the Play store! Are you going to teach Grandma how to use ADB to install an app? Without an active Google Account, will you even be able to use push notifications?
Why would a government even allow ID to be blocked by the requirement that a company with terrible, horrible, inane customer service, which just kills accounts without recourse, be a gatekeeper?
No Google account, no ID! Wha!?
It's literally not sane.
3 replies →
> it will not serve all citizens
This is an understatement. Better phrasing would be "when it allows two unaccountable foreign companies to lock citizens out of the digital market".
There are plenty of horror stories of tech giants frivolously banning people. We shouldn't be adding state support to that. I don't want to lose access to digital banking because of some deliberately vague "community guidelines" violation, or because I got mass-reported to some "e-safety" provider that both Apple and Google outsource to.
Sibling comments see this as a good solution, just not a perfect one. I see it as making a bad problem worse.
because then it will never get done. There are still people using old Nokia phones, for those there will never be a solution.
The usual 80/20 rule applies here as well.
And if you really are a German citizen, you know how slow the wheels of government already turn in Germany, I assume next week you would be the one complaining that "Germany is so far behind" and that "other countries are so much faster at implementing stuff" :)
We are not talking about old Nokia phones, but perfectly modern phones like those with GrapheneOS, that can be run on cutting-edge hardware, with a secure enclave, does not use Google Play Services by default, and has a high probability of being more secure than iPhone or any Android phone.
It is exactly the kind of alternative that European countries should embrace to become less dependent on US tech.
I am not sure if you are European, but why people are still supporting the GMS Android/iOS duopoly after the US revoked the Google accounts, Office 365 accounts, credit cards, Amazon accounts, etc. of ICC judges is beyond me. Supporting only iOS/Google GMS Android in a government app basically gives the US all the means to blackmail you and/or disrupt your digital infrastructure.
It seems there are still people working for European governments (including developers) who seem to have missed 2025 and the first few months 2026?
We are repeating the same mistakes as depending on Russian oil/gas again.
Nah, I'm that one idiot who uses alternative open software and just accepts when services aren't offered to me. The older I get, the easier it feels to not give a fuck anymore.
Can't buy any single fare public transport tickets online here in Stuttgart? Sure, I'll use the DeutschlandTicket NFC card. Can't view the EPA? Fine then I don't. Can't pay with Wero? Fine, I don't actually need to use shops that don't offer SEPA Vorkasse or Lastschrift (only without a dodgy "identity verification" fintech startup of course.
Then maybe it shouldn't be done? What??
Yeah, let's burn the witches who care about privacy! Jokes aside, in a democracy, the systems must be designed so that everyone can participate. We manage to do it with voting, with income tax declaration, but for some strange reason, with ID we want to achieve 1984 nirvana, and crush the voices who tell us that the surveilance society we are building is just setting us up for the next Hitler.
> There are still people using old Nokia phones
No one wants support for toasters and washing machines. We're talking general purpose compute hardware. TCP is also supported on all these devices. Quite frankly, it's probably easier to implement, if you are not fighting a locked-down OS like iOS.
Do we have stats how many germans use something else than Google Android, Samsung Knox or Apple? I recon it should be less than 1% which quite honestly is in fact „all“ citizens.
Sure, let's just arbitrarily exclude ~1million people because they're not running the government's preferred American spyware.
13 replies →
There's a big difference between having to run a particular company's OS and being forced to share private data (whether that's merely your DNS requests or your ID documents and full financial history). with said organization.
In fact „all“ citizens who are willing to be surveilled by Google and Apple, unless German government provides each citizen with similar eID hardware there won't be any digital equality any time soon. Maybe they should pay to some subsidiary company of IBM (like RedHat) to do this, they already have such a good track record of storing nationality on their machines /s
https://en.wikipedia.org/wiki/Dehomag#Holocaust
You have the totally wrong expectations here. Some service that requires citizens to buy and bring their own devices in order to use a service will by definition always be exclusive. Whining about lacking compatibility with some niche sbowflake devices is just inappropriate in this context. The only solutiin is to require an actually convenient fallback for those otherwise excluded from that service.
The limited selection of attestation providers can be criticized for many other reasons, though.
Your disdain isn't helpinh you here either as you're just as wrong as parent.
Such public utilities ought to always prioritize privacy, platform-independence, and empowering market competion long- and short-term. And to achieve that you need to start at the design level.
In this case, clearly, you either have to avoid relying on app attestation or lay the foundation for an unrestricted number of independent chain of trust frameworks.
The latter, of course, is a policy-level issue, but the ones responsible for the design and development are the ones who need to pass such concerns up the chain.
2 replies →
Because you can’t please all of the people. And before someone likens it to the ADA. Even with accommodations you have to make, car makers aren’t for instance required to make cars that blind people can drive.
You chose to use a non mainstream platform. Thats on you.
You should think about how easy it is to permanently lose access to your Google account for very trivial issues and Google doesn't offer any form of recovery. That in addition to the current geopolitical situation should be reason enough not to rely on that for any justification.
And personally as a software developer myself i know that nothing is more permanent than a temporary solution. No one will prioritize or give budget to change it later "because it works"
What? They should freaking think of sanctions, not about "how easy is to lose Google account". Both Google and Apple are American companies. If someone lands on a sanctions list, they close your account without further notice [1].
Let me get this straight: you can be a defender of human rights, aligned with the country you live in, but if you fall in disgrace with the American government, _you can't even do transactions with your own country_.
So this is fundamentally flawed, and violates the fundamental rights of German citizens in Germany.
[1] https://www.lbc.co.uk/article/british-icc-chief-prosecutor-l...
His wife and kids are sanctioned too. Sometimes it isn't even anything you did.
Sanctions are a bonus point argument, but shouldn't be a factor either. No citizen should be subjected to this, whether the company running it is American or German. Can you imagine if the Nazis had this level of control in the 1930s? Imagine having your ID digitally revoked, effectively cutting you out of society completely, without so much as an attic to hide in before it can happen. This is a completely dystopian legislation from start to finish. There is no possible way this can ever provide a benefit to the German people, it exists only to control them.
Can't you just make a new google account then?
That's crazy.
Imagine cheering for the company that will block the criminal prosecutors investigating war crimes and genocide from having the ID at all(1) once the supporter of the investigated sanctions the law-abiding persons: https://www.whitehouse.gov/presidential-actions/2025/02/impo...
But anyway - why the requirement in the first place?
(1) because sanctioned person must not be allowed to create another account.
1 reply →
....with a new phone number....
German citizen here. I find this attitude horrible and threatening. You are working on sacrificing yet another part of our digital sovereignty to a US company. There are trillions of better things to do with your life.
European Citizen here, and indeed lots of people in IT turn a blind eye onto the collateral damage their work may create.
I know someone who happily codes "verifiable credentials" in Elixir, disregarding all externalities.
What's wrong with verifiable credentials? It's an important thing to have it seems? Your passport or a bank card are verifiable credentials, or at least are designed to be.
1 reply →
In light of all of these shortcomings with platform attestation, why go with the eIDAS 2 wallet approach at all? eIDAS 1 already solved this with Mobile-ID (SIM-based, no Google/Apple dependency) and Smart-ID (server-side key management with minimal platform reliance). What does the wallet model give you that justifies this level of dependency on two American corporations’ proprietary backends?
Especially considering that mobile-ID has been around since 2007.
SIM-based solutions are on their way out because phones are starting to lose SIM slots. Certifying eSIM implementations to the same EAL level (as Mobile-ID SIMs are) is way way too difficult. At least for one country doing it alone.
Smart-ID sucks. It's not truly hardware-backed, it's proprietary and has fundamental flaws like not having a direct link between the site being authenticated to and the authenticating device (auth can be proxied, just like if it were just plain TOTP).
Agree on Smart-ID but the answer is to fix those flaws, not to replace the entire approach with one that depends on Google Play Integrity verdicts that even the German architects admit they can’t fully trust.
SIM-based solutions on their way out is a non-issue. For eSIM to support that use case, political will only is needed: the EU got Apple to abandon the lightning cable, this is not any different.
1 reply →
EIDAS 2 motivation is implicitly that eID failed in eIDAS 1. It simply either didn't take off or didn't work at all
I’m sorry to lash out at you but I keep getting disappointed in European countries (more precisely the ever disappointing EU commission) all suffering of the NIH syndrome instead of collaborating and learning from each other
There is mothing to be gained politically by doing this. You think you look good if you say “hey, the Poles had this really good idea, how about we do the same”?
Plus, the process is something like:
- we want to do $something
- hire consultants to help us define $something and produce a document
- hire other consultants to write the specs for the project
- launch an RFP
- select a winner
- wait for the implementation to finish
All the proposed solutions will be something paid, ideally made by a really large company to lend it credibility, and with maintenance costs that justify hiring dedicated people for it.
In the end no one gets what they want.
You think if there was any will wouldn’t the whole EU use whatever the Estonians are doing very well?
2 replies →
Isn't the eIDAS 2 wallet approach a legal requirement of eIDAS 2 (which is an EU regulation, i.e. the law).
It is, mandated by the EU commission.
Instead they could have mandated the use of eIDAS 1 to all countries + extend it with attribute/credential support, and let countries choose their implementation (cards, SIM, server-side).
Instead we’re back to the drawing board with the big shortcomings highlighted in this thread.
1 reply →
Tbh, I feel this is stupid.
Banks are giving out QR Tan. Optical TAN devices which work with credit cards and it has been going pretty well. Why can eiDAS not have something similar. Distribute hardware tokens. Get rid of dependency on any OS.
Banks actually have high fraud rates today because of weak security mechanisms. If attackers steal your money, the bank will reimburse you. If attackers steal your identity, you are really screwed. Security requirements for banking and identity are simply different.
Mobile Google account based is even weaker than hardware tokens used by banks. Make of that what you will.
Please give some evidence that this is due to hardware tokens failing where a smartphone based solution would have prevented it
If they use SSN as a password, it doesn't mean you can't have something slightly more reasonable without going full cyberpunk dystopia.
Plenty of EU countries have rolled out SmartCards for this exact purpose, some are now adding NFC functionality. Nothing really stops Germany from continuing like that either.
The issue then becomes the UI/UX. If the legal mandate is not strong enough the solution will not gain enough ground. You can see this if you start comparing those countries with an eID rolled out.
The German ID card (Personalausweis) supports certificates and communication via NFC. I really don’t understand what’s all this about?
I'm pretty sure electronic IDs are a good starting point for exactly this. Hopefully they get wider use inside the EU.
why do you hope that?
Just a quick question, and sorry if it might have been answered already... why preventing duplication is so important? I know it’s in the spec probably [1], but I can’t figure out the reason.
And a suggestion: add external HSM support at least? (e.g. things like NitroKey/YubiKey)
[1]: https://eudi.dev/latest/architecture-and-reference-framework... I suppose?
Preventing credential duplication is a requirement to achieve high level of assurance. One of its purpose is to limit the potential damage that can be done by attacks. If credentials are bound to hardware-bound keys, attackers will always need access to this key store to make any miss-use. If you don't prevent duplication, attackers may extract credentials and miss-use them at a 1000 places simultaneously.
Okay, but Google certifies phones which are not updates for the last several years.
They can be trivially rooted, then they spoof the signature and get a pass in Integrity while being wide open for malware (or cooying the ID, ID presume).
1 reply →
I’ve just had another, completely stupid but not implausible, idea:
> a local internal WSCD, which is a component within the User device, such as a SIM, e-SIM, or embedded Secure Element,
So you could issue SIM-cards / eSIM profiles that only do signatures and nothing else. The app then connects to such eSIM (and you keep your main SIM/eSIM in another slot).
The less stupid variant is, of course, to get mobile operators to issue SIM cards with e-sign capabilities. Estonia has that, for example: https://www.id.ee/en/mobile-id/
> The less stupid variant is, of course, to get mobile operators to issue SIM cards with e-sign capabilities. Estonia has that, for example: https://www.id.ee/en/mobile-id/
It works great. Just keep in mind that newer phones are starting to deprecate physical SIM slots. At the same time certifying eSIM implementations to the same EAL level is an absolutely crazy task.
> The initial limitation to Google/Android is not great, we know that, and we have support for other OSs on our list (like, e.g., GrapheneOS).
GrapheneOS uses standard Android APIs for hardware attestation (as opposed to Google-specific ones), so why don't you just use those from the get-go?
You must go back to the drawing board and rely on highly-regulated Telecom standards (that's why they were mandated in the first place!) not monopolistic defacto "best practices" you have no influence over because they're more convenient for you.
This is simply unconstitutional and should be escalated ASAP if you don't want to end it before the appropriate court in Leipzig, Karlsruhe, or maybe Luxembourg.
Why is a trusted device chain needed? It will put more trust in the potential Chinese device maker and American software companies than the user who's id is shown?
Simply because the law was written that way. But also the whole idea of identity verification becomes pretty useless, if there is no chain of trust. You could run a modified client that lets you assume any identity you choose, exactly the opposite of what eIDAS is trying to achieve.
> You could run a modified client that lets you assume any identity you choose
Provided you know the secret key to a government-issued certificate. Making it impossible to copy said certificate is not really a requirement for identity verification.
1 reply →
But you can run modified client already.
Rooted, wildly insecure devices can pass the attestation easily: https://magisk.dev/modules/play-integrity-fix-inject/
Safe, updated devices cannot unless they permit Google to run their surveillance services in the privileged, unconstrained mode.
1 reply →
Who wrote that law and why, this is the question.
I think we need some fingerpointing that EU officials strive to avoid.
It will likely display something like a QR Code with signature anyways, otherwise it's just a glorified passport picture?
Authorities/anyone could verify that it's not counterfeit. And photo should be checked anyways to match the person.
So I also don't see the need for attestation. For ID check it should be ok without. For signing stuff ofc it is not resistant to copying. But EID smartcard function already exists.
This is necessary because the wallets contain an identity proofing functionality called PID(Person Identification Data). Showing these credentials basically approves you are you. There are high requirements for identity proofing that even pre-date wallets and that makes sense, because the potentially blast radius of identity theft is huge. Historically, these have been secured in smartcards, like eID cards or passports and are not shifting to the smartphone. Verifying the security posture of your device and app is therefore crucial.
OK, but Google will happily confirm android device running Oreo is safe.
While it's dramatically worse than devices Google refuses to certify (ie these not running their spyware as privileged services).
What do you mean "shifting to smartphone"? It's not a natural process - it's a technical decision to shift them to the smartphone, and a really bad one. We already have smart cards, they work and do not depend on any corporations, even less foreign corporations.
1 reply →
Why not do it right from the beginning?
https://grapheneos.org/articles/attestation-compatibility-gu...
They don't really want to.
Side question. How come it is always the most incompetent people who get put in charge of implementing things like that. Over and over apps and services are developed in Germany and completely fail at what they are supposed to achieve. Where are these people recruited from?
[dead]
> The initial limitation to Google/Android is not great
It’s also illegal on both accessibility grounds as well as violating the eIDAS spirit of no dependency on specific providers.
By shrugging it off as “not great”, you’re also dooming every citizen to have to comply with whatever whimsical terms of service Google and Apple have.
Have you ever tried to unban your Apple/Google account? So in effect, everyone’s access to eID services will depend on some crappy automation some intern in California setup to detect “abuse” or whatever.
There are technical solutions to avoid this dependency and you’re probably getting paid to find, research and adopt them. So … do your job?
Thank you for chiming in.
> We have to use some kind of attestation mechanism per the eIDAS implementing acts.
What does this attestation need to prove? Is this only about ensuring that private keys are managed by a secure enclave or a TPM?
> we have support for other OSs on our list (like, e.g., GrapheneOS)
I appreciate that, even though I am really not enthusiastic of eIDAS. But time will tell. Thank you.
They won't implement alternatives later, they'll be no point if "most of out customers is using either of the major providers".
Concerning secure enclave - what other device except iphones and Pixels have it actually safe?
> They won't implement alternatives later, they'll be no point if "most of out customers is using either of the major providers".
It's hard for me to assess the effort needed here, but I guess that the GrapheneOS implementation will be 99% like the regular Android implementation. Supporting both systems does not seem to be that unrealistic.
The nfc chips in identity documents
What happens if someone is banned from both companies (even for a very legitimate reason such as hosting illegal content -- they still need to access government services)?
What about people hosting content that is illegal in the US but not Germany (not sure what that may be now, but with the direction the US is taking maybe in a couple years even the fat Vance meme could become some kind of illegal subversive content). Anger the big daddy and your identitiy is gone.
Will eIDAS be the only way to identify yourself in cases where it's needed, or will we be able to user other mechanisms like the german ID card stuff or an entirely separate alternative?
Or to put it another way, is a smartphone required? If not, that would already clear up a lot of issues, I think.
EDIT: Whoops, just saw the answer to another comment asking precisely this. So it's not a requirement. Good. Is there a legal framework that ensures that this remains the case? Otherwise, I fear it will become a de facto requirement over time.
One datapoint: at least in practice, it used to be impossible to delete an entry in the French INPI database (trademarks and company names) without eIDAS. It forced me to unearth an old unmodified Android phone (I run LineageOS on my main phone).
If you read French:
* https://www.plus.transformation.gouv.fr/experiences/4531155_...
* https://linuxfr.org/users/jch-2/journaux/l-identite-numeriqu...
Oof, that's disappointing to hear. Thanks though, that's actually quite interesting.
I'm also thinking of keeping an android phone purely for auth purposes, separate from my main one. The world's most overengineered (and probably also less safe) Yubikey.
> If you read French
Let's see how far my five years of French at school will get me. I'm not getting my hopes up ;)
Also if you are legally required to be able to use some backup mechanism, it can become the de facto requirement
> The initial limitation to Google/Android [...] is simply a matter of where we focus our energy at the moment
Nice... so the rush is to delegate power to the large American platform?
that‘s not correct. Article 5 eIDAS2 explicitly states, that europeans exercise full control over their data. Therefore EUDI wallet must not be a walled garden. Especially if the wallet shall be used for authenticating and signing, it must be available to all europeans, even those sanctioned by the US.
If this is your plan, please go back to the drawing board.
I don't get it. Are mechanisms in our ID cards not strong enough so that we have to rely on the security of the operating system?
It's insane to make yourselves US dependent from the very beginning, at least provide something like a crypto-key that you can get from an official, banks can do it, so can you.
I know it’s not quite the same thing as an OS vendor, but culturally, if you’re having trouble empathizing with the ick in this thread then imagine if the initial implementation was available only for account holders with Facebook, Yahoo! Mail, or MySpace.
There's a new initiative by some non-google non-apple phone vendors called *UnifiedAttestation* which I hope you will support at some point in the future:
https://www.heise.de/en/news/Paying-without-Google-New-conso...
glad that the "move fast break things" mentality has finally arrived to Germany, just didn't expect the public sector to be the first to implement it
Is this implementation related to the AusweissApp I've seen mentioned before (that reads the cert via NFC from a physical card) or another implementation?
German citizen as well.
So with a Jolla phone and Linux laptop, I am left in the cold.
Humiliating disregard for sovereignty.
Have you considered Unified Attestation [1] which is an alternative to Google's?
[1] https://uattest.net/
> and we have support for other OSs on our list (like, e.g., GrapheneOS)
Excellent. Massive respect to you for doing this. This attestation business is an existential threat to "other" operating systems. I'm glad to see people are putting effort into supporting them.
Shouldn't the energy instead be focused on creating a standardized eIDAS driver API that OS vendors are required to implement?
This is simply unacceptable. You are not making an innocent pragmatic compromise here, you are launching digital infrastructure which initially will tie everyone to Google/Apple and give alternatives a huge disadvantage for an unknown amount of time. Nobody knows when, or even if ever, support for open platforms will arrive.
You should be ashamed of being involved in this monopoly handover to American big tech.
I bet £50 that the alternative (eg GrapheneOS attestation (based on the standard AOSP attestation)) will be delayed, then delayed, then scrapped since almost everyone is using Google Plag integrity anyway.
Yes, I assume malicious intent, sorry, seen this happen enough tines recently.
Fingers crossed for the judiciary - if the implementers ignore the intention of the law, then lawyers will have to help them understand the limits of corner cutting - and block this.
Why the need for a Cloud HSM?
Another German citizen here. I think what you're doing is illegal and will be blocked by German courts.
It's funny because this is also the exact German response for when your neighbour has an unsanctioned BBQ.
> That doesn't work without operating system support
Do you realize where this path is going?
Certain European governments would have greatly benefited from KYC/attestation in the late 1930s had it existed.
Yup. But apparently the EU is refusing to take lessons from history.
Germany is just part of EU - as many other people pointed out, there is no requirement from the EU to implement it this way. Same as California or New York making extremely Draconian laws around 3D printing doesn't represent all of US.
Perhaps look at the Spanish Cl@ve, it works with Linux. It's just a simple digital certificate that allows you to identify yourself.
You can even run it on OpenBSD or TempleOS if you want to.
I think it should be possible IMHO, like it is for many banks (still), to get a hardware token and then use whatever hardware/browser. Even a nice EU hardware token which allows banks , govs etc to add their keys/seeds in the enclave would be nicer so I don't have the lug 1000 tokens around, but it's still better than having to trust non sovereign companies for anything without backup; like multiple here said; Google/Apple getting the command from the Dep of War to shut down EU phone attestation, you losing your account etc, or, you know, me simply not wanting to use their stuff.
The hardware tokens ate being phased out by banks and replaced with SMS OTP codes + passwords.
Cost saving measures.
Its funny to see that I can access the bank account through FaceID but to actually make a payment I need to use an SMS code.
Google has banned many accounts of genuine users.
What is your fallback for such an important vital service?
To play the devil’s advocate here: MEETS_STRONG_INTEGRITY on Android doesn’t require a Google account AFAIK. But it might change, of course.
Edit: but as pointed out elsewhere in the thread, Play Integrity is not the only way to do hardware attestation on Android. GrapheneOS devs have a guide: https://grapheneos.org/articles/attestation-compatibility-gu...
So avoiding proprietary Google stuff altogether is possible and we should encourage it.
> We have to use some kind of attestation mechanism per the eIDAS implementing acts.
Sounds like these "eIDAS implementing acts" are the problem, and were influenced by ulterior motives.
Why not just use U2F or certificates on crypto-tokens?
Note that for eIDAS 1, a Czechia e-identity provider uses U2F tokens.
This is on the stupid side of lazy (again). You'll still be sovereign only at the pleasure of Apple and Google if you submit to their platform as a service crap.
What if I don’t have a smartphone?
No one is required to use EUDI: https://ec.europa.eu/digital-building-blocks/sites/spaces/EU...
Companies and providers (like banks) have to support it, but use is voluntary.
Check out the spec and legal framework, it actually makes sense and is open to different implementations, though you might need to certify it.
You are not required to accept anything other than digital ids. So from experience, whatever demands euid has will be what is required to identify you.
If they have to support something that most everybody has they will soon stop supporting alternatives that are not required by law. What then?
My prediction is that eventually services for people NOT using the digital ID will be so degraded to be almost useless or seriously disadvantageous.
Kinda like the discrimination DB does for people using paper tickets vs those using the DB Navigator app.
I wonder if there will be a big enough market for a very compact smartphone equivalent device that can be used just for credentials? A device that is offline on standby except when you need it. Perhaps the size of a car key.
If it can go online, I'd prefer to use an android work (or user) profile with only auth apps in it, and nothing else.
As a separate device, it should be offline always IMO, and perhaps the size of a passkey. Or one of those banking devices with a display that show an authenticated text saying what you are confirming.
What if it was the size of a credit card and it had stuff like your name, date of birth and even a picture of your face. I want to name this invention an ID card…
1 reply →
You're screwed. This has been the way for a while now. You cannot exist in society without a smart phone and it's only going to get worse.
Essential services (banks, government services, public transport) generally still support SMS as an alternative to their mobile apps when there's no completely offline process.
If you can't exist in society without a smart phone already, how is it going to get worse?
1 reply →
...without a smartphone that is surveilling you 24/7.
Private smartphones are excluded already.
Congrats, this is the stupidest thing I’ve been reading all day. And that includes the orange man’s post.
“Not Great” is the understatement of the century. It fails to protect sovereign identity by handing the default to companies not only under foreign sanctions control but who also lock people from their accounts without recourse.
The device chain is a classic misdirection, it seems everyone here is just following Meta’s lobbying to put this into the OS.
Even the carrier layer would be better than the mobile device layer.
Or, you know, just look at Singapore’s or Swiss National SSO - it functions on an app that layer just fine, no issues
See https://github.com/eu-digital-identity-wallet/eudi-app-andro...
> We have to use some kind of attestation mechanism per the eIDAS implementing acts.
Translates to:
"We have to make sure citized accessing the public service have not control over the device per the eIDAS implementing acts"
so I have to buy a Yubikey hardware thingie to keep my Google account just to use eIDAS??
For those that do not know, that is the only way to get the Google account back is to use a hardware 2FA in the first place....
AND yubikeys are $60 per yubikey...and generally you want 2 including a backup
[dead]
[dead]
Sich bei staatlichen Dienstleistungen auf Google oder Apple zu verlassen, kommt schon fast einem Verrat gleich. Trump hasst uns.