Comment by ghighi7878
13 hours ago
Tbh, I feel this is stupid.
Banks are giving out QR Tan. Optical TAN devices which work with credit cards and it has been going pretty well. Why can eiDAS not have something similar. Distribute hardware tokens. Get rid of dependency on any OS.
Banks actually have high fraud rates today because of weak security mechanisms. If attackers steal your money, the bank will reimburse you. If attackers steal your identity, you are really screwed. Security requirements for banking and identity are simply different.
Mobile Google account based is even weaker than hardware tokens used by banks. Make of that what you will.
Please give some evidence that this is due to hardware tokens failing where a smartphone based solution would have prevented it
If they use SSN as a password, it doesn't mean you can't have something slightly more reasonable without going full cyberpunk dystopia.
The German ID card (Personalausweis) supports certificates and communication via NFC. I really don’t understand what’s all this about?
Plenty of EU countries have rolled out SmartCards for this exact purpose, some are now adding NFC functionality. Nothing really stops Germany from continuing like that either.
The issue then becomes the UI/UX. If the legal mandate is not strong enough the solution will not gain enough ground. You can see this if you start comparing those countries with an eID rolled out.
I'm pretty sure electronic IDs are a good starting point for exactly this. Hopefully they get wider use inside the EU.
why do you hope that?