Comment by pwlb
12 hours ago
This is necessary because the wallets contain an identity proofing functionality called PID(Person Identification Data). Showing these credentials basically approves you are you. There are high requirements for identity proofing that even pre-date wallets and that makes sense, because the potentially blast radius of identity theft is huge. Historically, these have been secured in smartcards, like eID cards or passports and are not shifting to the smartphone. Verifying the security posture of your device and app is therefore crucial.
OK, but Google will happily confirm android device running Oreo is safe.
While it's dramatically worse than devices Google refuses to certify (ie these not running their spyware as privileged services).
What do you mean "shifting to smartphone"? It's not a natural process - it's a technical decision to shift them to the smartphone, and a really bad one. We already have smart cards, they work and do not depend on any corporations, even less foreign corporations.
We even have smartcards with e-ink displays and I'd personally want them to succeed here instead of moving security-critical apps to smartphones..
Because Google then abuses its position to inject unremovable spyware with elevated privileges into the phone which the user then can't defent against without making the phone "unsecure" and thus unsuitable for these apps.
If these apps really need a smartphone, I'd at least want it to be free of ad-related garbage in the system. I'm fine with not being able to flash a custom ROM on the smartcard as it doesn't contain hostile software.
Now if even Apple starts showing ads, there's no other choice but to restist this..