alt Hacker NewsThe implementation is sound. Instead of getting an ID, the bouncer gets a serial number from you, he calls his government contact who tells him you are of age. The serial number is meaningless to him.
This would be impractical in meatspace, but works perfectly fine on the internet.
Replies
debugnik • yesterday at 5:10 PM
Where in your metaphor are the club next door using Persona instead of that implementation, and the EU's reference implementation requiring a Google Play integrity check to acquire a serial number in the first place?
fluoridation • yesterday at 4:08 PM
You're proposing that every porn site on the planet pings a user's government's API to see if they're adult or not? In other words, that any random site is able to contact hundreds of APIs.
➕ show 1 reply
Instead of checking your ID, the bouncer sends you over to the shady broker, who takes a video of your face, photograph of your ID, checks you in the various databases (who knows, maybe you've been a bad boy previously), and only then gives you the permission slip to enter the club.
The data stays with them[1].
I think you grossly underplay the current practices.
[1] there's no hard, irrefutable proof companies like Persona (intimately connected with known law abusers, ie US government) keep their promises or obey the law.