alt Hacker NewsRequiring people to use products from one of two private American companies with a bad track record of locking people out of their accounts is more than “not great”. Some things are better not done if they can’t be done well.
Replies
There are no alternatives.
I mean you could use Huawei and others, but the FUD campaigns against chinese manufacturers was pretty agressive in the EU.
Yes but in the real world all smartphones are either Apple or Android. Europe has zero footprint in either software or hardware. It is not creating a requirement to use specific products, it is using the products people already have.
So one may argue that the implementers are only taking the pragmatic approach regarding something that is out of their hands.
Maybe that will force the companies to not be allowed to just lock you out of the account.
So what can be used as an attestation API? WHAT will make sure that when a phone says "you're paying 10 euro to $coffee_place" that it isn't a bitmap being shown over "you're paying 10.000 euro to $scammer", above the pay button. Note: needs to be a real guarantee that isn't a permission question away from going away.
Either governments can develop (and pay for) THAT technology, or they can use Apple/Google ...