Well the entity is the government. You know, the guys who create your ID in the first place. It’s not perfect but it’s the best one I could conceive.
In this arena, more regulation is needed. Anonymous age verification is a good idea, but I question the actual anonymity. It usually depends on trust of some entity. And I just can’t fathom an entity that can really be trusted.
CosmoNova@lemmy.world 1 week ago
Modern_medicine_isnt@lemmy.world 1 week ago
You can trust them to create the ID because it benefits them. But to guard you anonymity… that actually hurts them. So you can be sure they won’t.
CosmoNova@lemmy.world 1 week ago
Foreign corporations are much more aggressive about harvesting data than the German government so you should think twice about using their products in the first place. Most of the time the German government is under fire for privacy concerns it’s because they trusted products from Microsoft or Huawei and the like.
Modern_medicine_isnt@lemmy.world 1 week ago
My bad, I had the german government mixed up with probably the brits who are constantly saying they need to be able to read everyone’s messages. That said. It’s hard to know what the intelligence arm of a government is really doing. So if they give themselves a backdoor, it’s hard to ensure only they come in. And the government is always only one election away from dramatic policy changes.
mnemonicmonkeys@sh.itjust.works 1 week ago
This. ID and anonymity are antithetical
fatalicus@lemmy.world 1 week ago
If all the ID consists of, then no it’s not.
As long as the part asking for ID trusts the part verifying the ID, there is no need for anonymity to be broken, since the verifier just has to confirm what the asking part needs to know.
Think of it like someone owns a bar and needs to know if a patron is old enough to drink, and the bar owners brother or best friend says “I know that guy, he is old enough”.
prole@sh.itjust.works 1 week ago
Not necessarily. As another user noted, zero-knowledge proofs might be able to be used to anonymously age-verify people, if done correctly.
Anivia@feddit.org 1 week ago
It uses the government ID, which has a built in NFC chip. You can use a phone in combination with your ID and it’s pin to verify your age online. The ID scanner app will tell you which parameters the website requests from your ID, and its possible to only request the birthdate.
I don’t like the system, but it is truly anonymous
Modern_medicine_isnt@lemmy.world 1 week ago
Sounds like it is only anonymous if you fully trust the app. That app has all your information, and the site you are trying to access. And I bet it is completely closed source. It also likely has logs about what sires it is giving information to. Not who’s info in that log. But elsewhere it probably has logs on who’s id it verified. Get access to both, and software can start to crunch the numbers and figure out who went where. That if course is assuming they don’t decide in the future that it is worth just keeping that data together in one spot. There is just no entity that could manage that app which wouldn’t have a motive to use the data and power it has.
Anivia@feddit.org 1 week ago
No, the app is completely open source and has reproducible builds
Modern_medicine_isnt@lemmy.world 1 week ago
Now you are starting to sound like you know what your talking about. But I’m not convinced yet. So when the app sends just the requested data to the site, how does the site verify that the data is legit. A person could fork the app and hack it. I am sure they thought of this, I just don’t know what thier solution is. And I can’t read german.
Modern_medicine_isnt@lemmy.world 1 week ago
I looked deeper are read up. Everything I can find says the age verification function is not anonymous. There is an anonymous login function, but that doesn’t seem to include age verification.