Content
@
0 reply
0 recast
0 reaction
Dan Romero
@dwr.eth
How do the apps that scan the NFC chip in a passport to ZK proof prevent fraud?
5 replies
2 recasts
22 reactions
Daniel Fernandes
@dfern.eth
There are two methods for ePassports: (1) Chip Auth (weak, similar to TLS in that it's not a transparent proof of authenticity to a 3rd party, it just establishes a secure connection between the reading terminal and the passport, but I imagine you could do Opacity/TLSNotary style magic on this and make it work) and (2) Active Authentication which is full private key signing. As I understand it, US Passports have neither making it entirely useless for this purpose. >The US first issued biometric chip passports in 2006, and (as far as I know) have not updated the chips since. Therefore, the US passport doesn't support these features as they were standardized after 2006. [3] See (1): https://www.inverid.com/blog/cloning-detection-identity-documents (2): https://www.inverid.com/blog/cloning-detection-epassports (3): https://www.reddit.com/r/Passports/comments/1efilsv/comment/lflp4w7/
1 reply
0 recast
3 reactions
Daniel Fernandes
@dfern.eth
There's actually a better solution here, which @pjol & @pgo have worked on which is to use CA's Digital License Wallet to sign verifiable credentials. This actually creates a KYC'd wallet (IIRC using facial liveness detection / background check questions) that is then protected by TouchID/FaceID, so it solves the 'what if your passport gets stolen' problem. Of course, it's just California now, but other states may follow in the same footsteps.
1 reply
0 recast
0 reaction
Paul O’Leary
@pgo
Hey @dfern.eth thanks for the nice call out. We do have a working prototype that we would be happy to share and discuss. Also generalizable to mDL’s from other jurisdictions. 🔥
0 reply
0 recast
1 reaction
