How do the apps that scan the NFC chip in a passport to ZK proof prevent fraud?

Identity and math

Co-founder at @icebreaker

icbk.me/web3pm.fc

@dwr.eth 

https://withpersona.com/blog/nfc-e-passport-verification-guide
https://docs.rarimo.com/zk-passport/biometric-passports-101/

NFC chips have a token ID (in addition to an optionally incrementing nonce) that can be used as a unique identifier

Within the context of a single app, you can create a zk scheme where you can detect duplicates of the same passport being used for multiple proofs, without revealing the ID.

This is harder to pull off across multiple apps however while preserving zero-knowledge without coordinating ahead of time to use a consistent way of detecting duplicates

Also note that with persona, they force you to also take a picture because they are comparing the NFC scan itself against the physical passport.

I haven't dived into how you guarantee authenticity just from the NFC scan itself- not sure there is a way to validate an authentic NFC scan if you do not trust the user without querying a third party (e.g., issuer) for verification that a particular tap is valid

building /bracket | talking /greatbooks | ex-BCG, ex-PHD | poli + phil + econ