European digital ID wallets rely on safety services of Google and Apple

Posted by donohoe 11 hours ago

European digital ID wallets rely on safety services of Google and Apple(waag.org)

658 points | 282 commentspage 4

dariosalvi78 9 hours ago|

Digital single market, digital sovereignty and all those nice words...

6thbit 10 hours ago||

Is it out of character for the EU to push a half baked solution out that covers most but a tiny fraction of the population only to get sued later on and rule against its own idea?

zmmmmm 6 hours ago||

It's honestly quite baffling that the EU would want to put any more power in the hands of any US controlled company at this point. The US is a borderline hostile state, only recently threatening to invade Greenland among numerous other examples. The situation with Anthropic has illustrated that the US government will not hesitate to leverage power over US companies when it feels its interests are advantaged by doing so. If anything, the EU should be banning use of Google or Apple dependent architectures, not pseudo mandating them.

santiagobasulto 8 hours ago||

I think we're missing the important point here.

The problem is not that the ID wallets require Google and Apple. The problem is that we're getting eaten alive by this Big Brother called EU (lead by the UK initiatives) that is starting an unprecedented control over the population.

These ID wallets should be all optional, there should NOT be any age verifications.

I remember ~10 years ago when Europe was laughing at China's face detection systems to track citizens.

We're becoming much worse than that now.

romx 9 hours ago||

The entire software even free one is. We need to exclude them all.

everdrive 8 hours ago||

Absolutely baffling why the EU would be doing this.

boxed 11 hours ago||

> Governments are cementing a monopoly they claim to oppose

Duopoly but yea. Because there is no third alternative. Microsoft failed/gave up with Windows Phone. The people trying to fix secure government services can't really tackle that issue, but the systems needs to be built now anyway.

ulrikrasmussen 10 hours ago||

There are viable third alternatives which do not require building a full smartphone stack. The national eID in Denmark, MitID, is an app "protected by" Play Integrity, but at least there are two non-smartphone alternatives available in the form of either a TOTP code generator or a FIDO2 chip which you can get for free if you can't or won't buy a smartphone.

Age verification solutions could also be built on dedicated hardware tokens, even though the tokens required to build a ZKP or blind signature based solution may not be available off the shelf right now.

flir 11 hours ago|||

> but the systems needs to be built now anyway.

I question that premise.

hilios 11 hours ago|||

They can't tackle issue oft establishing a 3rd popular mobile operating system, true. But they could support Desktop Linux or AOSP.

edukite 7 hours ago||

Last I checked Android was OSS and there's plenty of clones without any Google BS. Heck I'm using one now

hilios 6 hours ago||

Yeah but if the wallet requires Google Pay Services attestation the AOSP based clones won't be able to run it unless they can spoof it somehow.

edukite 3 hours ago||

My argument was that EU can have own phone OS completely unconnected with Google. EU can make own attestation and even ban Google attestation in EU.

We don't need to reinvent the wheel and create completely new OS

pjmlp 10 hours ago||

Windows Phone wouldn't be much help here, still an US company.

KoolKat23 9 hours ago||

This quite literally validates those "tinhat conspiracy" folks, honestly the EU are not doing us or themselves any favours here. If it is intended to replace cash then it should function like cash. This limitation is draconian.

There is one thing after the next, under Von der Leyen and Metsola, its ridiculous.

amlord 11 hours ago||

Seif-Sovereign Identity wallets that are cross-device are the way around this, but relies on institutions following this path.

Vendor lock-in is real

realusername 10 hours ago|

I don't know who thought that national ids should be vetted by two private companies, not even European!

No thanks, I don't want any of that for obvious security reasons

More comments...