Difference between revisions of "Collection:Electronic identification"

From Free Software Directory
Jump to: navigation, search
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
An electronic identification (eID) program is an eID verification system. An electronic identification (eID) is a digital solution for proof of identity of citizens or organizations, for example in view to access benefits or services provided by government authorities, banks or other companies, for mobile payments, etc. Apart from online authentication and login, many electronic identity services also give users the option to sign electronic documents with a digital signature. Some e-commerce companies require their customer to sign with eID for any payment method.
+
An electronic identification (eID) program is an eID verification system. An electronic identification (eID) is a digital solution for proof of identity of citizens or organizations, for example in view to access benefits or services provided by government authorities, banks or other companies, for mobile payments, etc. Apart from online authentication and login, many electronic identity services also give users the option to sign electronic documents with a digital signature. Some e-commerce companies require their customer to sign with eID for any payment method, or limits their functions for those who don't login with eID.
 +
 
 +
eID is very common in some countries, example: "Compared to Sweden's population, 98.7% of Swedes between the ages of 21 and 50 have one (or more) BankID. For Mobile BankID, the corresponding statistics are 97.4%."<sup>[https://www.bankid.com/assets/bankid/stats/2019/statistik-2019-12.pdf ref from 2019]</sup>
  
 
An eID connected to an eID program is directly connected to the person using it, sometimes verified with bio-metric authentication such as
 
An eID connected to an eID program is directly connected to the person using it, sometimes verified with bio-metric authentication such as

Latest revision as of 15:28, 21 May 2020

An electronic identification (eID) program is an eID verification system. An electronic identification (eID) is a digital solution for proof of identity of citizens or organizations, for example in view to access benefits or services provided by government authorities, banks or other companies, for mobile payments, etc. Apart from online authentication and login, many electronic identity services also give users the option to sign electronic documents with a digital signature. Some e-commerce companies require their customer to sign with eID for any payment method, or limits their functions for those who don't login with eID.

eID is very common in some countries, example: "Compared to Sweden's population, 98.7% of Swedes between the ages of 21 and 50 have one (or more) BankID. For Mobile BankID, the corresponding statistics are 97.4%."ref from 2019

An eID connected to an eID program is directly connected to the person using it, sometimes verified with bio-metric authentication such as

  • facial recognition (rear camera) on hardware devices with a front camera (eg laptops, smartphones)
  • fingerprint (fingerprint scanner) on modern smartphones
  • iris recognition (iris scanner) on modern smartphones

Since most eID programs are proprietary, backdoors can be installed in these programs to spy on the user with several inbuilt malwares. More laws make it mandatory to use eID to access modern society, and more laws give governments the right to perform secret data readings on citizens in case of suspicion without evidence. Examples of malwares that could be included in a proprietary eID program to download private data includes but are not limited to

  • RFID reader software to read cards attached in a smartphone case to verify the wearer.
  • remote desktop software that can be used to take screenshots and screen video capturing of the contents of the display. Screenshot protection cannot be implemented in iOS apps due to API limitation so iPhones are especially vulnerable.
  • geo position software
  • microphone recorder software
  • software camera that can be used by devices with camera(s)
  • software video recorder for devices with camera(s)

Surprisingly there's virtually no free eID replacement software nor documentation about the risks about proprietary eID. We encourage computer security analysts to evaluate the risks, and the free software community to distribute free eID.

There are legitimate uses for electronic identification -- for instance, for transactions with the state or with banks. However, organizations may try to push people to identify themselves for things they should be able to do anonymously.

Therefore, don't assume that making you identify yourself is acceptable for any given activity merely because they let you do it with free software.

It is often to complex to write free eID variants of proprietery eID from scratch. Free eID often has to be developed by reversed engineered proprietary eID but that is a very hard task which is one of the primarily reasons why free eID programs have become more rare.

This page lists eID programs distributed as free software to protect the users from backdoors.

Free eID replacement Proprietary eID
Software Status Software Mandatory log in (privacy issue) Country or territory
FriBID Obsolete BankID Public health care: 1177.se Sweden


Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.

The copyright and license notices on this page only apply to the text on this page. Any software or copyright-licenses or other similar notices described in this text has its own copyright notice and license, which can usually be found in the distribution or license text itself.