Twitter/X new ID Verification - First Look - eviltoast
  • sab@kbin.social
    link
    fedilink
    arrow-up
    109
    arrow-down
    4
    ·
    1 year ago

    I guess it only occasionally makes sense for government web sites and banks. X might have ambitions to become a bank, so in that sense it might make sense.

    So another piece of advice: if twitter ever asks you if you want to start using it for banking, nope the fuck out.

    • Hotzilla@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      56
      arrow-down
      3
      ·
      edit-2
      1 year ago

      You Americans should get to this century and start performing digital strong authentications like the rest of us. Sending picture of your ID to anyone is insane :)

      How we do it here in Finland is that there are digital identity providers which use bank/mobile carrier to identify you. They then use MFA when identifying you. Any service can use these services to do strong authentication for you. And they don’t cost anything for the customer, and is really cheap for the company who wants to identify you. It is also build into the law that you must identify people using these, to avoid identity theft.

          • HeartyBeast@kbin.social
            link
            fedilink
            arrow-up
            1
            ·
            1 year ago

            But how did they authenticate your identity when you opened the account? I’d not trying to be an arse - but at some point it will likely have come back to matching some official photo id against your face.

            • Hotzilla@sopuli.xyz
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              They once identify you from your driver’s license, government id card or passport. After that you for example link your smart phone to you, and you use their app when you identify.

              You can also use mobile carriers, they send a push notification directly to you phone+sim. Not sure what protocol they use here, because it opens up an UI which is plain android, and asks pin.

              Everything relays on chain of trust that since one service has identified you, the next can trust too. Plus there is MFA to verify that you actually made the identification request.

              • HeartyBeast@kbin.social
                link
                fedilink
                arrow-up
                2
                ·
                1 year ago

                The initial argument was ‘sending is to anyone is insane’ but that’s what you do with the bank. Yes it’s only once - but that’s the same as the other systems we are taking about here.

                • Hotzilla@sopuli.xyz
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  1 year ago

                  They don’t accept it remote, only face-to-face. I have done it once, 15 years ago. Face-to-face is actually only way to do it to avoid identity theft.

    • Dr. Wesker@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      18
      arrow-down
      3
      ·
      edit-2
      1 year ago

      Idk, I’ve got my hands in a lot of financial cookie jars, and I don’t recall ever being asked for something like this. At the very least, not in this manner.

      • 520@kbin.social
        link
        fedilink
        arrow-up
        21
        ·
        1 year ago

        It’s pretty standard for European banks thanks to Know Your Customer laws.

        • exen904@kbin.social
          link
          fedilink
          arrow-up
          6
          arrow-down
          1
          ·
          1 year ago

          If you keep in mind that it’s only done with special certified subcontractors, then yes. I would never give that information directly to a company like X. And yes, also those special companies are more times shady than they should be, but still.

          • 520@kbin.social
            link
            fedilink
            arrow-up
            3
            ·
            1 year ago

            If you keep in mind that it’s only done with special certified subcontractors, then yes.

            Dunno what you’re talking about here but I’ve had to go through something similar every time I’ve opened a new account with a financial service.

            But yeah, I would not trust Twitter/X either. Musk is too much of an emotional child following whatever whim takes his fancy that day.

      • sab@kbin.social
        link
        fedilink
        arrow-up
        7
        ·
        1 year ago

        I know there’s a similar-ish process for accessing Spanish social security services online at least, and I believe it’s the same for some other services as well.

        Then again, Spanish public services are not exactly the gold standard for digitalization.

        • diprount_tomato@lemmy.world
          link
          fedilink
          English
          arrow-up
          7
          ·
          1 year ago

          Wait are you Spanish too? Those websites look like they’ve been made by a secretary’s cousin that only knew how to copy and paste in the 90s

          • sab@kbin.social
            link
            fedilink
            arrow-up
            6
            ·
            1 year ago

            I just have a few Spanish friends! And from what they’re telling me that’s probably exactly how these websites were made.

      • qaz@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        I have the opposite experience but maybe it’s just different in the EU

    • 👍Maximum Derek👍@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      To follow his dystopian vision of Twitter as the Everything app, in the US it will have to be a bank at some point. The same way that Apple is now a bank in order to power parts of their wallet and payment platforms.

    • Neato@kbin.social
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      The only government function that has ever wanted a “selfie” was for my drivers license and passport. Both of which feature that picture. But I’ve never done either through a site.