Apple Introduced Digital ID in Apple Wallet

…in the US.

... for U.S. passports.

I’m still waiting for the day where 100% of state drivers licenses are supported in wallet and anyone requesting ID are required to accept them. Quite literally the only reason I have a wallet these days is for the drivers license.

Google Wallet supports this as well, but not for passports, only select state drivers licenses.

https://support.google.com/wallet/answer/12436402?hl=en

I wonder if passports will come to Google soon as well - that'd open it up nationwide as long as you have a passport.

Honestly, hooray for dragging the U.S. into everyday people having a federal ID in their pocket. Having to check fifty different ID layouts times three revisions is a nightmare and no one uses passports domestically today outside of airports.

> and anyone requesting ID are required to accept them

This is the big one. I've seen a lot of states where digital drivers licenses are issued, but many retailers are like "lol no, we want the card." It needs to be legally enshrined as identical.

I feel uncomfortable with these changes. Between this, digital currencies, airlines not doing printed boarding passes, metros requiring smartphones, … it feels like we are going to lose control and privacy as consumers.

Same, although most of the time, at least cops, accept a photo of the actual ID card/driver license where I live (Romania), at least it worked the last time I got pulled over.

Nope. I will continue to have a DL card so I can choose to leave my phone at home. When we are required to have our IDs on our person at all times I can at least not be tracked everywhere I go.

Be watchful for legislation requiring: * us to have our ID on our person at all times. * IDs to be issued in digital format only.

I am never handing my phone to a cop.

> They will also be asked to use their iPhone to read the chip embedded on the back of their passport to ensure the data’s authenticity.

I installed an RFID app from the Apple app store (3rd party, not from Apple) and it couldn't read the chip in my passport. Perhaps Apple's firmware was filtering those out at the time?

There was a post from trailofbits blog recently about how passport crypto works. Kind of related here.

I wonder if this is some zero knowledge proofs here or what? Reading the passport and its chip implies some terminal authentication capabilities coming from Apple devices. Passport would not allow reading sensitive data from the chip unless the terminal is valid.

Another question is if Apple is allowed to read your biometric data?

I get what you're saying, but if you think of it what we're doing today - handing over the one and only official piece of document to a) cop b) club bouncer etc.

They can hold onto it, and never return it. They can deface it. All of that is a possibilty.

You could argue, a sufficiently locked down phone is a better alternative. If they do something, you'll only lose $$

> They can hold onto it, and never return it. They can deface it. All of that is a possibility.

But they can't potentially look at your banking app, read private notes, messages and emails, operate your home automation, look at your calendar, etc. if all they have is a plastic card.

I feel exactly the opposite about what you said. The ID is just an ID, my phone is my phone with other stuff in it.

... and if they hold the document upside down they can see your browser history and with a UV flashlight they can quick scan your app list for intel.

Apple also supports select state drivers license.

I would definitely expect Google to follow quickly.

I was able to use the (free) app “ReadID Me” to decode passport information months ago

> I am never handing my phone to a cop.

The point is that you don't have to:

> To present a Digital ID in person, users can double-click the side button or Home button to access Apple Wallet and select Digital ID. From there, they can hold their iPhone or Apple Watch near an identity reader, review the specific information being requested, and use Face ID or Touch ID to authenticate.

"hold … near … review"

If you're (e.g.) buying alcohol, then the "specific information" would be your birthday, and that is all that would be sent over. With a regular ID, verifying your age would mean handing over your physical card which would have all sorts of other non-relevant information to the task at hand.

Further:

> Only the information needed for a transaction is presented, and the user has the opportunity to review and authorize the information being requested with Face ID or Touch ID before it is shared. Users do not need to unlock, show, or hand over their device to present their ID.

AIUI, cops would have a verifying device or app and the information requested—which you authorize—is sent over wirelessly. Kind of like how you no longer have to hand over your credit/debit cards to (possibly malicious) cashiers, and just keep it in your hand and tap. (Older people may remember the carbon copy 'ka-chunk' machines.)

With a physical ID you have to hand that over because that is the only way the information can be read off of it. With a digital ID you can send a copy of your ID without physical exchange / handover.

Can we use this for voter ID?

Digital ID is a misnomer, it should be called "Digital Social Application". These are NOT ID"s. They're government dreamcasted app's for managing the lives of civilians.

* https://learn.wallet.apple/id#states-list

Buy a different phone, then. It's still a free market, quit your complaining.

As an aside, I've been using TSA Touchless at select airports.

It's pretty slick.

No ID, nor Board Pass needed.

Just walk up to TSA, and only facial recognition is needed. It's extremely fast too.

https://www.tsa.gov/touchless-id

Surely nothing nefarious has ever been promoted with the offer of convenience!

If I lose a piece of ID, I've lost a piece of paper/plastic. I'm inconvenienced, but can easily get a replacement and have the original invalidated.

Google Wallet has supported passports for about a year now [1]. Works great at TSA. You scan it yourself. You never need to hand them your unlocked phone.

[1] https://support.google.com/wallet/answer/15284332?hl=en

We don’t need it in Poland. We’ve been using a similar but official government issued app with ID, driving license, car documents for years now. Works both on Android and iPhone. Can be also used for logging into government web apps like taxes, for document signing or for voting. And it reminds me whenever my car insurance expires or it needs the annual check. Pretty impressive IMHO.

That is usually not something you choose.

You have to show ID to vote in my country, I thought that was the normal thing.

It’s inevitable that identification and payments continue to digitize. I’d prefer that physical ID / cash remain legally protected but that I can also go for a run with only my watch and buy a beer afterward

It is, many states in the US are abnormal in this way.

How is Trump using digital ID's on iPhones to complete a coup?

In the United States, leftists fight as hard as they can for an insecure and unverified voting process.

I'm really wary of these initiatives, because perfect law enforcement is how society ossifies. Imagine if we could prosecute all homosexual tendencies when they happened, or all interracial relationships, or any other antiquated law. Society would never progress.

What happens if the government can now perfectly enforce that people under 18 can't do X or Y?

Now that we’ve got ice walking around with an app that uses facial recognition to determine if you’re a citizen, fuck the facial recognition stuff. This tech should be out of government hands.

Indeed, it needs some hard legal protections from abuse but it will come eventually.

Only if you're being arrested. If you're at a traffic stop or tons of other scenarios would never need to.

How does this apply to a digital version of an official government ID? The government already has all this data.

> Reading the passport and its chip implies some terminal authentication capabilities coming from Apple devices

They’ve had some form of this for ages with Apple Pay

Someone recently joked about Apple holding elections on the iPhone with Face ID to verify your voting eligibility.

Hmm..

You can be wrong or you can be an ass, but, unfortunately, you're both.

I didn't say anything about the data the government has or doesn't have. I'm talking about perfect enforcement. Try faking a digital ID.

They can't do that either with Wallet items. That's kind of the point: you can hand over your phone with a wallet item "unlocked" and visible on the screen, and that's all they'll have access to.

No party in the US seem to fight for a secure (end-to-end auditable) voting process. I've yet to hear any politician talk about anything like that, a process where no voter has to trust the system and can be still confident (assuming they understand the underlying math) their vote was counted and counted correctly.

It is true that every scheme out there (that I've read about) has some flaws. But I'd rather have NSA spending their budgets and talent working on this kind of stuff, than spying on citizens or whatever they do.

The current discourse is all about identification during registration vs when voting. Which is meaningful but feels like avoiding the actual issue, as it is still not really secure either way.

Very very few people actually fundamentally disagree with the core idea of identification to vote.

The problem is the act of getting the ID itself. In most (all?) states getting an ID is not free, takes time, and if you lost everything will require jumping through a lot of hoops.

If getting an ID was actually simple, free, and not time consuming than we could have a genuine discussion about ID requirements. But until that point it is very thinly veiled classism and racism.

Also the numbers just simply don't back up this being a serious issue to begin with.

TLDR: Fix the fundamental issues with having identification in the first place and we can talk.

I am against digital IDs. There’s a reason why security-minded people carry around physical hardware keys. The fact that Apple remains a black box company means I can’t trust them now and definitely not later when their changing financial circumstances COULD jeopardize management decisions and commitment to privacy.

Geniuine question, why can't you just have your license in your car at all times?

Sure but then you've already given them your phone after which you don't know what happens. Plus it's a lot of leverage for them to have it, e.g. "unlock or you won't get it back".

No thanks. It's 2025, identity needs to be resilient, so having a national public blockchain that every public administration entity, every private who wants to participate, compensated for the IT resources they provide, whether a citizen or a business maintains well, that makes sense. The fingerprint of a key is shared, this key is on a smart-card, therefore offline, on well-known (bank cards, SIM cards) proven and reliable platforms, and signs what is needed with zk proofs where required.

Identity on mobile, proprietary platforms, whose level of complexity makes it humanly impossible to understand them even for governments themselves, notoriously closely monitored and yet with a long history of bugs and problems, is UNACCEPTABLE.

It's time to understand that IT is the nervous system of society and that public information must be public, for everyone, not for a specific actor and with no specific actor being "more equal" than others.

I was thinking of US permanent residents that have an interest in this but no US passport.

Until they covertly plug it in to the Cellebrite unit back in the patrol car.

Very much, This! Up voted

We have this issue already with biometric passports and ID cards.

The reason is nobody trusts a single party to implement that honestly.

Last time I checked, Party X only cared about Party Y’s voters who are voting illegally. They’re perfectly fine with their voters doing it.

Technology is a tool against corruption not a cure for it.

And, specifically, frictionless perfect enforcement. Kind of like CCTV you can pull on request after a crime, vs proactive permanent ubiquitous surveillance (looking at you, Flock Safety).

It feels healthier for the enforcement apparatus to have a budget, in terms of material personnel or time, that requires some degree of priority-setting. That priority-setting is by its nature a politically responsive process. And it’s compatible with the kind of situation that allows Really Quite Good enforcement, but not of absolutely everything absolutely all the time.

Otherwise ossification feels like exactly the word, as you said, stavros: if it costs nothing for the system to enforce stuff that was important in the hazy past but is no longer relevant, nobody wants to be the one blamed for formally easing restrictions just in case something new bad happens; 20 years later you’re still taking off your shoes at the airport. (I know, I know, they finally quit that. Still took decades. And the part that was cost-free—imaging your genitalia—continues unabated.)

While Apple has some admirable history in standing up to government information requests[1], am I alone in wondering now if Apple has started to voluntarily align itself with the current administration? For example, Apple is helping to build Donald Trump's new gold-plated ballroom.[2] (!)

[1] https://en.wikipedia.org/wiki/Apple%E2%80%93FBI_encryption_d...

[2] https://www.reuters.com/business/media-telecom/trumps-ballro...

In the United States, getting an ID is expensive and time-consuming and is often inaccessible to many people, particularly those who don’t speak English, are poor, or work service jobs. These people are the same people who are historically marginalized and oppressed. This is why voter ID laws in the United States are fundamentally anti-democratic and disenfranchising.

If IDs were free and incredibly easy to get, I wouldn’t care about a voter ID law.

I can see them eventually doing this. Nothing on the tech side stopping them.

You gotta start somewhere. They started with Driver's Licenses.

To set this up, you have to scan the chip on your passport. Its essentially the same data on both chips, one is just in my phone's enclave and the other is in an embedded NFC chip.

I hear this a lot, can you give me any examples of how these IDs are inaccessible? Can you please give concrete examples of what is asked for that feels onerous, or any specific cases where people aren't able to get IDs?

For example, I know that Maryland DMV will even offer a translator to help you with your driving test. I'm not sure why, because all signs are in English.

I have seen exactly the opposite, that at least in Maryland and bigger states, they go out of their way to make things convenient.

We don't have a national ID here in the US. Passports can be quite expensive. Local state ID cards don't prove citizenship.

> If you're (e.g.) buying alcohol, then the "specific information" would be your birthday, and that is all that would be sent over.

Unless there is a very tight control over this - lol nope. Big stores will request as much as they can to target you with ads.

> have the original invalidated.

Only for it's "original" use case - traffic laws enforcement. I don't think any other entity can validate if this piece of plastic is invalidated or not. Also, it's not like information on lost ID gets erased when you get a new one: still has your address, DOB and other info that can be misused.

What's your magic solution, then? Tattle to the FTC? Beg the President to reign in Tim Apple before he manifests the antichrist?

I'm afraid you're the wrong one here, this is our fealty to Apple paid back in due. If I have to be an ass to get people to stop buying surveillance slopware, so be it. You have no other option at this point, I'm not going to canvas for your rights as an Apple customer in 2025. This is what you support when you give them your money, enjoy!

Edit: I am addressing the OP's point. You called me wrong - I am defending my original point to OP, while illustrating why your dismissal is not relevant to the discussion.

Wrong assumptions in your comments:

1. I'm an Apple customer.

2. I live in the US.

3. It's a free market.

> Now that we’ve got ice walking around with an app that uses facial recognition to determine if you’re a citizen, fuck the facial recognition stuff. This tech should be out of government hands.

When I was in LAX last week, facial recognition on entry was only for US citizens anyway, and for it to work they need to take a photo of you when you're leaving. I don't see how it helps ICE in any way, plus it's handled by CBP.

Also, it didn't work on me, because I left clean shaved and returned with a beard.

I still find it bonkers reading passport doesn't validate it against it some centralised database. Like, $1 in your bank account and a credit card is more advanced than a passport.

I've been stopped by cops maybe once per 10 year. In that case I'm happy to pay $50 fine for failing to present license which they can check on their database anyway.

> Passports can be quite expensive.

It's $165 per 10 years if you don't lose it or $65 if you just need in place of national ID (i.e. no international travel). I think anyone can save up that much in 10 years, renewals a bit cheaper btw.

> Local state ID cards don't prove citizenship.

No, but to get a Real ID in any state you have to prove you're in the country legally, and in some states to get any form of ID you have to prove that.

Sure, but that's the point of an end-to-end auditable system so you don't have to trust whoever implements it. The whole idea is that no crooks can make math work any differently than it does.

How do they buy alcohol?

You could then decide not to buy the alcohol. Unless you are severely addicted, you will not die if you don't purchase alcohol.

> have the original invalidated.

I once had three valid drivers' licenses, because my wallet was stolen (later returned), and I left my ID at a bar. All three were valid for use at the same time despite being reported lost/stolen - they had identical barcodes, etc.

At best a digital ID has an additional attack surface and is just more accessible.

You normally aren't carrying your passport with you, right? So even if lower security, the chance of that information being swiped is generally lower.

Phones are pretty high profile targets, this makes them more so.

I do like the idea and the convenience, but I'm definitely wary of these things too. Especially in the modern tech world where security is often being treated as a second thought as it is less impactful for sales. I'm pretty sure it is always cheaper to implement the security, but right now we're not great at playing long games and we like to gamble. Humans have always been pretty bad at opportunity costs. We see the dollars spent now and that seems to have far more value than what you save later.

On the other hand, currently US citizens are not legally required to walk around with their IDs on them. That's not true for non-citizens btw. You should have to just give the officer your name, but they can detain you while they "verify your identity." With an ID becoming frictionless and more commonly held on person, will this law change? Can we trust that it'll stay the same given our current environment of more frequent ID requests (I'm trying to stay a bit apolitical. Let's not completely open up that issue here?). I'd say at best it is "of concern." But we do live in a world run by surveillance capitalism.

There's a really good example I like of opportunity cost that shows the perverse nature of how we treat them. Look at the Y2K bug. Here on HN most of us know this was a real thing that would have cost tons of money had we not fixed it. But we did. The success was bittersweet though, as the lack of repercussions (the whole point of fixing the problem!) resulted in people believing the issue was overblown. Most people laugh at Y2K as if it was a failed doomsday prediction rather than a success story of how we avoided a "doomsday" (to be overly dramatic) situation. So we create a situation where you're damned if you do and damned if you don't. If you do fix a problem, people treat you as if you were exaggerating the problem. If you don't fix the problem you get lambasted for not having foreseen the issue, but you do tend to be forgiven for fixing it.

Just remember, CloudStrike's stock is doing great[0] ($546). Had you bought the dip ($218) you'd have made a 150% ROI. They didn't even drop to where they were a year previously, so had you bought in July of 2023 ($144) and sold in the dip you'd have still made a 50% profit in that year... (and 280% if you sold today).

Convince me we're good at playing the long game... Convince me we're not acting incredibly myopic... Convince me CloudStrike learned their lesson and the same issue won't happen again...

[0] https://seekingalpha.com/symbol/CRWD

Americans do not need to provide ID to vote, so no?

> In the United States, getting an ID is expensive and time-consuming and is often inaccessible to many people, particularly those who don’t speak English, are poor, or work service jobs.

No to all of that? Passport book (which you don't need unless you travel internationally) cost 165 USD per 10 years.

Time-consuming...it's a one short trip to local-ish post office (not every post office has passport services). Sure, it's appointment only and only M-F, but you need to do it once every 10 years.

Non-English speakers... You have to pass a basic English test for naturalization, and if you're born here, you probably should speak at least basic English. It's one form as you have to fill out online.

Objectively, it's easier for a service worker to get shit done during the workweek than for 9-5 salaried.

Anyway, California got it right: applied for Real ID? Want to register to vote or update your registration while you're at it? And it cost like $40 (depending on state)

IDs are cheap and easy to get, and I wouldn't want a person who can't figure something that simple to have any voice on the federal level.

What Democratic policies are geared towards disenfranchising Republican voters? I don't believe there are any. Unlike Republican-enacted policies, which have been found in court to have discriminatory intent.

Sorry I was meaning to say "passport terminal" capabilities which would require a cert to be issued by a country whose passport chips you want to read. Well maybe they had this for a while but AFAIK you could not read passport details with an apple device before

Yes, but the point is that we already know (app permissions, cookie tracking consents) that "ask only what you need to function" isn't how sellers operate.

Also, you need an ID to buy some OTC medicine and to pick up some prescribed medicine. As well some other cases when ID needs to be presented, but those probably require more than just DOB anyway.

For buying alcohol, I wonder if faceID will also somehow be required to verify the holder of the phone corresponds to the digital id

Most of the world isn’t even covered by this feature yet, like the EU digital id and driving licences.