Tuesday, March 7, 2017

Sounds good but we want to see the code

The Singapore Government is looking at three key features for its new digital GovInsider: Identity system, Minister in charge of Smart Nation, Vivian Balakrishnan has revealed.“I have asked the team to look at three features in the short term,” he said in Parliament yesterday. “One, to include biometric elements; two, to enable encryption; and three, to have open Application Programming Interfaces.”Biometrics could allow features like using fingerprints to login to services. Meanwhile, the encryption function would allow users to securely send information or documents using their digital identity. The intended receiver would need a secret key to access the file.Open APIs would allow others, including the private sector, to incorporate the digital identity features into their services. This means that the ID could potentially be used to access internet banking and other services offered by businesses who use the API.
Right idea, but I am speculating that government hold your identity as trusted party.  So, the Singapore government needs to  show us one thing, can I gry s unregistered card, go home nd secretly initialize it with my bio identity, and keep that secret until the delivery guy sends me a pizza? 

You see, that is the test.  In the sandbox, those services that verify an endpoint generated token still do not have the location of the thumbprint, nor its legal name. It is the thumbprint thay has to go out of band and tell the delivery guy  what to do, a reasonably safe thing to  do.  But it is done outside of money and has nothing to  do with  token verification.  Services want to know your token is valid,any further information you give up is via contracted trading bot.

No comments: