• Franklin@lemmy.world
    link
    fedilink
    arrow-up
    7
    ·
    9 months ago

    Is there any way we could do some sort of certificate based authentication? Instead of a social security number. I know people get really dodgy whenever you talk about ways to identify them but there has to be a better way than this.

    Identity fraud can ruin your life permanently and at this point I’m pretty sure more people have been compromised than haven’t.

      • rdyoung@lemmy.world
        link
        fedilink
        arrow-up
        4
        ·
        9 months ago

        Something like a ssh key or what they are now calling passkeys could work. The question is then who holds the verification database and how do individuals (especially those who can’t turn on their pc) keep their part of the key safe and do we also have some other kind of verification questions like we do now to make sure that it’s the right person when so many small details are shared or similar across people.

          • rdyoung@lemmy.world
            link
            fedilink
            arrow-up
            2
            ·
            edit-2
            9 months ago

            I know. But we need a system better than what we have. Or a modification of the current system to make it a bit tougher for people to use someone else’s credit. I have a few ideas but they would only work for those of us who can handle the idea of ssh keys, crypto, etc. The average idiot isn’t going to be able to keep easy access to the data they need to prove they are who they say they are. And I’m definitely against going with DNA, fingerprints, facial rec, etc because of where that leads.

            As it stands, way more kids than you may expect grow up to find their credit completely fucked because their parents are assholes. Anyone close enough to you can probably answer most of the questions about where you lived, what car you owned, etc. We need a drastically different system if we want to minimize identity theft but as I said above, the average person can’t handle the ways to do it right.

            In theory it could be based on cryptos open ledger but with encryption instead of being open to the public, accessible only when the person holding the private key unlocks it in conjunction with the public key. Data stored and accessed in a DB that can be hosted anywhere and isn’t under the control of any one organization or agency.