I don’t think I understand this. I don’t actually want to pay with my phone, so thats a non-problem to me, but when I can access my bank with a browser on any pc in the world, why do they need attestation on a mobile? I dont see why the requirement is inconsistent.
“I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones.”- Albert Einstein
good example that works well on a data minimisation basis when they the need is for some indication of age appropriated trust. There are limits to it though. - to actually satisfy age-gates/verification they would also need to tie your identity to the ownership of the card, and ensure the card isn’t some kind of under 18 prepaid affair.
This is ridiculous and clearly shows both nefarious intent and complete disregard for the GDPR and it’s core principle of data minimisation. There must be a simpler solution to this - maybe through attestation from a trusted third party who has already (legitimately) verified the user’s identity - like a bank. Imagine a user creating and providing a token that allows a one-time request through the open banking standards to receive an attestation on whether or not the user is over 18 - without disclosing the users actual dob or any other personal information except who and how the attestation was made. Not sure if it would even be necessary for companies to store precisely when the attestation was made if the banks themselves record the event.
Moto flip phone with GOS? sign me up. Should not have to choose between form factor and operating system.
Seems like a strong argument for dedicated hardware to me. Something card shaped 😉