In Ukraine, there is a DIYA (Дія) app developed by the government, which holds electronic national passport, passport for traveling abroad, driving license, car registration documents (including car insurance information), child birth certificate (in parents app) and tax payer information. The app generates temporarily barcodes which can be scanned by another DIYA app to verify somebody's identity or presented documents. The national electronic passport can already be used in some companies, like post offices (state and private), banks, etc. Driving license and car registration can be presented to patrol police when requested. Very handy in general, especially if one forgets his wallet. I have a general concerns about privacy and security of this service, but I can also imagine that all the individual databases, which are accessed by this service, may have their own security issues, so having a single entry point is somewhat reducing the attack surface, which may actually be an advantage.
The implementation of Diya has probably nothing to do with that, as it was a pretty common PR topic for the police to find and seize stolen passport / tax data for at least the last decade. With so many government agencies having their own low security databases and employees paid $300/mo there's nothing surprising when dumps are so easy to obtain.
You can find much more dumps there of all kinds. I know about this site, because recently DB from main car sharing company in Lithuania was published here, and it was big news in LT. But this is public forum accessible without registration. You can imagine what's available behind closed doors.
I wish we will never have something similar in the EU. That kind of system is asking for abuse. Please no, let's keep the passports, driver licenses and birth certificates on old fashioned reasonably hard to forge paper with holograms and securely printed (and perforated, check your EU passport hard page against the light).
Except that history has proven the plenty of crime organizations can fake those really well and pass undetected and maybe you missed it, but the authenticity of your passport or any ID document is proven and validated by the secure cryptographic element in the chip within it, not the fancy features in the plastic/paper of the document, that's why chipped passports are now the norm. Fancy physical documents without security chips are inherently less secure, not more.
If that same security chip, that passes government security certifications, think Common Criteria level EAL 6, is in a piece of paper and plastic called "passport" or a piece of metal and glass called "smart-phone", what's the difference?
> Except that history has proven the plenty of crime organizations can fake those really well and pass undetected and maybe you missed it, but the authenticity of your passport or any ID document is proven and validated by the secure cryptographic element in the chip within it, not the fancy features in the plastic/paper of the document, that's why chipped passports are now the norm.
In any case, the forging scales much worse than just getting your hands on a database when you have to forge a physics document with decent security features. It’ll never be 100% secure, but then neither will be a virtual passport.
> Fancy physical documents without security chips are inherently less secure, not more.
All new and future identification documents will have a chip anyway. The baseline is not just a piece of paper.
You start from the premise that a physical document is trivial to forge, therefore it is not an improvement over a purely numerical one. But that’s circular logic. In reality, it is more difficult to steal, copy and re-sell a physical passport than a cryptographic key.
>In reality, it is more difficult to steal, copy and re-sell a physical passport than a cryptographic key.
Just, how? A pickpocket can steal your passport and anyone, even a police officer on the street could have a hard time figuring out if it's actually you or not if your photo looks remotely like the thief. How is it easier to steal passport crypto keys (not the passport number) from a secure government database than someone's passport off the street?
Also, the authorities can cancel your stolen passport, but the pickpocket will still own it physically and can use it to enter places like nightclubs or worse (other than airports and hard borders, nobody checks the passport electronically vs the government database, they all just glance at it and call it a day).
I have the feeling you have no idea how secure passport crypto chips and NFC chips are and you assume all passport crypto keys are some databases sitting randomly on the internet.
Or are you simply assuming that something physically printed must be inherently safer than "some bits"?
> Just, how? A pickpocket can steal your passport and anyone, even a police officer on the street could have a hard time figuring out if it's actually you or not if your photo looks remotely like the thief.
A pickpocket needs to come close enough and risk being caught. It does not scale very much. Falsifying them, whilst not impossible, is also risky and also does not scale. Particularly if the thief needs to look like the person on the photograph.
> How is it easier to steal passport crypto keys (not the passport number) from a secure government database than someone's passport off the street?
That is not the problem (although it is a problem: secure government systems are breached with some unfortunate regularity these days). But for it to be practical, people need to have the keys with them, i.e. on their phones or computers, where protection is much harder to guarantee. Putting them in an air gapped unique device is much better, whether it is something like a Yubi Key, a chip in a passport, or a chip card.
> Also, the authorities can cancel your stolen passport, but the pickpocket will still own it physically and can use it to enter places like nightclubs or worse (other than airports and hard borders, nobody checks the passport electronically vs the government database, they all just glance at it and call it a day).
I don't think anyone seriously cares about night clubs. Most of them accept non-chipped drivers licenses or old fashioned paper ID cards anyway, which is practically no security at all. The point is that the hurdle is high enough to avoid teenagers going in.
> I have the feeling you have no idea how secure passport crypto chips and NFC chips are and you assume all passport crypto keys are some databases sitting randomly on the internet.
Which random smartphone maker would you trust for this? Do you trust all the links in the chain?
Something does not need to be "sitting randomly on the Internet" to be breached.
Besides, I am not sure what you assume about my assumptions. Cryptography is fine. Cryptography on everybody's phone for this application is a terrible idea. Your passport does not need to be on an Internet-facing device.
As a security engineer, nothing civillian-facing is ever 100% secure, it all depends how much resources your attackers have. When modelling your security profile, it's always a matter of "when", not "if" your widget can get hacked.
Most you can do is deter black-hats, but not much you can do against well funded state actors.
Except that most governments have migrated to digitalization of many services. Do you do your tax return in your browser or would you prefer to file endless paper forms and go in person and wait in lines?
True, but you have to pay your taxes anyway. Would you like to do it from the comfort of your home in whatever time you like or would you rather do it in person, standing in line for maybe hours and dealing with sour clerks?
Germany has this for ID cards and passports, albeit via NFC, it's just not very widely used yet.
I actually thought that this is an European standard as I seem to remember seeing it used in other airports in Europe, but it's been a while since I last went to fly anywhere.
Denmark has a narrower version of that for driving licences and national ID cards. The rest of the information, the police would have access to anyway.
