back to article Mobile-based ID wallets for government are coming

Gartner's latest set of public sector technology trends predicts, among other things, that a third of national governments (and half of US states) will have mobile-based identity wallets on offer by 2024. Many of its other findings will come as no surprise for the enterprise technology world: cut down on the siloed quick-fixes …

  1. IGotOut Silver badge

    I was worried about this....

    ... then I remembered its a Gartner prediction, so a 99% chance of it being wrong.

    1. Anonymous Coward
      Anonymous Coward

      Re: I was worried about this....

      Hell yes IGotOut, Gartner voodoo.

      Why can't El Reg put the word 'Gartner' in any Gartner referenced articles in the headline.

      That way I don't have to waste my time reading them.

      I'm sure we're not alone mate.

  2. Anonymous Coward
    Anonymous Coward

    Not good.

    I'm not keen on that idea. I just can't help feel it may lead to yet more identity theft. When did your android last get a security update again?

    Heck I'm not even keen on any nationally forced photo ID for that matter (despite that most of us carry one in the form of a driving license or passport, or for the youth, a college pass etc)

    Isn't it ironic, I love technology and have been using the internet for 20+ years but the more I see on how it is used by large companies etc.. the less I want to use new stuff and the more I prefer to not use online services.

    I even successfully avoided all social media because of how the information is used.

    I guess I just became old and don't fit into the modern world :-|

    1. Flocke Kroes Silver badge

      Re: Not good.

      Last time I checked... you are not required to have your driving license with you even when driving but you may be required to go to a police station with your license with 24 hours if a policeman decides there is a problem with the way you drive.

      I thoroughly agree with you that using a mobile phone for anything that requires security is completely insane. About the only more stupid idea I could dream up would be to use blockchain - oh wait: Gartner beat me to it.

      If the article had said something about the government allowing authentication with FIDO2 I would have wondered what had happened to the rest of February and the whole of March. There is no way I would believe such sanity from our politicians as the OMRLP have clearly held the majority for decades.

      1. Steve Button Silver badge

        Re: Not good.

        It's 7 days, not 24 hours.

        I've just re-read the article and it's so full of business jargon that I found it impossible to follow.

        "A decentralised identity is supposed to allow users more self-determination in regards to identity data by putting the user in charge of the storage and transfer of their data,"

        More "in charge of the storage" than I already am with my drivers license and passport?

        Sometimes the tech solution is not better.

        "Some things," he said, "you can do by mandates," but "mandates can only go so far."

        That's just fucking sinister!? So "mandates" aren't enough? How far should we go?

      2. MachDiamond Silver badge

        Re: Not good.

        "Last time I checked... you are not required to have your driving license with you even when driving but you may be required to go to a police station with your license with 24 hours if a policeman decides there is a problem with the way you drive."

        It depends on where you live and how agreeable the PC is. In the US, you must have your driving license with you whenever operating a motor vehicle on public roads. You must also identify yourself to a LEO when asked, but that doesn't require showing an ID, but it's a good idea.

        If They are looking for somebody and you vaguely match the description, They'll want to know who you are before letting you go about your business.

  3. Steve Button Silver badge

    Is this going to actually happen?

    El Reg has a long history of objecting to National ID schemes, has that changed? The tone certainly seems to have changed.

    Is it inevitable now? Has the argument changed, and does anyone feel there is actually a requirement for these? Are the well documented downsides no longer anything we need to worry about? "trust us, we won't do anything bad"

    1. onemark03

      Re: El Reg has a long history of objecting to National ID schemes, has that changed?

      The latest Economist seems to think that the British people want the damned things.

      See the edition of 12-18 February in the Bagehot article on p. 49, right-hand column, para. 2, lines1-5.

      1. Korev Silver badge

        Re: El Reg has a long history of objecting to National ID schemes, has that changed?

        This expat Brit would be perfectly happy to have an ID card, it'd be easier to keep with you than a passport and plastic is much tougher than paper/card.

    2. Citizen of Nowhere

      Re: Is this going to actually happen?

      I doubt any El Reg position on national ID could be discerned from this piece. It reads like a reworded press release.

    3. innominatus

      Re: Is this going to actually happen?

      And government departments can't even get together to agree requirements - GOV.UK Verify ignored the need to ID someone acting on behalf of a business for example

      https://www.computerweekly.com/opinion/Back-to-the-past-with-government-identity...

      "Currently, there are 191 different ways for people to set up a variety of accounts to access different services on Gov.uk, with 44 different sign-in methods,” according to a Cabinet Office announcement on 13 October 2021.

      Sticking it on a mobile isn't going to fix the problem

  4. Pascal Monett Silver badge

    "mobile-based identity wallets"

    Oh yeah, absolutely. We really need an identity verifying app on the most insecure, unupdated platform that has ever existed.

    Bonus round : having to prove that you are the owner of the phone once you've "proven" your identity.

    Different standards will create opposition to those initiatives ?

    I'm already there, mate.

    1. ShadowSystems

      Re: "mobile-based identity wallets"

      And what if you don't use a SmartPhone but a FeaturePhone that can't run apps at all? How _exactly_ do they propose to create/store/manage/etc a means of proving identity on a device that has no capability of storing much beyond it's own contacts list?

      1. Anonymous Coward
        Anonymous Coward

        Re: "mobile-based identity wallets"

        What makes you think you need an app to prove identity?

        All this kind of thing comes down to is the ability to securely store a private key, maybe a few KBs of data. Something a smart card can do.

        Asking a smart phone to store anything securely on the other hand... Ask those hundred million Samsung owners about that.

        Also, of governments want to make smartphones basically compulsory then they need to make them free and a human right along with internet access and banking

        1. Anonymous Coward
          Anonymous Coward

          Re: "mobile-based identity wallets"

          Sorry Shadow, reading comprehension fail on my part. I hadn't quite got what you were saying.

  5. hoola Silver badge

    The Usual

    So Gartner somehow decides that a new technology is going to appear or replace something.

    Then, unsurprisingly, that happens.

    So much of what Gartner spews out is based on money, sponsorship and advertising they have lost any credibility (assuming they had any in the first place). Large organisations pay huge amounts of money for access to these analyst reports that often don't actually tell you anything. When they do it is just thinly veiled advertising. Manglement lap up these reports because it is a huge arse-covering exercise "well we selected this because it was recommended by Gartner".

    1. Graham Cobb

      Re: The Usual

      Yes. Some years ago, Gartner's analysis business actually employed some of the best and most experienced analysts around - who were not afraid of telling the truth - and their reports were actually useful (I was never quite so happy with their consultancy business, however).

      But a few years ago the bottom fell out of the analyst market. Businesses stopped being willing to pay so much for their reports (after all - they could just tell a minion to get on the Internet and search around the websites of the suppliers to do their own analysis, couldn't they). As a result, two things happened: i) analysts (including Gartner) cut costs by getting rid of their experienced, expensive analysts and ii) reports became mostly funded by suppliers instead of users.

      Gartner largely moved to a new model where suppliers were invited to submit lots of stuff about how great they were and Gartner would put it all together, edit it, and publish it. The game became how to add some stupid stuff Gartner could cut out, to show they were being independent, while making sure they left in as much of our marketing rubbish as possible. My colleagues and I got quite good at at that, I will admit.

      Not that they are any worse than their competitors: they just have the advantage of being comfortingly expensive and hence are more believable.

    2. Chris G

      Re: The Usual

      Spot on!

      I see Gartner as more of a marketing/ toe in the water, type of operation than as a futurist based on analysis of actual needs and requirements.

  6. TeeCee Gold badge
    Facepalm

    Your identity.

    Held digitally.

    On a mobile device.

    In a system designed and built by the government[1].

    What Could Possibly Go Wrong?

    Still, I'm sure that the usual suspects providing IT services and consultancy to the public sector will be delighted to pay the usual bung to Gartner for triggering this bastard bonanza of bullshit and bollocks.

    [1] Public sector IT: A cockup looking for a place to happen.

  7. Jimmy2Cows Silver badge
    Coat

    XaaS

    Sounding nicely close to sex as a service, which should make for some fun product meetings.

  8. Dr Scrum Master

    Single Point of Failure

    Mobile phones, the single point of failure for the 21st century.

    Credit card? Put it on your phone.

    Debit card? Put it on your phone.

    Cash? Put it on your phone.

    Ticket? Put it on your phone.

    Boarding pass? Put it on your phone.

    2FA for all your banks, government services, etc? Put them all on your phone.

    ID? Put it on your phone.

    Lost your phone? Oh dear.

    Phone confiscated by the police for an "investigation"? Too bad.

    Police "accidentally" lose the phone? Sorry, can't help.

    1. G40

      Re: Single Point of Failure

      Not to forget signal-free locations. Can certainly ruin a transaction/validation

    2. MachDiamond Silver badge

      Re: Single Point of Failure

      Phones are also a target for thieves if they can nick yours while unlocked. The phone itself isn't worth anything, but how long would it take you to notify your bank, credit card companies, Amazon, etc from the time you notice your phone is missing? Or, is that information stored on the phone?

      I don't have any sort of lock on my phone. My approach is to not put anything on it other than a very generic phone list. I have a stand alone SatNav, do my banking in person and pay for things often in cash. All it takes is a little forethought. I do have a debit card, but only keep a nominal sum in that account and add to it when bills that I pay online come due. If my phone gets stolen, I'm out around £50 for a new phone.

      I was watching a show in the telly about border patrol in the US and one segment talked about an ICE IT person reading the data from an iPhone. They didn't show the phone so I don't know that it was indeed an iPhone, what model or just a generic mobile. They also imaged the person's laptop and a couple of other devices and were having a good rummage through the files.

      There was a big standoff between Apple and the US government about being able to unencrypt files on an iPhone with Apple refusing to create any software for that purpose. The government was very displeased and may have tapped a black budget to do it on their own. They aren't good at keeping secrets so maybe the Customs officer talked too much. Homemade Security and the Customs people aren't all that bright so maybe not.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like