Remix clone Hacker News

What you describe is called QES (Qualified Electronic Signature) and is still widely used to validate identities.

Unfortunately it is not enough to prove an identity (you could be using the credit card of your traveling uncle) and regulation requires for it to be combined with another proof.

I see a lot of people associating identity verification with evil intent (advertising, tracking).

I work in this domain and the reality is a lot less interesting: identity verification companies do this and only this, under strict scrutiny both from their customers and from the regulators.

We are not where we want to be from a privacy standpoint but the industry is making progress and the usage of identity data is strictly regulated.

▲

DrillShopper 4 days ago | parent [-]

As someone looking in from the outside: what regulations govern this type of work?

▲

whiplash451 4 days ago | parent [-]

In EU: eIDAS and ETSI.

In the US: BIPA started in Illinois and is expanding to other states.

BIPA sets a brutal bar in terms of regulation.

	▲	DrillShopper 4 days ago \| parent [-]
		Okay, that makes sense. I'm in a different regulated industry (healthcare), so we have a lot of different international standards there, and wondered how that worked in a different space.