this post was submitted on 04 Mar 2024
742 points (97.9% liked)

Technology

60029 readers
3583 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 40 points 9 months ago (5 children)

What exactly is a KYC selfie? Is it a photo of an ID card? I figured out WUI is WebUI. The author uses some strange acronyms I never heard before.

It's very American that they can steal your identity with just one photo. My European state issued ID has data on both sides, so if someone would take a photo of it won't be enough for anything. Also if you loose it you just get a new one and noone can use the old one for anything.

[–] [email protected] 35 points 9 months ago

KYC is Business/Finance lingo - "Know Your Client".

Yeah the fact that exposing one number/piece of information puts you at risk to a significant amount of other information about you being exposed is peak USA.

[–] [email protected] 14 points 9 months ago (1 children)

KYC is "Know Your Customer" aka identity verification. Usually it would be something like a selfie of you holding your ID, proving you are the person on the card. If you think getting your identity stolen from one picture is bad, wait until you learn about social security numbers. It's a 9 digit number based on publicly available information about you that is incredibly easy to figure out, and are used as like the defacto way of verifying your identity in the US, when that was never its intended purpose.

[–] [email protected] 1 points 9 months ago (1 children)
[–] [email protected] 2 points 9 months ago

Here is an alternative Piped link(s):

Relevant CGP Grey

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I'm open-source; check me out at GitHub.

[–] [email protected] 10 points 9 months ago (2 children)

KYC = Know Your Customer, a team I just learned recently. It’s primarily related to financial transactions, to make crimes like money laundering or terrorism financing harder. Up until relatively recently this was something that primarily happened face-to-face, and it doesn’t seem like good controls have been developed for online use.

I think some ID cards are single-sided, some are double-sided. One of the big problems is most Americans only have a state-issued ID, not a federal one, and the standards vary from state to state. They’ve tried to address this some with minimum standards for state IDs (mainly driver’s licenses) under a program called Real ID (enacted after 9/11 hijackers got state-issued IDs for false identities), but it was still optional for certain purposes, at least until recently. In my state for a long time when renewing your driver’s license it was optional to do the extra paperwork for a Real ID, but then there would be a note on the top that it was not valid for federal identification purposes, such as accessing certain government facilities or boarding an airplane. Since I have a passport I’ve never bothered with it, but it looks like this year getting a Real ID is mandatory when getting or renewing a driver’s license in my state.

[–] [email protected] 6 points 9 months ago

Minnesota just extended it to 2025 again. I can't get into federally secure buildings, but I can board a plane.

And until I can't, I'm not going to. Part of me likes to think they haven't mandated it yet because I'm holding out.

Which is really because of pure laziness than actual protest

[–] [email protected] 4 points 9 months ago (1 children)

It's mostly a religious thing. The "left behind" Christians believe a federal ID is the "Mark of the Beast".

[–] [email protected] 4 points 9 months ago

Probably "know your customer" selfie. Might be a picture of their ID, a picture of themselves, or a picture with both them and ID.

[–] [email protected] 2 points 9 months ago* (last edited 9 months ago)

Author here. A "KYC Selfie" is a selfie photo where you hold-up a State-issued photo-identity document next to your face. This is not a US-specific thing; it's also used in the EU.

I used to work for a bank in Europe where we used KYC seflies for authentication of customers opening new accounts (or recovering accounts from lost credentials), including European customers. Most KYC Selfies are taken with a passport (where all the information is on one-side), but if your ID has data on both sides then the entity asking you for the KYC seflie may require you to take two photos: showing both sides.

Some countries in the EU have cryptographic authentication with eIDs. The example I linked-to in the article is Estonia, who has made auth-by-State-issued-private-key mandatory for over a decade. Currently MEPs are deciding on an eID standard, which is targeting making eIDs a requirement for all EU Member States by 2016.

I recommend the Please Identify Yourself! talk at 37c3 about the state of eID legislation as of Dec 2023 (and how to learn from India, who did eID horribly wrong):