European "age verification" "app" forcing everyone to use Android or iOS(github.com)
550 points by roundabout-host 1 day ago | 393 comments
tl;dr: Yivi's NFC passport enrollment isn't as dependency-free as often claimed: it transmits the full MRZ (DG1) and facial image (DG2) to a central issuer server, which then runs face matching via Regula's third-party biometric API. While the data is transient and the issuer can be self-hosted, this still represents a central-issuer trust concentration—just a different one than device attestation, not necessarily smaller.
HN Discussion:
  • EU digital sovereignty talk ignores mobile platform dependency on US tech giants
  • ~Age verification shouldn't be pushed on anyone regardless of technical implementation
  • Government age verification apps may be better than current private-sector alternatives
  • Forcing users onto specific mobile platforms to access services is fundamentally wrong
  • ~Users should refuse and boycott these age verification systems entirely