Apple presses ahead with aim to replace paper passports and ID with iPhone

Posted:
in iPhone edited April 8
Apple is continuing to research how to ensure the identity of someone presenting an iPhone to a passport official, or using any other digital ID document.

Spot the difference - one of these is entirely digital, but the other two already include digital elements
Spot the difference - one of these is entirely digital, but the other two already include digital elements


This is coming -- your passport, drivers' licence, and probably all paper ID is going to go digital. The iPhone has already replaced everything from wallets to compact mirrors, and if it doesn't know when ID will make the move to digital, Apple is certain it's going to happen.

The company has already applied for multiple patents on related issues, including how an official can request what ID data from an iPhone. Now a newly-revealed patent application is concentrating on authenticating that the person holding an iPhone with digital ID is the real owner.

"User authentication framework," is about how to "securely perform a user authentication" when asked by "an issuing authority."

"[This patent application] describes embodiments in which a person may present identification information through a mobile device instead of presenting a traditional form of identification," says Apple. "[It] begins with a discussion about storing identification information (e.g., of a passport, driver license, government-issued ID, student ID, etc.) on a mobile device... [And] then describes an authentication framework for performing a user authentication at the mobile device."

The issues, detailed in around 13,000 words of patent application, range from the communications protocols, through secure storage, and on to making the process "tamper-resistant."

Apple does not want to limit its patent application too specifically, but for examples of communications protocols, it does refer to both NFC and RFID. It also describes the use of a biosensor -- such as Face ID -- to authenticate the user, plus a secure enclave to hold private data.

Detail from the patent showing a simplified process for authenticating ID
Detail from the patent showing a simplified process for authenticating ID


Nicely, it also discusses just how much information to give up when asked. Just as payment systems today can ask Apple's T2 chip to confirm identity and that processor will solely return a yes or no, so ID could sometimes work the same way.

"[For instance], the mobile device may perform an authentication," says Apple, "that includes the secure element confirming whether a holder of an identification document has an attribute satisfying some criterion without providing that attribute (or at least providing some information about that attribute without providing all information about that attribute)."

"For example, in one embodiment, a person may be attempting to purchase an item that requires the merchant to confirm whether an age of the person satisfies some threshold value," continues Apple. "[Rather] than having the user present the identification document (e.g., a driver license), the reader of the merchant may ask the secure element to confirm whether the user of the mobile device is old enough to purchase the item."

If the owner has been positively identified by, for instance, Face ID, and if their date of birth is stored in the secure enclave, the vender just needs a thumbs up or thumbs down. "In doing so, the mobile device is able to protect a user's identification information, yet still adequately answer the merchant's inquiry."

Most of the patent application's detail describes more complex scenarios, or where much more information is needed. At passport control, for instance, a user's full ID may be crucial -- but so is the need for that user to be certain they're talking to authorized officials.

So the patent describes different combinations of security keys and authentication, where both user and official have their ID authenticated.

If it sounds as if digital ID is at risk of being stolen, it is. But that's why Apple is sweating these specific details. And if it doesn't want to point out that your passport can be taken from your hands, it does want to note that we already have digital ID.

"For example, modern passports (called e-Passports) may include an electronic chip that stores a passport holder's name, date of birth, and other forms of information," says Apple. "When a person is passing through customs, the person may present the passport to a customs officer, who places the passport on a reader to extract information stored in the passport."

"Upon verifying the information printed on the passport against the internally stored information, the officer may confirm the identity of the holder and allow the holder passage through customs," it continues.

Having that confirmation instead take place between the customs system and the user's iPhone, unlocked with Face ID, is immediately going to be more secure.

This patent application is credited to three inventors, including Ahmer A. Khan, who previously worked on a related filing about securely presenting ID wirelessly.

Stay on top of all Apple news right from your HomePod. Say, "Hey, Siri, play AppleInsider," and you'll get latest AppleInsider Podcast. Or ask your HomePod mini for "AppleInsider Daily" instead and you'll hear a fast update direct from our news team. And, if you're interested in Apple-centric home automation, say "Hey, Siri, play HomeKit Insider," and you'll be listening to our newest specialized podcast in moments.
patchythepirate
«13

Comments

  • Reply 1 of 41
    iOS_Guy80iOS_Guy80 Posts: 451member
    Sign me up.
    Beatsjeffzachariaswatto_cobra
  • Reply 2 of 41
    Just wait. You know the Luddites are going to scream and cry "Hack! Fraud!", as is their want, to prevent this from moving forward.  And we will all be stuck back in the 20th Century for the next 200 years.
    edited April 8 jeffzachariaswatto_cobra
  • Reply 3 of 41
    This will have as much chance of being passed into law in the USA as there is for the move to allow voting by phone. Meanwhile... There are places that are (or already have) moved to allow Voting by phone (Estonia) and will be looking at replacing paper passports with electronic ones very soon.
    boxcatcherwatto_cobra
  • Reply 4 of 41
    dewmedewme Posts: 3,425member
    I agree with Apple. It's going to happen, but it'll require some education, more-eyes-on-it scrutiny, and pull demand. By "pull" I mean that continuing along the current path with outdated methods creates an untenable impediment and gross inefficiencies that can no longer be tolerated. Those who need to move forward and break the logjam will seek out, or pull, solutions to solve their problem.

    Tech companies like Apple must be prepared for the time when government agencies start pulling, or demanding, a solution. It won't be Apple or any tech company pushing their technology on government agencies. But as we all know, there's always a bit of subtlety to persuasion ... so allowing the government agencies to "take credit" and declare victory for a solution that was handed to them by someone else helps move things along. Apple knows this and will be ready for the handoff and transfer of credit.

    My last 2 passports have been e-Passports, which are great for streamlining the customs processing significantly. The US and Canada NEXUS program uses biometric authentication to greatly speed customs processing. Programs like TSA-Pre greatly improve check-in times by establishing trust relationships. Some states, Georgia included, require a fingerprint to issue a drivers license, which is obviously digitized and stored for recall. There is already momentum to move things forward with the aid of technology, trust based relationships, and biometrics. It's just a matter of technology providers like Apple learning all the dance steps, protocols, and formalities of working with the agencies involved, which still have a few luddites hanging around, but their dinosaur days are numbered.
    patchythepirate
  • Reply 5 of 41
    If the passport data is locally stored on the iPhone that is fine, but it should never touch Apple’s servers, or anyone else’s.

    Identity theft is my major concern here, as a passport itself is hard to duplicate.

    I reckon this would also be much more practical if the iPhone can go in “ultra low power mode” and serve basic functionality such as identification, in that mode.
    Not being able to identify with close to 0% battery at the end of the day is not a viable solution.
    mtanikapatchythepirate
  • Reply 6 of 41
    avon b7avon b7 Posts: 5,597member
    I'm not sure if Apple should be trying to get in on this in this way.

    IMO, it is the issuing bodies who should be (and in fact, already are) working on this. It should be a standards based and preferably with wide consultation within the industry. 
    boxcatcher
  • Reply 7 of 41
    boxcatcherboxcatcher Posts: 212member
    First, until Department of Homeland Security updates REAL ID regulations (neither a simple nor fast process), this really doesn’t matter.

    US citizens cannot board a plane unless they show REAL ID-compliant identification, and the current statues say nothing about digital identification.

    Second, once DHS does its thing, each State will need to wire up their DMVs (et al) to do adopt the standard. This, too, will not be a fast process.

    Nationwide, interoperable digital ID is at least a half decade away. Welcome to bureaucracy.
    edited April 8 patchythepirateAMcKinlay21williamlondon
  • Reply 8 of 41
    If it can be made secure from identity theft, cloning, hacking etc. Yes please.

    Currently I have to have with me

    Passport
    Country ID card
    Health card
    Driving license.


    Plus obviously credit cards.
    patchythepirate
  • Reply 9 of 41
    BeatsBeats Posts: 1,929member
    Apple will do this RIGHT and Android will introduce a buggy, insecure version for their Knockoffs and the usual iKnockoff morons will scream “Apple hasn’t innovated in years!”

    Or imagine Samsung crapping out a version just to continue their trend of brainwashing their iKnockoff fan base?

    With Apple doing things RIGHT, I imagine Tim Cook is looking to the future and they have even tighter security planned for the next few iPhones. Maybe better FaceID? FaceID plus TouchID?
    patchythepirate
  • Reply 10 of 41
    dewmedewme Posts: 3,425member
    avon b7 said:
    I'm not sure if Apple should be trying to get in on this in this way.

    IMO, it is the issuing bodies who should be (and in fact, already are) working on this. It should be a standards based and preferably with wide consultation within the industry. 
    I agree, but standards bodies are usually supported by member companies who bring a lot of their own technology (and resources) to the table. I’ve worked on four ratified international standards and each one had big players bring their own stuff to the working groups, at least as a starting point. 

    Anything Apple learns on their own would help move the standard body’s working group along more quickly or at least serve as a functional reference, assuming Apple joins in, which they most certainly would. 

    But yes, doing something this far reaching is definitely something that should be standardized. Another positive side effect of standards based approaches is that it allows competitors to cooperate in a non adversarial way, allows input from academic institutions (which aids adoption), and gives smaller players a bigger say in the outcome (removes the steamroller effect). The downside is usually the increased length of time it takes to move the whole process to being ready for deployment. 
  • Reply 11 of 41
    eightzeroeightzero Posts: 2,601member
    Always good to have alternatives, but even if all the required approvals, authorizations, tech, security is worked out, I would never, ever rely on this exclusively. Sure, ID on my phone, but in the other pocket are the paper documents. 

    off topic: the report is Tim claimed we should be voting in the US on an iPhone. That will not ever happen, and is perhaps the most naive thing I've heard attributed to him. 
  • Reply 12 of 41
    darkvaderdarkvader Posts: 463member
    Bad idea.

    If you cross international borders, you should WIPE any device you're carrying first.  Sign out of any "cloud" services, and nuke the storage. 

    Then once you're past border controls you can pull data you need for your trip back in. 

    It's the only reasonably secure way to cross international borders since your privacy rights generally don't apply at customs.  Any border crossing documents you need should be on paper. 

    The only way this would be even remotely safe is if you carry a separate device that you use only for your digital border crossing documents and NOTHING else.
    leehammpatchythepirategeorgie01williamlondonOctoMonkey
  • Reply 13 of 41
    mtanikamtanika Posts: 5member
    If the idea passes ... while displaying the secure data, the phone should lock. So if the officer requests the device, it would be locked !
    Not paranoid ... I explained this to GEICO on their digital Insurance cards ...
    leehammpatchythepiratewatto_cobraOctoMonkey
  • Reply 14 of 41
    hentaiboyhentaiboy Posts: 1,225member
    Beats said:
    Apple will do this RIGHT and Android will introduce a buggy, insecure version for their Knockoffs and the usual iKnockoff morons will scream “Apple hasn’t innovated in years!”
    You must sleep better at night knowing that LG is exiting the mobile phone market. 
  • Reply 15 of 41
    A bit hyprocritical since Mac's still don't have NFC reader and one on iPhone only recently started to become useful...
    williamlondon
  • Reply 16 of 41
    Plus patented system for global identity system sounds like hell. Apple will surely want to cripple it somehow so it only works well with iDevices or something like that.

    I'm all in for cryptographically improving Id cards, etc. Carrying passport when travelling isn't too much of a hassle. Id or drivers licence a bit more annoying. Hence it needs some sort of layered approach. Supermarket doesn't need to know more than my DOB, while border worker probably needs more info...

    Obviously such data can't be stored on device itself but on a secure cloud storage. Which begs the question of who or where it will be stored (especially when you've got dual citizenship, etc). Who can access it (I'd say argue ANYONE as iDevice provides the temporary cryptographic key to access certain access - basically same how OAuth works)?
    edited April 8
  • Reply 17 of 41
    mtanika said:
    If the idea passes ... while displaying the secure data, the phone should lock. So if the officer requests the device, it would be locked !
    Not paranoid ... I explained this to GEICO on their digital Insurance cards ...
    Very good point!
  • Reply 18 of 41
    kkqd1337kkqd1337 Posts: 324member
    Might sound continent but how do we really want to be digitally scrutinised at every port?

    I think Apple could spend its time better 
  • Reply 19 of 41
    Design logic is most important, Apple "change things, they push the human race forward"
  • Reply 20 of 41
    radarthekatradarthekat Posts: 3,317moderator
    eightzero said:
    Always good to have alternatives, but even if all the required approvals, authorizations, tech, security is worked out, I would never, ever rely on this exclusively. Sure, ID on my phone, but in the other pocket are the paper documents. 

    off topic: the report is Tim claimed we should be voting in the US on an iPhone. That will not ever happen, and is perhaps the most naive thing I've heard attributed to him. 
    How is it naive to say we “should?”  I could understand you thinking it naive to say we “will be” by some stated date.  
Sign In or Register to comment.