What!? One of the thousands of separate and individually “secured” systems that you have to give your information to on a daily basis failed? But how could this be? Everyone knows having 1747627994 points of possible failure is the only way to ensure digital security!
Sovereign identity and Solid are the way. But governments will have to play a role in large scale implementation.
For some reason people seem to trust commercial organizations with misaligned incentives over governmental bodies.
The hotel check-in system, called Tabiq, is maintained by the Japan-based tech startup Reqrea. According to its website, Tabiq is used in several hotels across Japan and relies on facial recognition and document scanning to check guests in.
They left an S3 bucket open.
So is this legally different than making a photocopy of your passport? Since that is supposedly not allowed but in the moment you are asked you are obviously going to comply as you really need a place to stay. If it is not I hope this company gets into the legal drama they deserve.
Not allowed where?
His is why digital ID is bad.
No. A properly managed eid system like the EU digital wallet would be better.
You would not hand over any document to the hotel. They would as the central authority server if you are who you claim. You would get a prompt to confirm that you allow the hotel to confirm your identity. The server would respond, yes you are indeed that person. End of transaction.
No data would be left to whatever security standard (or lack there of) that the hotel has. No critical documents stored on their end.
