It occurred to me the USA might do something similar in the future and let the banks authenticate and verify identities.
(The $1200 CARES Act stimulus payments were automatically wired to those who previously authorized the IRS to post their tax refunds to their banks.)
> actually verify the users
Maybe you can harness existing Public Notaries instead of using online banking? The USA has over four million Public Notaries who can "witness" and verify identities. For example, a user can pay for a Public Notary to come to his house. The Public Notary reviews the user's government provided identification and issue them an official E-ID and a encryption USB key like Google Titan Security key. The Public Notary can record this transaction in a government database so that there is a trail of who received the Titan key and who provided it.
We don't have public notaries as such and it would still 1. be a system that places trust in humans (which is easily exploitable) and 2. not free for the end users.
I mean, I think it's some ten cents per auth through a bank, if you'd have to invite a notary or visit them every time you want to auth, it'd definitely cost more than that.
I was thinking of a combination of biometric ID, physical card with NFC or USB and a pin or a password. Biometric info is hard to spoof, but not entirely impossible which is why ust stealing the ID card or biometric info shouldn't be enough, you'd need some type of password. Once the user provides all three, you'll know that physically that person carries the aforementioned identifications and is like whom they claim. These would be used to encrypt and unencrypt hashes, meaning that other individuals can also use the hashes to make sure they're contacted by or contacting themselves the correct person they meant to.
We'd also need to implement a way to manage permissions for other users to manage our own data. If you're for example physically incapacitated and want your caretaker to be able to access some services, you could add their hashed identity as an allowed entity and decide over which services and features they can see and/or edit.
It occurred to me the USA might do something similar in the future and let the banks authenticate and verify identities. (The $1200 CARES Act stimulus payments were automatically wired to those who previously authorized the IRS to post their tax refunds to their banks.)
> actually verify the users
Maybe you can harness existing Public Notaries instead of using online banking? The USA has over four million Public Notaries who can "witness" and verify identities. For example, a user can pay for a Public Notary to come to his house. The Public Notary reviews the user's government provided identification and issue them an official E-ID and a encryption USB key like Google Titan Security key. The Public Notary can record this transaction in a government database so that there is a trail of who received the Titan key and who provided it.