Get the top HN stories in your inbox every day.
toomuchtodo
kylehotchkiss
> state IDs are accepted, but not US passports and other federal identity credentials
Federal documents don't have authenticated addresses. The view seems to be that only state agencies are capable of verifying you actually live at the address on your ID (See Real ID for more context).
techsupporter
> Federal documents don't have authenticated addresses.
I wonder why that matters. If I am provably who I say I am, why is the address important?
Also, not specifically for you, but generally what about states that don't reissue IDs when someone moves? (I suppose their answer to that is "get an updated ID and try again".)
kube-system
It's important to the USPS because the reason they want to know a person's identity is for the purpose of physically delivering mail to the correct address for that person.
> what about states that don't reissue IDs when someone moves
Do these exist? I'm not aware of any state that doesn't require you to update your address when you move.
simcop2387
For mail forwarding at least, there could be two John Smiths and requesting forwarding for the wrong one would let someone steal mail easily.
hiatus
I can't imagine there is any state that lacks the option to update the address on your license after you move. Many will even send a sticker in the mail so you don't have to get a new card.
abirch
Michael B. Jordan could try to be Michael Jordan. There are many popular names out there. Heck I'd change my name to Bill Gates.
PrivateButts
Man, I know why it's a thorny topic but sometimes I really wish we had a single identity system in the states, just one card that had all your licenses on it, driving/boating/hunting/ccw, and one API to pull all that info. Our county is too cheap/lazy to reissue pistol/sar permits if you buy, sell, or transfer a restricted weapon, instead opts to give you a piece of printer paper to go with it. You have to have that paper addendum with you whenever you're handling a restricted weapon, and you're fucked if anything happens to it, and you get caught.
ie9rifikr
I'm not American, why is it a thorny topic?
jkaplowitz
> Federal documents don't have authenticated addresses. The view seems to be that only state agencies are capable of verifying you actually live at the address on your ID (See Real ID for more context).
Real ID isn’t about this. Federally issued IDs like passports and NEXUS or Global Entry cards can be used in every context where the REAL ID Act’s requirements apply to state-issued driver licenses and non-driver IDs, without any exception I’m aware of, even though these federal documents are not proof of address.
But sure, your explanation might well be the justification behind this USPS / Login.gov policy.
ethbr1
> The view seems to be that only state agencies are capable of verifying you actually live at the address on your ID
Cue state system "fun" for military folks who have a home of record they're legally-entitled to keep, despite not being resident.
fatfingerd
The US also follows its citizens everywhere like Eritrea.. Being resident in a State has nothing to do with being a US person.
chupchap
> Federal documents don't have authenticated addresses
Huh.. that's interesting. In India it's mostly the other way around. Federal document addresses are mostly verified but state level ones are not.
donmcronald
> USPS staff scans barcode, requests identity documents, performs proofing, and upon approval, the exception flow completes and whatever action you requested proceeds. In and out in 5 minutes.
This is how code signing certificates should work. Better yet, let them be issued with a simple OAuth flow through sites like login.gov where people have already been verified.
The current system is the worst of everything. It's a convoluted process with geographically and culturally disconnected people doing verification for (primarily) businesses that don't even need to be tied back to a natural person or beneficial owner. To top it off, it's ridiculously expensive for an individual or open source project.
Microsoft also plays a huge role in propping up the currently broken system by trusting EV certificates more than personal certificates even though the identity of a natural person is far more valuable than the identity of a shell company that can easily be used by bad actors.
In one way I dislike identity verification systems like this because I think it's going to increasingly disadvantage people that are already less fortunate, but in another way I hope that it can be used to improve some of the terrible processes we have to endure when it comes to identity and trust.
KennyBlanken
The reason cert and signing costs are expensive is to discourage random people from signing up for accounts they don't need, or uploading useless apps.
This sort of "price people out of being annoying or doing things they don't remotely need" technique is extremely common in society.
EV certs involve a pretty lengthy number of checks, by the way. Having a PO box isn't enough.
donmcronald
I don't have a huge issue with the expense, but I don't think it should be a requirement. I think it should be more of an upgrade. For example, let me get a personal code signing certificate for $50 per year and then treat an organizational cert as an upgrade where I pay $500 to have my business name on the cert. I could even see a case for having $5000+ high value certificates.
The problem with that is the way companies like Microsoft handle them. Instead of telling the user "this is a low value cert", they put up a massive warning telling the user their computer is going to melt down if they trust it. It makes the decision of whether or not to run something binary and it's not.
I think a system where I could sign things as trivial as PowerShell scripts would be better than what we have now. Anyone I give something like that to is going to know me personally and can easily judge the trustworthiness of what they're running by seeing my name.
> This sort of "price people out of being annoying or doing things they don't remotely need" technique is extremely common in society.
From what I see, it makes things difficult for someone trying to provide fair value and favors anyone willing to price gouge their customers. Even worse, criminal activity is extremely high margin and industrial scale bad actors have no problem paying for things like EV code signing certificates.
> EV certs involve a pretty lengthy number of checks, by the way. Having a PO box isn't enough.
And, based on my experience, it's all a big clown show. The people doing the verification are at a huge informational disadvantage because (I'm assuming) they're in a processing somewhere with minimal training and are expected to verify identities for every jurisdiction in the world. It's like me trying to verify the identity of someone in China. No matter how much training you give me, I'm probably never going to be as good at it as a local would be.
The whole system could be better. I would prefer to see something where everything starts with a personal code signing certificate for a natural person and where getting an EV certificate requires an attestation from someone with a personal certificate. My identity is more valuable than a shell company.
There's no incentive for anyone to fix it either. The platform owners benefit immensely if people abandon a standardized code signing system in favor of the signing certificates they issue for their app stores. IMO that's half the reason Microsoft abused their market position to kill AppGet. Anything that improves competition for app distribution isn't going to be allowed.
t3rabytes
> In and out in 5 minutes.
Most of my USPS experiences are great once I actually get to the desk, but it might take 45-60 minutes of standing in line before I actually get there.
PaulDavisThe1st
So, there's a great government (+) agency clearly capable of providing you with excellent service, but chronically understaffed. I wonder why that is?
(+) yes, yes, we all know that the "government" part of USPS is a bit strange, albeit not as strange as Amtrak.
pests
I always thought the USPS would be the perfect agency for more public outreach and goverment-citizen interaction.
It sounds weird when its stated, but they are the only government entity that sends an employee to your house 6 times a week. It could quickly turn distopian but I could imagine the mailman becoming your single stop for interacting with the government and its services.
DANmode
At what time of day?
tshaddox
I'm glad you had a good experience. I recently had a terrible experience with what should have been an even simpler verification process.
My wife and I ended up moving (within California) on short notice that overlapped my wife's unrelated trip out of the country. Despite very clear documentation on the USPS website about the documentation required for me to verify my wife's identity (and my relationship to her) in order to complete a Change of Address order on her behalf, the USPS employee immediately and aggressively accused me of attempting identity theft. No amount of showing him the USPS documentation about how to verify a spouse's identity would convince him.
At the second USPS office I tried, the guy was very nice, but also said that due to a high rate of identity theft they are refusing to do anything without the person there.
Luckily we only had a short interval where mail wasn't being forwarded before my wife returned and verified her identity in person, and probably didn't miss any important mail.
techsupporter
> but also said that due to a high rate of identity theft they are refusing to do anything without the person there.
This is the part of processes that annoys me the most. A company or agency will publish the rules they want people to follow, then there's a 30% chance that when I go to follow them, I will be denied because of an unpublished rule or an exception like this of "oh, well we're just not doing that right now."
The whole point of the USPS policies on being able to confirm a relationship is to avoid identity theft. If the policy is no longer going to be used then remove it! Or, better yet, update it.
ethbr1
With USPS, not to put too fine a point on it, there's also "I'm saying we're not doing this right now, because I don't want to do this work right now."
(With deference to all the other, amazing USPS folks I've worked with!)
xxpor
That's when you start throwing around terms like "CFR" and "Inspector General"
ethbr1
I've found that USPS has a vast gulf between their IT systems (generally good!) and their line workers, as well as a huge training spread from line worker to line worker.
The best approach is usually to go to another postal branch when you run into a bad egg... and/or go during a time of day that it's quieter.
dv_dt
I have always filled out change of address online with no issues. But I suppose it’s been 5-6 years since I last did this.
tshaddox
When you do it online they have some sort of risk estimation thing where you provide (if I remember correctly) a credit card and a phone number. When I completed mine online, it said I was instantly verified, but for my wife it said additional in-person verification was required. I suspect it's because she changed her name when we got married and whatever online identity service they use has a combination of her old and new names.
bee_rider
Their system is quite picky about address formatting (they ask to do a small transaction; you billing address better match the address USPS has for you exactly, stuff like RD vs road matters).
I ended up changing my billing address in my bank to exactly match what USPS wanted. Which worked, and was fine, but did leave me wondering what would prevent someone else from doing that with their own bank account if they wanted to change my address for some weird reason.
FireBeyond
ID.me was hot garbage for a long time.
Scanned my Driver's License at 200dpi.
"Unable to find a face in the image you uploaded."
Okay, 300dpi.
"Unable to find a face in the image you uploaded."
Huh.
Scan at 72dpi.
Success.
Scan back of DL at 72dpi.
"Unable to read barcode."
Scan back of DL at 200dpi.
"Unable to read barcode."
Scan at 300dpi.
Success.
What a shitshow.
SOLAR_FIELDS
Is ID.me service still run by some questionable third party company and not the actual government?
onetokeoverthe
[dead]
toss1
Does this work for a family member who cannot physically present themselves at a Post Office, e.g., due to illness or incapacity?
(looks like this is what you are reporting, but the phrasing is a bit ambiguous on that detail - thanks!)
CaliforniaKarl
The USPS in-person method is an exceptional flow; it's only used if other options are unavailable.
If someone is ill, then you should use the remote options that are already available for ID verification. ID.me has tip for friends & family that are helping with this:
https://help.id.me/hc/en-us/articles/4589202735639-Helping-f...
If a person is ill, and the normal (remote) methods don't work, my suggestion would be to reach out to the Postmaster for your local area (if you have multiple post offices in your area, there may be one Postmaster for all of them). Meet them in person and explain the situation. Before you reach out, get documentation from a local doctor to back up your case. Ask what options are available.
If someone is incapacitated, then identity verification is not going to work, but that's the point: If you don't currently have the capacity to participate in transactions, that responsibility falls to someone else (spouse, next of kin, power of attorney, court-appointed person), etc..
mistrial9
sure all that is great - but terrible side effect of the USA system is that every person must run through some gauntlet of ID systems.. two generations ago, some tax professionals and some government employees had to have super-rigorous profiles on file.. and the person agreed to that when they pursue that profession.. the dystopian parts come with the 75-year old widow with dementia or college student aka slacker has to adhere to similar standards to be basically functional.. there needs to be some middle ground, say some
toomuchtodo
Functioning identity systems are a component of a functioning government. I agree there should be very robust exception handling mechanisms to get folks on rails who fall off. Someone being able to prove they are who they say they are is only dystopian to a vocal minority.
If you don't want to drive, don't want to buy alcohol, don't want to travel internationally, etc, certainly, you can go without a state issued ID or driver's license, or a US passport. That is a choice. You're still going to need to prove who you are to rent formally, transact in real estate (buy a home with or without a mortgage), apply for state of federal benefits, obtain non emergency healthcare, etc.
nonrandomstring
> Functioning identity systems are a component of a functioning > government.
That's a very strong and parochial claim.
Good, reliable, trustworthy, functioning government has existed for between 5,000 and 10,000 years depending on which anthropology you follow.
For almost all of that time, governments have had scant legibility into the size or makeup of their population, barring a rather crude census every now and then.
Identity at individual granularity happened practically yesterday, and is still a project in progress for many nation states. It's really a function of global travel, banking systems, modern social welfare benefits and healthcare.
A well designed government does not need micro-relations with each and every citizen, but works fine in aggregation, devolved autonomous subsystems and heuristics.
The "Government needs to know all about you" is a technocratic conceit less than 100 years old.
ComposedPattern
> Someone being able to prove they are who they say they are is only dystopian to a vocal minority.
There are plenty of non-dystopian ways for people to do that. I was able to prove that I'm ComposedPattern by typing my password. For a higher-stakes identity, I might provide biometrics or show that my appearance matches a previously-provided photo. Those things are possible without involving the state. In fact, it might surprise you to learn that people got healthcare and paid for housing before the early 20th century! The government doesn't enable people to prove who they are. It forces people to use a single state-controlled identity for, at first, just government services... then finance, then healthcare, then transportation... and now there are bills being proposed everywhere to require government ID for "age verification" to use porn sites or "social media".
kccqzy
Traditionally speaking, the United States did not agree with that. People argued against a national identity system, and even when SSNs first appeared it was stipulated that they not be used for identity.
That said I personally agree with you.
toast0
> transact in real estate (buy a home with or without a mortgage)
FWIW: buying with owned funds is easy, selling is hard. Sellers don't really care about identity verification as long as the funds are good. OTOH, buyers/lenders/title insurance issuers do want the sellers' identities to be solid, because if they transacted with the wrong person, they are going to have a bad day. Lenders probably also want the buyer to be well identified, because it'll be a mess if not.
mistrial9
> Someone being able to prove they are who they say they are is only dystopian
it is intellectually dishonest, or motivated reasoning as they say, to imply that I said anything to the contrary. Perhaps you can reconsider that assessment of the comment ?
renlo
> the dystopian parts come with the 75-year old widow with dementia [...] has to adhere to similar standards
I don't mean to strawman, but, isn't this all to prevent the 75-year old widow from losing her retirement savings by scammers? Don't let perfect be the enemy of good, sure there are issues, but there needs to be something.
mistrial9
this is a great point and absolutely a real problem.. the specific person I was thinking of, is getting phone calls daily on her new iPhone from strangers.. In the past, a licensed professional of some kind would be an intermediary over a committed period of time..
wayfinder
Pretty sure this is by design, not by a side effect. National ID systems are not super popular.
Inefficiency is strangely sometimes the only reliable way to prevent consolidation of power.
hef19898
>> National ID systems are not super popular.
In the US maybe. Every other developed country has them, one way or the other.
Ridj48dhsnsh
So how would that work if the IRS requires ID verification for my taxes and I live on the other side of the world, usually visiting the US every 2-3 years?
toomuchtodo
Remote identity proofing, either automated to confirm liveness or with a video call. Takes about 3-5 minutes in my experience.
https://help.id.me/hc/en-us/articles/8214940302999-Internal-...
You bring up an interesting edge case though. I will reach out to my State Dept folks to ask about supporting Login.gov identity proofing IRL at embassies and consulates for expats.
kylehotchkiss
Embassies are supposed to be helpful for this matter. I spent a few years abroad and needed to file ITIN paperwork for spouse and we went in together to get a certified photocopy of their passport for about $50. The IRS accepted this as binding as an American document.
That said, the IRS doesn't really want you on their sites if you don't have a US address. I struggled to get transcripts on the site (but they allow you to submit written requests for them). This is a reasonable thing for the IRS to implement given the significant interest in fraud from their systems from people overseas.
taway_6PplYu5
>the IRS doesn't really want you on their sites if you don't have a US address. ... This is a reasonable thing for the IRS to implement given the significant interest in fraud from their systems from people overseas.
Except that US tax law also requires that all US persons, worldwide, to file US tax returns (note: this is a superset of US citizens).
So if the law applies to expats and to anyone who has ever applied for a green card even if denied or not used or not revoked, then the system needs to support worldwide access.
jkaplowitz
The current IRS online account system with ID.me does allow signing up with foreign addresses, and then you can download transcripts there.
Your struggles were probably with the previous system, which only allowed creating an account with a US address. It did however allow placing an online request without an account for a transcript to be mailed to a foreign address. I did this successfully myself and received the mail in Canada.
lxgr
This used to be what everybody in Germany had to do to open a bank account or request a new credit card, until the alternative of KYC by video call became popular.
It's not efficient by any means, but in my view it beats the US practice treating an SSN as a password, together with bizarre "security questions" sourced from public records that some banks use as a "verification method". And no, "phone number verification" (that really only works for phone numbers with the big three mobile carriers) should also never have been a thing.
I really, really hope to see a usable-by-everyone identification method one day, as opposed to "usable by enough", with a sizable fraction of the population just being denied access to credit, banking, and more, just because they don't exist in the expected form in some creepy data miner's database.
Ironically, German ID cards support exactly such a method: You can just tap it on your iOS or Android phone for a "qualified electronic signature" as defined by EU law. And as a non-citizen, you can now finally get an "e-ID only" card, so nobody is excluded from that scheme! Unfortunately, I don't know a single person that remembers their six-digit PIN that's required for that feature...
nicbou
These systems are remarkably hostile to recent immigrants.
PostIdent (go to post office, get verified, send confirmation by mail) does not support Indian passports, among many others. The video replacement has the same flaw. You are legally entitled to a bank account, but a large portion of immigrants are left out.
Many banks now require a plastic residence permit. In Berlin it takes a few months to arrive. How do you pay your rent while you wait?
The residence permit is an eID, but I don't know anyone who activated it. You get an activation code weeks before the permit arrives, but it doesn't explain why it's useful and the activation requires an in-person visit somewhere. So I'm told; I have not activated mine.
Soon they want to use the eID for the address registration. This would save everyone an in-person appointment... except immigrants who must register long before they get a residence permit.
Fortunately, there are old Germans who must also be accounted for, so old-fashioned bureaucratic services exist in parallel.
France allegedly has a good method: the postal worker knocks at your door and verifies your identity.
hef19898
How do ypu pay your rent? Good question, but I have an even better one: How do you get your salary without a bank account in the first place?
As a side note, it is kind of funny when Indians complain about German bureaucracy.
nicbou
I'm not Indian, but I help people immigrate for a living.
There is no straight answer. It's just complicated. You either send money through another channel, or choose from a smaller selection of banks until you get a residence permit. I can't answer so easily because I opened my account 8 years ago and things got harder since then.
rafram
Say what you want about Indian bureaucracy, but Aadhaar is a good example of a system that’s been designed to be accessible to every single segment of society, even people with minimal documentation or little access to technology at home. EU bureaucracy (and German bureaucracy in particular) doesn’t even try.
overlordalex
That's if you even got a pin in the first place!
I discovered this recently when I wanted to use the gloriously named AusweisApp2 (ID app 2, superseding a PC app which was at least forward thinking enough to be called ID app 1).
In theory it's simple to request a new pin - you can even do it within the app! However I've moved since I acquired the card, and so instead of the reset mails going to my registered address, I can only assume they went to the address stored on the card. And in a catch-22 of course you can only update that with a pin...
But no worries, you can simply book an appointment at your nearest buergeramt to have a pin reset in person; except there are no free slots in the next 3 months.. anywhere!
I needed documents for a new visa, which should give me a new card (and hopefully a new pin!), which ultimately turned out to be faster to do than trying to sort out the damn pin
miki123211
Poland does this too, if you want to create a trusted profile (essentially an SSO account for government services), in-person verification at a post or municipal office is an option.
A far more popular option is logging in via your bank, which is an excellent idea IMO, as they already have your data anyway and can usually verify that it's you with fairly high confidence.
lxgr
> A far more popular option is logging in via your bank
The US has that too, in a way – I've once had a call center agent of a prospective new bank call my existing bank and have _them_ verify my identity on the line!
Of course, that identification then was also only the usual "what's your dog's zodiac sign" and "which gives you more goose bumps, nails on chalkboard or fingers on unpainted concrete".
hellotheretoday
A fun anecdote from those “security questions”
I bought pet insurance at one point for a dog and now I regularly get quizzed on pet names when I get those questions. It will be things like “have you ever owned a pet by the name of a b c” and the answers are absurd because they are pet names.
The best one was Ulysses S Twinkletoes. I still have a screenshot of that years later
YeBanKo
Why is it not efficient though? How many times do you need to open an bank account? Once every few years. And I think you need to do it once to establish a relationship, once you have it, opening an additional account would not require another trip. Seems reasonable and secure.
lxgr
> How many times do you need to open an bank account? Once every few years.
This is exactly why European banks aren't offering market-level deposit interest rates. KYC friction like this introduces a huge market entry barrier.
It should be perfectly normal to open a new bank account with a new bank online!
YeBanKo
The US banks aren’t exactly eager to offer market level interest rate either. KYC has very little to do with deposit interest rate. They don’t have to, so they don’t.
cesarb
> Unfortunately, I don't know a single person that remembers their six-digit PIN that's required for that feature...
IIRC, enabling that feature is optional (disabled by default), and if you never enabled it, you don't even have that six-digit PIN.
lxgr
As far as I know, it's now mandatory, i.e. you'll receive a random PIN in the mail after requesting a new ID card whether you want to use it or not.
pests
> together with bizarre "security questions" sourced from public records
I just had one the other day give me a multiple choice option for the last 4 digits of my SSN. The same SSN I had free form typed into a box a half page up.
foogazi
This is great example of the USPS as the federal government store front. They already handle passport appointments.
I’d like to see options for the unhoused and unbanked:
Homeless people get ID verified, get virtual mail access: all mail scanned and available online, physical mail at closest zip
Low income unbanked get access to free banking options
CaliforniaKarl
The USPS piloted a postal-banking program last year, in four post offices: https://federalnewsnetwork.com/agency-oversight/2022/04/usps...
It would be awesome if that could be expanded!
Mail scanning is a service already provided by private companies. For example, a random search returned this result for a store in Los Altos (near Mountain View): https://www.villagemailcenter.com/Products-Services/Digital-...
It would be awesome if a community-services provider could set up something similar, but it's worth noting the USPS does have two services which might work:
• https://faq.usps.com/s/article/Is-there-mail-service-for-the...
supernova87a
The stupid thing is that (I understand) the USPS is prohibited by law from offering such services. Go figure.
lxgr
That's truly ironic – in Europe, the giro/wire transfer system has its roots in the postal service in many countries!
In the US, a similar thing happened for American Express and Western Union, which also started out as postal and telegraph service providers before they became financial service providers.
YeBanKo
I would like USPS issue an unalienable e-mail addresses. Ideally, I want to be able to use an email provider of my choosing, but MX records does not allow configuration of email server per address. So realistically, email relay.
atonse
I'm a huge fan of login.gov – It's just really nicely implemented, simple to use, accessible, and I love their reuse of well thought out ideas in the Federal Government of IALs (Identity Assurance Levels).
I hope this system expands further, and even that local governments also start to use it.
supernova87a
They should expand this service to make the USPS some profit, and offer to banks, credit cards, real estate, city/state governments, etc. to combat the rising (maybe perceived, but certainly lots of real) problems with proving someone's real identity and fraud.
The virtual world has opened up new channels for fraud and it seems government is just way behind on this. Almost to the level that some institutional trust is starting to break down (not to be too exaggerated about it though). (see pandemic relief funds)
ineptech
Very cool, I hope this gets widespread enough to become the default way to prove identity online. I know a lot of people are very concerned about preserving the right to be anonymous, but it should be equally concerning that it's difficult to not be anonymous without involving a giant corporation.
Would it be too much to ask for a Keybase style app on top of this? One can hope...
AdamJacobMuller
That was my first thought with too.
I hope it doesn't become the default for most sites (which have no need for your actual identity) but for many use cases I can see the need for varying levels of identity tied to your real identity.
Minimally, login.gov could issue a (globally) unique token which they will only issue one per user per site, which would effectively allow the site to enforce a 1:1 human:account ratio (or at least know which accounts are linked to which humans) without disclosing any actual details of the human.
tzs
> I hope it doesn't become the default for most sites (which have no need for your actual identity) but for many use cases I can see the need for varying levels of identity tied to your real identity
Varying levels is probably the right approach.
For most sites all they need to know when I create an account is that I control the email address that I am using to sign up. If I ever again need to prove my identity to them proving that I receive email at that address is good enough.
For the site that provides my email address they need something other than email to identify me.
If I'm using an email provider that lets you bring your own domain, they could use proof that I control the DNS for that domain as proof of identity.
How to prove identity to my domain registrar? I could use an email address that is not hosted somewhere that depends on my proof of domain ownership, like gmail or my ISP, but that is probably not a good idea. Ultimately, my ability to prove my identity at most sites would depend on proving identity to my domain registrar (or to my email host if I don't have my own domain), and so making that depend on remaining in good standing with Google might not be wise.
What we need for proving identity to a domain register (or an email provider if you don't have your own domain) is something that we can be sure we can rely on, because in the worst case when you've been massively hacked and your identity has been stolen at multiple sites and services that is going to be the identity proof you count on to let you recover everything else.
For that something like the USPS identity service would be great.
TheHappyOddish
95% of the worlds population are not in the US, and I expect most of us have no interest in handing our personal data over to an entity that had proven over and over it can't even avoid abusing its own citizens data, let alone foreigners.
ratg13
The system only works for US residents.
If you’re a US citizen that resides abroad, you’re already denied a login.
It’s a good start, but it’s a long way from being a “default”
jdblair
This is way better than the "20 questions" identity verification that works by asking you multiple-choice questions about your credit report. I have about a 80% success rate with those.
SoftTalker
Shouldn't the service be called "Identity Proving" ?
"Identity Proofing" makes it sound like something that prevents you from being identified.
mttjj
It sounds right to me. I think definitions 1 and 3 of the noun form of the word apply here.
YeBanKo
This is how it should be done for mission critical stuff. We already invest in USPS infrastructure, this is a good use for it. I don’t want another id.me to use a gov service.
undefined
User23
The Post Office is definitely the most pleasant interaction most Americans will ever have with a federal agent.
Although I will tell you, don't ever eff with a postal inspector. Those people have police powers that could make a game warden salivate.
nlawalker
Somewhat related: you can request your US federal-level rap sheet (“Identity History Summary”) from the FBI for a small fee, commonly done as part of an application process for a long-term visa abroad. If you use their online form to request it, they’ll give you a barcode you can take to a participating post office, where they will collect your fingerprints digitally.
https://www.fbi.gov/how-we-can-help-you/more-fbi-services-an...
Get the top HN stories in your inbox every day.
Recently had to perform this for a dependent family member due to online identity proofing failure when attempting to setup mail forwarding online. Super simple process. USPS provided a barcode via email, you can print or display on device. USPS staff scans barcode, requests identity documents, performs proofing, and upon approval, the exception flow completes and whatever action you requested proceeds. In and out in 5 minutes.
https://www.login.gov/help/verify-your-identity/verify-your-...
Really excited as this rolls out fully for Login.gov high IAL (identity assurance level) use cases (ie IRS logins). If someone from Login.gov can comment on why state IDs are accepted, but not US passports and other federal identity credentials, I would be interested!
(tangentially, behold, your government and two exceptional public goods [Login.gov and USPS] working for you efficiently and in public)