GitHub - eu-digital-identity-wallet/av-app-android-wallet-ui
github.com
Contribute to eu-digital-identity-wallet/av-app-android-wallet-ui development by creating an account on GitHub.

Taken from the readme of the app on github:

The current release provides only basic functionality, with several key features to be introduced in future versions, including:

App and device verification based on Google Play Integrity API and Apple App Attestation

Additional issuance methods beyond the currently implemented eID based method.

These planned features align with the requirements and methods described in the Age Verification Profile.

There is an issue opened to remove this as it’s basically telling us that to verify our age in the EU an American corporation has the last word, making it not only a privacy nightmare but a de-facto monopoly on the phone market that will leave out of the verification checks even the fairphone (european) with /e/os.

  • vapeloki@lemmy.worldEnglish
    13·
    10 months ago

    So, let me summarize this, maybe i miss something:

    a) This is a Module/Reference Implementation not the finished app b) It is in the earliest stages of development c) it is opensource, someone could provide alternate means for device/app verification via MR d) There is no mention about “THIS IS THE ONLY WAY WE WILL DO IT”, that part is a straight out lie!

    Nothing prevents nations to implement other verification methods the googles API.

    So, what are we raging about here? People insulting developers for doing their work? People using an issue tracker like twitter? People, that do not read properly?

    Yes, the italian implementation already is tied to google, and there should be some push back, but that is NOT the fault of this project.

      • vapeloki@lemmy.world
        1·
        10 months ago

        Again, this is not an official app. It is a reference implementation.

        You can not, and will never be able to, download this app from the App store.

              • vapeloki@lemmy.world
                1·
                10 months ago

                Like what? Dude! There is no app you’re can install, so there’s no requirement for Google APIs.

                I think you have no idea what you are talking about, what the issue is, and why the scope of the project matters.

                Let me try to summarize this:

                EU policies require the ability to verify COUNTRY SPECIFIC implementations to be verifiable. The reference implementation linked above uses a Google API for it.

                Countries, that implement the actual apps are free to offer other verification methods then the Google API.

                Italy has an app currently, and this app requires this stupid Google API, yes, but that is not the above project.

                The websites will never communicate with the play services! They communicate with the APIs of the authorities issuing the state ID’s. The App must be verifiable to protect the user! We have a state ID app in Germany. It is open source and I compiled it for my Linux desktop and graphene OS based phones. Guess what, yeah, it works.

                What many are missing here: the purpose of the verification and the actual authentication workflow.

                Also, let me just cite the readme of the project:

                This is an initial version of the software, developed solely for the purpose of demonstrating the business flow of the solution. It is not intended for production use, and does not yet include the full set of functional, security, or integration features required for a live deployment.

                But we are all going crazy because some minimal example code relays on Google APIs …

                Please stop pushing such utterly wrong and confusing bullshit.