Google Wallet Unveils Plans to Develop a New Digital ID System By Digitising US Passports

“People are increasingly looking for ways to digitize everyday items — with one of the top requests being a digital ID.”

Google, owner of the world’s most widely used mobile operating system, web browser and app store, is planning to launch what Reclaim the Net describes as “one of the most controversial technologies in the world”: digital ID. On its developer blog, Jenny Cheng, vice-president and general manager of Google Wallet, unveiled plans for a new type of digital ID based on US passports. Cheng couches the initiative, currently in beta testing, as a response to grassroots demand, rather than Google looking to further expand its outsized footprint in our everyday lives:

People are increasingly looking for ways to digitize everyday items — with one of the top requests being a digital ID. Last year we began rolling out the ability to save select state-issued digital IDs to Wallet. Starting soon, we’ll begin beta testing a new type of digital ID in Google Wallet, giving more people in more places a way to create and store a digital ID, now with a U.S. passport. This new ID pass works at select TSA checkpoints, saving you time and stress at the airport when you’re traveling domestically.

Besides TSA checkpoints, Cheng says Google is working with “partners” to broaden digital IDs’ scope of application to more and more situations, such as car rentals, account recovery, and age and identity verification. The potential online and offline applications are almost endless, as the World Economic Forum’s ubiquitous 2018 infographic shows:

Google’s users will also be able to create an ID pass by selecting the “create an ID pass with your U.S. passport” option in the Google Wallet app. Getting started sounds disarmingly simple: just scan the security chip in the back of your passport, take a selfie video to verify your identity and within minutes your Google ID pass is ready to go.

No More Need for Physical Wallets

The “origin trial” of the new tech involves what its developers say is a new web platform API (“Digital Credentials”) that will allow sites to request verifiable information via digital credentials from a digital wallet (e.g., national ID card or driver’s license). Once the system is fully up and running and the necessary government legislation is in place, the phone will do just about everything, gushes Alan Stapelberg, group product manager at Google Wallet in another blogpost:

Imagine starting a vacation like this: You arrive at the airport and breeze through security by tapping your phone to a reader, scanning your boarding pass and ID. While waiting to board, you grab a drink at an airport bar, tapping your phone to prove your age. When you arrive at your destination, you find your rental car and leave the lot without stopping for an in-person ID check because you already provided the necessary information in the rental car app. You check into your hotel online and your key is issued straight to your digital wallet. You do all of this with your phone — no physical wallet required.

This may feel futuristic, but it could be reality soon. In fact, today people with select U.S. state-issued IDs are able to present their ID in Google Wallet to go through TSA checkpoints in dozens of U.S. airports…

Google is not the only tech corp dreaming of a physical wallet-less world. But what happens if you lose your mobile phone or have it stolen? Or it stops working or runs out of battery? Or a global IT outage occurs like the recent Crowdstrike crash, bringing the digital world to a shuddering, useless halt? Or a natural disaster like the recent typhoon Yagi that ripped through China’s Hainan province, resulting in an hours-long power outage?

Brussels Leading Way

Apps like Google Wallet can already be used for mobile driver’s licenses (mDLs) in a number of US states, including California and Arizona, notes Cheng. She also mentions the EU’s eIDAS 2.0 advancing online verification efforts.

Unbeknown to the vast majority of EU citizens, digital identity has been a legal reality across the 27-nation bloc since March. From our article, Greece Just Gave a Glimpse of How the EU’s “Voluntary” Digital ID Wallet Will Gradually Become Mandatory:

The EU regulation obliges all member states to make a digital identity wallet available to every citizen who wants one. That is how the new system is currently being marketed — as an optional extra for citizens who want to avail of its many benefits. The wallet can be used to store people’s surnames, first names, dates and place of birth, gender, or nationality as well as enable Europeans to identify themselves online. Its touted benefits include making it easier to access public and private-sector services across EU borders, helping to streamline bureaucracy and reduce the risks of digital fraud and other forms of cyber crime.

This, one might think, would be a big news story given the potential of digital identity to transform, for better or worse (my money’s certainly on the latter), myriad aspects of EU citizens’ lives. Yet it has been met by a wall of silence in both the mainstream and social media.

An “Economy-Wide” Digital ID System

Australia has also passed legislation aimed at introducing an “economy-wide” digital identity system. Here’s the country’s Finance Minister Katy Gallagher touting its benefits while insisting the system will be 100% voluntary — just like the vaccine certificate was. As one X user put it, “it’s voluntary for the short-term, and then mandatory for the long.”

The option of using Digital ID would mean not having to share copies of your ID documents when applying for a rental property, signing a new phone plan, registering your children in sports, accessing government services and much more in the future. pic.twitter.com/RJfapO6ZM8

— Katy Gallagher (@SenKatyG) April 2, 2024

In the US, the Transportation Security Administration (TSA) has begun making mobile driving licenses (mDLs) an acceptable identification at airports, and a growing number of states have adopted mDLs with either a state sponsored app or Apple and Google Wallet.

In late 2023, a number of civil rights organisations, including Electronic Frontier Foundation,  the American Civil Liberties Union (ACLU), the Center for Democracy & Technology (CDT), and the Electronic Privacy Information Center (EPIC) submitted comments to the TSA question the need for such haste in the roll out and application of mDLs:

The privacy guards are still lacking, and left up to each state to implement them in their own way. With the TSA’s proposed waiver process, mDL development will likely be even more fractured, with some implementations better than others. This happened with digital vaccine credentials.

Another concern is that the standards referenced in the TSA’s proposed rules are under private, closed-off groups like the American Association of Motor Vehicle Administrators (AAMVA), and the ISO process that generated its specification 18013–5:2021. These standards have not been informed by enough transparency and public scrutiny. Moreover, there are other more openly-discussed standards that could open up interoperability. The lack of guidance around provisioning, storage, and privacy-preserving approaches is also a major cause for concern. Privacy should not be an afterthought, and we should not follow the “fail fast” model with such sensitive information.

Seeking the End of Online Anonymity

Google is not the only big tech company looking to expand its digital identity services. In June, we reported that online influencers who produce revenue-generating content on X, the social media platform formerly known as Twitter, had received notifications that they would have to pass identity verification checks by July 1. Many users were up in arms, particularly those with liberal (in the classic sense) sensibilities. After all, Elon Musk himself had previously promised that his X platform would protect anonymous users.

Users’ concerns on Twitter/X were further magnified when they learnt that the company that would be handling the face biometrics matching was none other than AU10TIX, an Israeli firm with deep ties to the country’s intelligence agencies, prompting concerns that user data could be shared with said agencies. AU10TIX is also a big global player in the fast-emerging digital identity industry. In July, it was revealed that AU10TIX had inadvertently exposed a set of administrative credentials for social media users online for more than a year.

But when it comes to digital identity, few in the tech sector have played as big a role in pushing for its rollout as Bill Gates. His non-profit the Bill and Melinda Gates Foundation has helped fund many of the NGOs and multilateral financial institutions that have helped countries in the Global South develop digital identity systems. He is also a major advocate of India’s Aadhaar, the world’s largest digital identity system, despite its glaring privacy and security flaws.

“We have funded the World Bank to take this Aadhaar approach to other countries,” Gates told the Times of India in 2018. “Aadhaar in itself doesn’t pose any privacy issue because it’s just a bio ID verification scheme.”

Gates is now touting digital identity and verification as a necessary tool for combatting online misinformation and anonymity.

“The US is a tough one because we have the notion (NC: interesting choice of words) of the First Amendment and what are the exceptions like yelling ‘fire’ in a theatre,” Gates explained in a recent interview with CNET to promote his new Netflix series. “I do think over time, with things like deepfakes, most of the time you’re online you’re going to want to be in an environment where the people are truly identified, that is they’re connected to a real-world identity that you trust, instead of just people saying whatever they want.”

One hears much the same from Eric Schmidt. In a recent op-ed on combatting online electoral  misinformation for MIT Technology Review, the former Google CEO stressed the need to “distinguish humans using social media from bots, holding both accountable if laws or policies are violated.”

In Spain, the Pedro Sánchez government is working on developing a digital age verification system to prevent minors from being able to access pornographic websites. The proposed digital wallet will not only close off access to porn websites to minors; it will also ration the number of times adult users can access pornography websites.

As we reported at the time, there will be a plethora of workarounds that (both adult and underage) porn users will be able to use to circumvent the proposed restrictions. However, the real motive, I believe, is not, as advertised, to protect children from the insidious effects of online porn; it is to begin the process of launching digital identity wallets for widespread public use. In other words, to use Internet programs, platforms and applications in the not-too distant future, one may need a digital ID, or access will be blocked.

But the potential real and virtual-world applications of digital ID extend far beyond even that, including as a necessary precursor for central bank digital currencies. “Digital ID adoption will truly scale when daily use cases like driving a car, picking up prescriptions and more can be done with a digital ID,” says Stapelberg:

“There’s also a future where digital IDs can be used for things like online tax filing, signing a home loan, opening a bank account or signing up for medical benefits — all from your phone. And the industry is working to make these things happen…

This will take time: Legislation, hardware updates and behavior change don’t happen overnight. We’re working with various parts of the ecosystem — including companies designing hardware for ID acceptance — to speed up in-person adoption. Of course, digital IDs can also be used for identity verification online (for example when renting a car from an app or ordering age-restricted items online), and this is a use case that potentially will scale much faster.”