As an adult, you probably need to authenticate yourself in the following situation.

opening a bank account, getting a credit card, getting a mortgage or a loan, buying a flight ticket, signing up for internet service, signing for mobile services, buying a concert ticket and the list goes on.

What's common here is the service provider need to know you are actually the person say it is you and not someone else.

Back in the old days where we apply the service in person, you can take your driving license or passport to authenticate yourself, but with myriad of services now moving online, we need a centralised system that mimic the physical ID.

For a flight ticket I just ID myself at the airport so that's not an issue. For concert tickets I don't need to do this now. For internet service I absolutely don't need that, all they need to know is that I pay.

And mortgage, bank etc I just do on premise of course. These things are rare and important enough to warrant to just go there.

Given the ongoing "age verification" fiasco, I'd be quite wary of giving UK government any more digital powers. They don't seem to be any good at using what they have.

Yeah age verification is another such idiocy. The EU is starting this BS as well. Great way for conservative politicians to make a name for themselves with their backers, but other than that it's not effective at all, considering the torrents are full of this stuff with no gating whatsoever.

Besides, parenting is the parents' job.

> If I buy something online my payment and delivery address is all they should need.

That's what verifying your identity is for. The payment. This cuts down on fraud. My credit cards often require me to enter a code they text me for a purchase to go through, when it's somewhere online I've never shopped before. That's confirming my identity. And my credit card needed my identity originally to look up my credit history, because they're literally loaning money.

Businesses want to know who you are to reduce fraud. Otherwise people input stolen credit cards, the charges get reversed, and the business is out of merchandise and money.

Obviously if you pay in something irreversible like Bitcoin then a business generally couldn't care less who you actually are, as long as there aren't any know-your-customer regulations (like if you're a bank or the address is in a sanctioned country etc).

The "credit card" model for buying stuff seems to be flawed. When you give some company your credit card number and CVV to buy something, they could always turn around and give the number to someone else.

The fix is very simple, but requires more interaction: (1) You ask merchant for stuff (2) Merchant sends you a "money claim" (3) you sign your money claim (4) the merchant takes the signed claim to the bank (5) the bank verifies the signature using your public key (6) bank transfers the money to merchant from your account

Absolutely, credit cards are insanely insecure, everything that is needed is written on it. I don't know why we are stuck with this archaic American system. They patched it with a form of 2FA (Mastercard 3D Secure / Visa whatever) but it's still really patchy and in many cases is not even triggered at all even for big purchases.

But here in Europe we have much better payment methods like iDeal in Netherlands and Bizum in Spain (now going pan-EU with Wero)

That's basically how PSD2/SEPA payment flows function in Europe if there is a functional eID system. I think I've used such a system for nearly a decade now.

Airlines and airline middle-men organisations are the worst offenders and centralised identification is not going to help there. Having flied with a few airlines, your details are out there. In the UK, national and travel passport are the same.

That's true. I remember Karsten Nohl's presentation about this at 33c3 and not much seems to have improved.

https://securityaffairs.com/54969/hacking/flight-bookings.ht...