Germany Says iPhones Running iOS 13 Will Be Able to Read NFC Tags in National ID Cards and Passports
When iOS 13 arrives, iPhones will be able to read a wider range of Near Field Communication (NFC) tags, including the NFC tags often used in official documentation. Last week, The Verge reported that Japan had confirmed its national identity cards would support iPhone through a government-developed app, and now we're hearing that German authorities are also gearing up to make several forms of ID compatible with iPhone NFC interfaces.
Image via iphone-ticker.de
First spotted by tech blog
iphone-ticker.de, Germany's interior ministry has
announced that iOS 13 will soon allow Apple users to load national ID cards, residence permits, and biometric passports onto their iPhones. At the same time, the federal government's AusweisApp2 will be updated for iOS 13 to support the digital ID function.
In current and earlier versions of iOS, Apple has restricted the NFC reader in iPhones to Apple Pay. iOS 13 removes that technical limitation so that iPhones can scan more NFC chips, but developers must gain approval from Apple before their apps can implement the feature.
In another example of Apple opening up NFC access, the U.K. government recently confirmed that it had reached a deal with Apple to make its Brexit app for EU citizens' residency rights work on iPhones via the NFC chip. According to the German ministry, it and many other states have been in contact with Apple for a long time to negotiate NFC access, so users can expect other countries to announce official documentation support in the run-up to iOS 13's release in the fall.
(Thanks, Chris!)
Popular Stories
Apple made the first beta of iOS 17.2 available to developers in October. Since then we've seen two more betas, and with each iteration Apple continues to add more new features and changes, many of which users have been anticipating for quite a while. Below, we've listed 26 new things that are coming to your iPhone when the finalized version is publicly released in December. 1. Help You...
With all the discounted deals on Apple tech currently available, you might be thinking about upgrading your Apple Watch or buying one for the first time. But if your current smartwatch is doing its job just fine and it's only the idea of a good deal that's piqued your interest, it could be worth holding out until next year when Apple unveils its latest and greatest version. There are already ...
Black Friday 2023 has officially ended, but we're still tracking some of the best deals of the year on Apple products like AirPods, iPad, iPhone, MacBook, and many more. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running. Specifically, in this article we're...
Cyber Week has taken the place of Black Friday, and you'll find some of the same deals still around for the next few days, although many from Black Friday have now expired. This includes dozens of record low prices on Apple products like AirPods, iPad, Apple Watch, MacBook, iPhone, and more. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a...
Over 800 days have passed since Apple last updated the iPad mini, as outlined in the MacRumors Buyer's Guide. Fortunately, a new iPad mini is rumored to be released next year, and we have outlined what to expect from the device below. Apple released the current iPad mini in September 2021, with new features at the time including a larger 8.3-inch display, a USB-C port, a Touch ID power...
Top Rated Comments
Or is a digital passport already available in other countries.
When you get controlled by some authority (e.g. police doing road check), you would have to present your ID Card anyway. I can't see the difference to presenting a digital representation.
If you're afraid of being tracked: Having a digital representation of your ID card (or driver's license etc.) on your smartphone is the least of your problems - it'd be more about switching that wiretap device off that you carry around all of the time.
This all assumes, of course, that there is no secret backdoor allowing whatever agency to spy unnoticed by installing "special software" in secret. But if Apple would allow this and it would ever come to light, Apple would have its reputation destroyed, which may be a devastating (if not lethal) blow to the business model of the whole company - even more so, as they seem to be busier than ever explaining to people how much they value privacy and to which lengths they go to ensure it.
btw.: "Gattaca" is less about 24/7 monitoring, but instead much more about the ethical problems of being able to analyse (and manipulate) genetic prerequisites and deduct predictions for the whole life development of an individual person. Can't really see the relation to having a digital representation (i.e. different "physical" form) of a simple ID card, which is mandatory in many countries anyway. Or do you question the requirement for an ID card in the first place?
It doesn't work like that. A SmartCard is called SmartCard because it's actually smart. Much like an EMV transaction (pay using chip+pin, also most NFC transactions), the SmartCard doesn't just stupidly pass along the data that's stored on it, e.g. your name and birthdate and so on. This is the major difference to using a magstripe. The SmartCard is a small cryptographic processor (much like the SecureElement in an iPhone). It gets a request which it answers with a digitally signed reply.
Example (in a nutshell) based on an EMV transaction:
Terminal: "Please approve payment to Walmart with accountID12345678 in the amount of XXX. Date: xxx"
SmartCard: "I approve payment to Walmart with accountID12345678 in the amount of XXX. Date: xxx + digital signature"
In a secure environment the card will require the PIN to unlock the signing process.
As such it's impossible to copy a SmartCard, which essentially prevents identity theft.
In comparison: a credit card swiped (or even when used per NFC in some cases) just sends out "My number is 1234 5678 9012 3456, Expiry 02/20, owner: John Doe". Stealing this information is of course very easy...
(If the terminal expects this plaintext reply but the NFC card is set to only reply with a SmartCard-style digitally signed reply, it will reject the transaction. This is one of a few reasons why some European credit cards don't work with old NFC terminals, which are quite common in the US.)
NFC is just the technology to transmit data (like ethernet or WiFi). If your NFC card is just a dumb tag, that sends out a userID (or credit card number), it's insecure as that data can just be copied to another card that sends exactly the same reply.
If the card instead sends one-time passwords, that's more secure, but if OTP is intercepted & re-used in real time, it's not acceptable for high security.
If the card performs a cryptographic process (actual SmartCard) it can be programmed to require a PIN or other kind of approval mechanism. The digital signature as explained above will secure the transaction/login/...
If you don't even trust the reading terminals PIN pad (if PIN would be entered on a non-secure keyboard like on a laptop), best choice would be a card that has an embedded authentication mechanism, like this one: https://directrm.com/da-pin-pad-smart-card/
Yes, you do. These IDcards can proof your identity and age without human intervention and allow to sign documents electronically (properly, not some shady signing on the touchscreen).
Use case:
Signing of any kind document
Age verification (online)
ID provider (can be used to securely log on to websites without passwords)
In fact, an NFC+PIN SmartCard is the most secure way to log into anything. It would be the ultimate solution to get rid of stupid passwords while maintaining maximum possible security.
I recommend checking out YubiKey website as their device is practically a SmartCard in a different shape.
It's eerie to realize that movies like "1984" or "Gattaca" are not sci-fi anymore.
BTW: Will you also cheer up if the FBI can use this, or is it cool for every government agency but the FBI?