IRS Will Soon Require Selfies for Online Access

[jim_julian 26]

7 minutes ago, Allaboutwaiting said:

Not sure how "trusted" and "US government contractor" paired together should make people feel at ease. 

An emotional response, not based on fact, as have been many of the recent comments on the ID.me "issue".

[Allaboutwaiting 2,503]

@jim_julian Elaborate please how trusted US government contractor is a fact that should make this service THE ONLY option when opening an IRS account. 

Edited January 24, 2022 by Allaboutwaiting

[jim_julian 26]

11 minutes ago, Allaboutwaiting said:

@jim_julian Elaborate please how trusted US government contractor is a fact that should make this service THE ONLY option when opening an IRS account. 

Not my call, of course, but many here are overreacting, in my opinion.  As previously stated, my experience with ID.me at the VA medical portal has been good.  This discussion has been distorted by claims that your information goes to Montenegro ... totally false ... as well as other emotional objections to submitting identity data to any entity.

[Dashinka 24,494]

18 minutes ago, jim_julian said:

Not my call, of course, but many here are overreacting, in my opinion.  As previously stated, my experience with ID.me at the VA medical portal has been good.  This discussion has been distorted by claims that your information goes to Montenegro ... totally false ... as well as other emotional objections to submitting identity data to any entity.

To be fair, there were a few positive reviews on the BBB site, but the overwhelming majority have been negative.  Which to me makes them seem much more like just another government bureaucracy particularly around customer service.  As to the fact all of these items are electronic, they are subject to data breach regardless of how much encryption they use.  Somewhere, on some server, the data exists unencrypted.    

[jim_julian 26]

6 minutes ago, Dashinka said:

To be fair, there were a few positive reviews on the BBB site, but the overwhelming majority have been negative.  Which to me makes them seem much more like just another government bureaucracy particularly around customer service.  As to the fact all of these items are electronic, they are subject to data breach regardless of how much encryption they use.  Somewhere, on some server, the data exists unencrypted.    

My personal experience with ID.me, several times a week on the VA medical portal, has been quite positive.  Is there some reason you assume that the data is stored, unencrypted, on some server?  As someone who sold massive C3I systems I know there is nothing to prevent the data from being stored in an encrypted state.

[Allaboutwaiting 2,503]

14 minutes ago, jim_julian said:

My personal experience with ID.me, several times a week on the VA medical portal, has been quite positive.  Is there some reason you assume that the data is stored, unencrypted, on some server?  As someone who sold massive C3I systems I know there is nothing to prevent the data from being stored in an encrypted state.

Your opinion based on your personal experience makes you quite enthusiastic. Those reacting against it do so based in personal experience as well, as they were victims of identity theft while using supposedly trusted safe channels. 

 

The main issue is the lack of alternatives for those who for one reason or another DO NOT WANT to sign up using this service. 

Edited January 24, 2022 by Allaboutwaiting

[MrKo 60]

6 minutes ago, jim_julian said:

Not my call, of course, but many here are overreacting, in my opinion.  As previously stated, my experience with ID.me at the VA medical portal has been good.  This discussion has been distorted by claims that your information goes to Montenegro ... totally false ... as well as other emotional objections to submitting identity data to any entity.

ID.me is a Montenegro domain name. That's an undeniable fact. According to the ".ME REGISTRY - REGISTRAR AGREEMENT" found on the doMEn d.o.o. website:
 

2.9.1. Registrant shall comply with all Registry Policies, and all other standards, policies, procedures, and practices which the Montenegrin government requires Registry to implement in accordance with the Registry Agreement or otherwise;

...

6.3 Termination Upon Termination of Agreement with Registry. This Agreement shall terminate immediately in the event the Registry’s authorization by the Government of Montenegro to operate the registry for the TLD is terminated.

...

10.5. Dispute Resolution; Choice of Law; Venue. This Agreement is to be construed in accordance with and governed by the internal laws of Montenegro without giving effect to any choice of law rules. Any legal action or other legal proceeding relating to this Agreement or the enforcement of any provision of this Agreement shall be brought or otherwise commenced in any court located in Montenegro. Each Party to this Agreement expressly and irrevocably consents and submits to the jurisdiction and venue of court located in Podgorica, Montenegro in connection with any such legal proceeding.

 

And further more, per the doMEn d.o.o policy, they can cancel, transfer or make changes to domain name registrations in various situations, such as upon "receipt of an order from a court or arbitral tribunal". In other words, it looks to me like it's all up to Montenegro because they have the authority to do so.

 

TL;DR - Regardless of where the company which runs the verification service is based, and regardless of where your data is stored, the ccTLD manager for .ME domain, according to IANA, is the Government of Montenegro.

[jim_julian 26]

15 minutes ago, MrKo said:

ID.me is a Montenegro domain name. That's an undeniable fact. According to the ".ME REGISTRY - REGISTRAR AGREEMENT" found on the doMEn d.o.o. website:
 

2.9.1. Registrant shall comply with all Registry Policies, and all other standards, policies, procedures, and practices which the Montenegrin government requires Registry to implement in accordance with the Registry Agreement or otherwise;

...

6.3 Termination Upon Termination of Agreement with Registry. This Agreement shall terminate immediately in the event the Registry’s authorization by the Government of Montenegro to operate the registry for the TLD is terminated.

...

10.5. Dispute Resolution; Choice of Law; Venue. This Agreement is to be construed in accordance with and governed by the internal laws of Montenegro without giving effect to any choice of law rules. Any legal action or other legal proceeding relating to this Agreement or the enforcement of any provision of this Agreement shall be brought or otherwise commenced in any court located in Montenegro. Each Party to this Agreement expressly and irrevocably consents and submits to the jurisdiction and venue of court located in Podgorica, Montenegro in connection with any such legal proceeding.

 

And further more, per the doMEn d.o.o policy, they can cancel, transfer or make changes to domain name registrations in various situations, such as upon "receipt of an order from a court or arbitral tribunal". In other words, it looks to me like it's all up to Montenegro because they have the authority to do so.

 

TL;DR - Regardless of where the company which runs the verification service is based, and regardless of where your data is stored, the ccTLD manager for .ME domain, according to IANA, is the Government of Montenegro.

As your favorite politician would say .... "Come on man!"

[Dashinka 24,494]

1 hour ago, jim_julian said:

My personal experience with ID.me, several times a week on the VA medical portal, has been quite positive.  Is there some reason you assume that the data is stored, unencrypted, on some server?  As someone who sold massive C3I systems I know there is nothing to prevent the data from being stored in an encrypted state.

Personally I try to avoid unnecessary technologies.  I don’t need a microphone sitting in the house supposedly waiting for a key word.  I am not keen on connected devices that are subject to hacking, and I try my best to protect my personal information to avoid any potential data breach that seem to be happening at an increasingly alarming rate.  Of course when those breaches occur, these all powerful tech companies will keep it to themselves as long as they can.  The main issue as @Allaboutwaitingmentioned is the lack of alternatives and in my opinion putting trust in a third party that may have other things they want to do with the data such as use it to generate additional income like FB, Twitter, Google, etc.

Edited January 24, 2022 by Dashinka

[jim_julian 26]

53 minutes ago, Allaboutwaiting said:

Your opinion based on your personal experience makes you quite enthusiastic. Those reacting against it do so based in personal experience as well, as they were victims of identity theft while using supposedly trusted safe channels. 

 

The main issue is the lack of alternatives for those who for one reason or another DO NOT WANT to sign up using this service. 

OK, if you don't want to sign up ... don't.  Don't use the Internet,  rely on paper, phone conversations and personal contact.  Your choice.

[TBoneTX 45,288]

2 minutes ago, Dashinka said:

Personally I try to avoid unnecessary technologies.  I don’t need a microphone sitting in the house supposedly waiting for a key word.  I am not keen on connected devices that are subject to hacking, and I try my best to protect my personal information to avoid any potential data breach that seem to be happening at an increasingly alarming rate.  Of course when those breaches occur, these all powerful tech companies will keep it to themselves as long as they can.  The main issue as @Allaboutwaitingmentioned is the lack of alternatives and in my opinion putting trust in a third party that may have other things they want to do with the data such as use it to generate additional income like FB, Twitter, Google, etc.

Where's the +1,000 button?

[jim_julian 26]

2 minutes ago, Dashinka said:

Personally I try to avoid unnecessary technologies.  I don’t need a microphone sitting in the house supposedly waiting for a key word.  I am not keen on connected devices that are subject to hacking, and I try my best to protect my personal information to avoid any potential data breach that seem to be happening at an increasingly alarming rate.  Of course when those breaches occur, these all powerful tech companies will keep it to themselves as long as they can.  The main issue as @Allaboutwaitingmentioned is the lack of alternatives and in my opinion putting trust in a third party that may have other things they want to do with the data such as use it to generate additional income like FB, Twitter, Google, etc.

Your choice, sir.

[Dashinka 24,494]

Just now, jim_julian said:

Your choice, sir.

Is it a choice?

[jim_julian 26]

Just now, Dashinka said:

Is it a choice?

Sure, you can choose to use US government vetted technology or not.

[Dashinka 24,494]

27 minutes ago, jim_julian said:

Sure, you can choose to use US government vetted technology or not.

A US Government bureaucrat vetted technology.  Not instilling a lot of confidence considering the state of the swamp.