> I think you're forgetting the part where those existing so-called "decentralized" ID systems are by-and-large using a centralized system (your SSN) which is magntitudes worse than a cryptographic card.
It's orders of magnitude worse at authentication because that's not what it's for and everyone should immediately stop trying to use it for that. For that matter it would be better if they would stop using it for anything other than its original purpose as a tax ID.
> Now compare that to public-key encryption. Not only is it better assuming you only have access to a single private key (because you are still authenticating with the output of the key, not the key itself as with SSN), but also because a cryptographic card could store MULTIPLE private keys, allowing you to authenticate with a different "identity" to different providers, making it impossible for them to cross-reference you in that way.
But that's exactly the point. That isn't a national ID, it's ordinary public key cryptography which anyone can use right now already. You don't need a national ID for this, just create a new public-private key pair whenever you first interact with a new entity and use it to authenticate yourself to that entity going forward.
> Your bank knows that you are the same John Smith as your employer has on record, because you needed to use the same SSN for both.
But there is no good reason they need to know this, because having a bank account has really nothing to do with having an employer. All your employer should need is your bank account number so they can deposit your paycheck -- or not even that, just to give you a signature authorizing their bank to transfer money to you, where "you" means the person who can prove they hold the private key corresponding to a public key you gave your employer.
Banks shouldn't even need to know your name if things were being done securely, much less your SSN. Having them is nothing but a liability because someone who doesn't know what they're doing could mistake them for an authentication method.
It's orders of magnitude worse at authentication because that's not what it's for and everyone should immediately stop trying to use it for that. For that matter it would be better if they would stop using it for anything other than its original purpose as a tax ID.
> Now compare that to public-key encryption. Not only is it better assuming you only have access to a single private key (because you are still authenticating with the output of the key, not the key itself as with SSN), but also because a cryptographic card could store MULTIPLE private keys, allowing you to authenticate with a different "identity" to different providers, making it impossible for them to cross-reference you in that way.
But that's exactly the point. That isn't a national ID, it's ordinary public key cryptography which anyone can use right now already. You don't need a national ID for this, just create a new public-private key pair whenever you first interact with a new entity and use it to authenticate yourself to that entity going forward.
> Your bank knows that you are the same John Smith as your employer has on record, because you needed to use the same SSN for both.
But there is no good reason they need to know this, because having a bank account has really nothing to do with having an employer. All your employer should need is your bank account number so they can deposit your paycheck -- or not even that, just to give you a signature authorizing their bank to transfer money to you, where "you" means the person who can prove they hold the private key corresponding to a public key you gave your employer.
Banks shouldn't even need to know your name if things were being done securely, much less your SSN. Having them is nothing but a liability because someone who doesn't know what they're doing could mistake them for an authentication method.