Furthermore I am surprised this is considered an important next step, given apps like the Dutch identity app Yivi (who has no such dependency) already exist and can be used for age verification by the government just fine (on the few select platforms that work with it). Yivi is even available on Open Source app stores like F-Droid.

I think Yivi's existence should be sufficient proof that Google Play Integrity integration is unnecessary.

Yivi (formerly IRMA) homepage: https://yivi.app/en/

This this seems to be a fork of the EUDI wallet, see also:

• Please remove the requirement for Google Play Integrity eudi-app-android-wallet-ui#287
• use the standard Android hardware attestation API to verify the device, OS and app instead enforcing licensing Google Mobile Services eudi-app-android-wallet-ui#390

In addition, tying age verification to specific operating systems and their vendors (large American tech companies) violates two of the three principles listed elsewhere in this org:

• made available to anyone who wants to use it
• controlled by users

Furthermore, from https://ageverification.dev/Technical%20Specification/architecture-and-technical-specifications/#24-design-principles -

• Interoperability: The solution ensures seamless integration across diverse device operating systems, wallet applications, and online services.

Tying age verification to specific operating systems will directly violate this design principle.

Digital sovereignty is a necessary step to reduce the risks of data processing. There should be no dependencies for external services from third parties at all since each one adds a whole ecosystem of potential security issues.

This is insane, what's the threat model? Someone remotely exploiting a device to steal proof of age of majority just to watch p__n (most common use case)? Is it even realistic? Why does this service need an app at all? Just create a modern web app, maybe even leveraging Digital Credentials API. I'm tired of app-for-everything.

This has been brought to light for the Italian IT-Wallet feature here: pagopa/io-app#6327

Completly ignore even tho it has 500 comments.

Half of the issue of the repo are about this issue.

This will go the same way.

This happens because those who draft the technical specifications don't know how the technologies they propose work.

As I've explained elsewhere, this is ridiculous. Here's a brief excerpt from one of my posts elsewhere:

It's incredible that the European Commission sanctions Google for abuse of dominant position and asks to open the operating system to other stores to allow "free" competition and you [the writer of technical specifications] impose the use of tools that exclude the free choice of the user and give to Google all the power of choice, that's really INCREDIBLE...

There are dozens of ways to secure these apps' certificates without using proprietary systems.
Not to mention that Play Integrity systems are 100% illegal.

There are dozens of ways to secure these apps' certificates without using proprietary systems.

Does it need to protect those certificates at all? Maybe I'm too naive, but couldn't this simply be implemented by verifying random challenge signed by a national identity provider?

1. User goes to p__n website
2. Website detects user is visiting from Europe
3. Website downloads them a file containing a random string
4. Website tells them to visit verifyage.gov.example
5. User logs via identity provider and uploads the file
6. Challenge is signed and downloaded through the browser
7. User goes back to the p__n website and uploads the file
8. Website verifies the challenge is signed by a trusted entity

Avoids having to protect the signed challenge at all since it's single use, scheme is similar to authenticating with SSH or WebAuthn. I haven't checked the architecture thorough, perhaps does something similar in the end with more bloat in between.

Please listen the ongoing issues with the Italian Wallet related to Play Integrity:

mega thread:
pagopa/io-app#6327

Duplicates:
pagopa/io-app#7014
pagopa/io-app#7199
pagopa/io-app#6942
pagopa/io-app#6820
pagopa/io-app#6763
pagopa/io-app#6507
pagopa/io-app#6524

Fuck Google

A mandatory Google account is unacceptable in a OSS Project

Getting access to a website as a EU citizen by accepting the TOS of EU-penalized American megacorp is peak 1984.

Besides the privacy issues, this feels like South Korea's IE6 problem back in the days, everything was so tied and dependent on it, that they couldn't get rid of it. But I guess we are just humans repeating mistakes, getting influenced by lobbyists, uninformed people, people who can't imagine how things will look like in 10 or more years

Inacceptable.

Dear EU,
Dear devs,

I'm here for you if you need a lesson about zero knowledge proofs.

Cheers

Funnily, few hours ago one user in this thread created a joke pull request to delete all the code in the repo. Not so funnily, now their pull request disappeared and their account was nuked. You can tell the pull request existed because issue #12 exists, issue #14 as well but not #13 (issues and pull requests use a shared incrementing integer).

Every software which uses Play Integrity actively supports giving Google monopoly over Android, because obviously only they can certify Android OSes for Play Integrity, and they're absolutely not in a neutral position. GrapheneOS for example, despite being capable of providing required security and verification, will likely never getting Google's certification, just because Google doesn't want to.

If you guys care about your privacy, freedom, and so on, clearly this team is not the right target for communicating it - they don't care. They're complicit and uninterested in your complaints, which means you need to go to the source of funding, policy, and monitoring.

Wikipedia lists the EU representatives of your country, they have email addresses in the anglicized form of "firstname.lastname" combined with @ep.europa.eu or @europarl.europa.eu - Google can confirm which they use. The people working in the European Council, and behind this project can be found via the links in the GitHub organization page. The EU Council email addresses follow similar pattern but @ec.europa.eu.

Express your dissatisfaction and concern in large numbers, and maybe they will make the team care as well.

Oh and of course if you want to find the organizations and individuals represented in the contributors to also tell them what you think about their work, well there's always the Git history where they've chosen to publish their personal contact information for all to see:

git clone https://github.com/eu-digital-identity-wallet/av-app-android-wallet-ui.git
git -C av-app-android-wallet-ui log | grep -E '^Author' | sort -u | grep -v "noreply.github.com"

It's a really bad idea. It locks out users with custom ROMs, rooted devices, or non-Google-certified bootloaders, including those who intentionally choose more secure setups like GrapheneOS. The Play Integrity API doesn't actually improve security. It can easily be bypassed, provides weak attestation, and primarily serves to lock users into the Google ecosystem instead of promoting real interoperability.

The EU wallet is supposed to embody digital sovereignty, openness, and user control. Relying on Google's proprietary checks directly contradicts that mission. It also risks violating competition law and the spirit of the DMA by reinforcing a monopoly under the guise of "security."

Therefore, I am asking you to clearly scrap the Google Play Integrity requirement. It’s exclusionary and unnecessary and undermines trust in the project.

I have used LineageOS for example on older devices to keep them up to date.

And i can say that getting the SafetyNET etc. to return valid is entirely doable - so all banking, gov ID etc. apps work. You can spoof GPS and make it look valid to apps.

Those minors can easily just use VPN and bypass the check requirement completely.

This creates a rigid link to US tech giants, making many other or older devices useless. Most sold Asian devices don't even have Google Play Store.

This should not require an APP. Why not make a mobile compatible website?

Great, this means I'll never be able to run this shit on my Degoogled mobile https://murena.com/introducing-e-os-3-0/

So the EU wants to force me to accept Google TOS to use this app?

Forcing users to use a Google service without allowing alternatives is not going to be compliant with applicable EU law and directives.

As a Mexican American seeing the damage that our government run app CBP One is doing to hardworking immigrants and asylum seekers, I can see the elevated danger that close relationships between BigTech (Apple/Google/Palantir) and government pose to our digital sovereignty and human dignity.

It's already troubling that Apple and Google can ultimately dictate which apps get published to their app stores.

Take a look at the following article:
GrapheneOS: Android hardware attestation API compatibility guide

The standard hardware attestation API can be used to verify the authenticity/integrity of the hardware, firmware, OS and the app running on it. It provides a verified boot key fingerprint for the OS for permitting secure aftermarket operating systems.

Please do not rely on Google services for deciding what can run on devices and do not give them even more monopoly power. The Play Integrity API is long overdue a legal challenge to break Google's grip on this open ecosystem.

I don't care about Google, why should we be forced to even own a smartphone? Implementing the same measure even without Google's services is still a hideous invasion of privacy.

Unpopular take here. Please keep the Google Play Services dependency.

If Europeans want to give a ridiculous amount of power to EU bureaucrats, so let it be. Even if that means empowering Google influence over their data.