I think the problem is that people are relying on this for actual security. The article demonstrates how easy it is to get companies to accept this form of fraudulent authentication (and the demand for this service speaks to its efficacy as well).
Why not let notaries or an authoritative agency issue cryptographically signed one time codes upon inspection of your physical ID? Frankly, it sounds like a superior system to me.
Why not let notaries or an authoritative agency issue cryptographically signed one time codes upon inspection of your physical ID? Frankly, it sounds like a superior system to me.