Emmanuel Macron tweeted about the France Identity application, which allows official documents to be digitized on the smartphone. The publication is accompanied by a photo of his own identity card. This is a practice to avoid.
“ Simplify, simplify, simplify: making your identity card and driving license accessible directly on your smartphone to facilitate your procedures is now possible with france-identite.gouv.fr. Tested and approved ! » With these few words, President Emmanuel Macron boasted on February 20, 2024 the merits of the France Identity application on X. And, at the same time, set a very bad example by integrating a photo of his own identity card into his tweet.
The France Identity app allows you to dematerialize certain administrative documents, notably the identity card. Since February 14, it has been possible to digitize your driving license, to add it to your smartphone (the data is not stored on a server, only in the application). It is in the context of this novelty that the official Emmanuel Macron account published this image, on which we can see his identity card, both in its physical version and in its dematerialized version. A practice that is strongly discouraged by cybersecurity experts.
A double risk: the image of the identity card and its data
Two reasons for this. “ It is necessary to separate the image of the identity card that can be used, and the data that this image provides », Explains to Numerama Matthieu Castel, head of engineering at Jamf and expert in corporate cybersecurity. In the first case, the risk is that the image of the card is used to usurp the identity of its owner. “ A scammer can use it to approach us on our behalf. We see, for example, this type of identity theft on sites like Leboncoin. »
In addition to the use of the card itself, it is the data that appears on the image that represents a risk. “ A lot of data on ID cards is used on sites to secure login, reset passwords », Indicates Matthieu Castel. Sometimes sites ask for a maiden or middle name to verify that the connection is legitimate.
The information written on an identity card is also a golden opportunity to help hackers better target phishing campaigns, or in the practice of social engineering.
In order to limit the risks, it is therefore strongly discouraged to share a photo of your identity card on social networks. And, when we have no choice but to share a copy of this document, “ its use must be altered, by hiding elements or writing on the document that it is only used in a certain context “. Inserting a watermark is then a good option to protect your official document.
Subscribe for free to Artificielles, our newsletter on AI, designed by AIs, verified by Numerama!