In Canada we have https://verified.me/government-sign-in-by-verified-me/, which is ultimately “the government taking on responsibility for providing this sort of service” — but the government then turning around and delegating that responsibility to major banks (the Verified.Me service acting as the SSO intermediary, is a joint venture of seven major Canadian banks, and then supports other non-shareholding financial institutions as well.) Since you need a proof of identity to open a bank account, an SSO through your bank functions as a pretty good proof of identity.
Right now, the Verified.Me service sends through your actual non-anonymized identity (Social Security Number, I think) to the service being signed into, meaning it’s only really good for services you’d want to hand information like that to anyway (i.e. government service websites.)
But it’d be only a little tweak to enable a provider like this to send the service being logged into a persisted random-per-service token, or a per-service-salted hash of that info, instead. If this was done, a flow like this would then be perfect for KYC/AML: it would precisely restrict each legal person to only having one account per service, while also not revealing who that legal person is to that service. And the only person in this flow who’d ever see your ID, is the bank clerk you interacted with to open your bank account, years/decades earlier.
It's similar in Norway. There's a government service (IDporten) which aggregates a few commercial offerings (most notably BankID, a two factor auth scheme used by the banks). But it's very restricted who gets to use these services.
Not strictly (as the sibling comment says), but also, in practice it doesn’t matter, as there are effectively no “unbanked” Canadians the way there are “unbanked” Americans.
> In Canada, you have the right to open a bank account at a bank or a federally regulated credit union as long as you show proper identification.
> You can open an account even if you: don’t have a job; don’t have money to put in the account right away; or have been bankrupt.
But that requirement to show identification is important. What it means in practice is that everyone who resides in Canada except illegal immigrants can open a Canadian bank account.
And the fact that so many crucial government services assume that you have a Canadian bank account (not just for SSO, but also because they assume things like the ability to do direct deposit for tax refunds, welfare/unemployment, etc.), means that it’s really hard to be an illegal immigrant in Canada. Which is probably one reason among many that people generally aren’t interested in trying. (Other reasons: we don’t have any land borders except with the US, and it’s easier to be an illegal immigrant in the US, so why not just stop there? And: the Canada Border Services Agency is terrifying to interact with, even for Canadian citizens.)
I don't know about Canada specifically, but generally there are situations where one can be waiting for a residence permit or waiting to be fully registered as a resident, etc. It can take several months in some western European countries despite the same laws that nobody can be denied a bank account. This can create a lot of inconvenience for legal residents that recently immigrated since some of those countries also have systems that use banks for ID.
Right now, the Verified.Me service sends through your actual non-anonymized identity (Social Security Number, I think) to the service being signed into, meaning it’s only really good for services you’d want to hand information like that to anyway (i.e. government service websites.)
But it’d be only a little tweak to enable a provider like this to send the service being logged into a persisted random-per-service token, or a per-service-salted hash of that info, instead. If this was done, a flow like this would then be perfect for KYC/AML: it would precisely restrict each legal person to only having one account per service, while also not revealing who that legal person is to that service. And the only person in this flow who’d ever see your ID, is the bank clerk you interacted with to open your bank account, years/decades earlier.