Digital wallets are becoming a part of daily life for many.
We can trace the history of digital wallets with a Capability-Maturity Model (CMM) from paper and magnetic stripes to chip and mobiles. The fundamentally important trend over the decades has been to use smart technology to prove the properties of the data carried in the wallet. Today’s smart phone wallets prove the origin of each credential, possession by its rightful owner, the manufacturer and history of the wallet, and other metadata.
But these properties need infostructure outside the wallet in order to be legible. So talk of a wallet war between platforms and open standards actually misses the most critical success factor for utility and interoperability, and it’s not at the wallet level!
Download PDF (2.8MB)
Verifiable credentials don’t verify themselves.
If the customer doesn’t have a credential of the right sort, the relying party as risk owner does not have to accept it. It’s the same with everyday credentials like charge cards: if you want to shop with a Diners Club card but the store only takes Mastercard or Visa, then tough luck.
The crucial point about acceptance is that the RP must make arrangements in advance for the types of credentials they are willing and able to accept. For one thing, the RP transaction system needs to have the right root keys to verify signatures on incoming credentials and presentations.
These arrangements can only be made at scale through a network. We can’t afford to have every RP making bilateral arrangements with every credential issuer.
Adapted from a presentation given at Identiverse 2023 in June 2023.
Lockstep’s Data Verification Platform is a scheme to rationalise and organise data flows between data originators such as government and the risk owners who rely on accurate data to guide decisions. Join us in conversation.
If you’d like to follow the development of the Data Verification Platform model, please subscribe for email updates.