Wallet Deployments

Full Title or Meme

This is a collection of some of the mobile wallets that have been deployed to hold user credentials and other user secrets.

Context

Digital Identifiers for authentication, government-mediated access (like national security, finance and social services) and commerce.

User Research

According to a survey conducted by Forbes Advisor, more than half of Americans use digital wallets more often than traditional payment methods, such as cash or credit cards. Digital wallets are especially popular among younger consumers, with 69% of respondents stating that they use PayPal the most.^[1]

Another study published in the Journal of Financial Services Marketing examines the usage behavior of digital wallets, with a particular focus on the role of perceived risk as a mediator and the role of perceived trust and perceived service quality as moderators.^[2]

The User Experiences of digital wallets are addressed in this paper from Fraunhofer Institute for Applied Information Technology helpful. It provides an overview of recent research on the user experience of wallets, including recommendations for developers.^[3]

The California Experience

In 2024 CA issued their own wallet developed by Spruce that supports both ISO 18013 and the convenience store age check credentials.

The DMV has also launched a pilot program using Apple and Google for its own mobile driver’s license (mDL) app in partnership with United Airlines at San Francisco International Airport and Los Angeles International Airport. The mDL offers a quick and secure identity-check at airports, without handing over your phone. On 2024-01 it is authorized for limited usage and is not yet accepted by law enforcement, state government agencies, and businesses.

Digital Wallet Statistics

Last Updated: July 17, 2023 https://capitaloneshopping.com/research/digital-wallet-statistics Highlights. In 2022, there were 3.4 billion digital wallet* users in the world. (2023-07-17) Here digital wallet means payment wallets.

• 65% of U.S. adults said they used a digital wallet at least once in the past month.
• In 2022, 32% of point-of-sale transactions globally were made using digital wallets, more than any other payment type.
• Digital wallets led in online purchases globally in 2022, capturing 49% of transactions.
• In 2022, the global total value of digital wallet transactions was $7.5 trillion.
• In 2022, the global mobile payment market was valued at $53.5 billion.

Deployments

EU Digital ID Wallet

• EU Parliament adopts stand on revisions to driving license directive 2024-03-14
• EBSI Conformant Wallets Welcome to the EBSI conformant wallets page! Here, you will find information about the different types of digital wallets that are available and conformant with EBSI specifications. The three main types of wallets include Holder, Issuer, and Verifier wallets, each with their own unique capabilities.
• Pilot implementation web page
• [https://github.com/eu-digital-identity-wallet/eudi-doc-architecture-and-reference-framework GitHub repository.

Smart Health Cards

One area where it looked like a digital wallet could be of great value was COVID vaccination cards. There were two attempts to standardize the area, one by Linux Health Foundation and the other by MITRE and the FHIR community. The first was a non-starter the second got some traction, which is reported on the wiki page Health Care Native App Example. But once the pandemic ended the use of smart health wallets receded into a few niches where it offered value.

EPI

In collaboration with leading European banks and payment service providers, the European Payment Initiative (EPI) is introducing wero – a groundbreaking payment solution tailor-made for Europe’s present and future.^[4]

Switzerland

A guy in Switzerland in early 2024 wanted to talk about TWINT. Over my trips to the Confoederatio Helvetica over the past 8 years, I've seen this hyper-domestic mobile wallet grow from nothing to a system with over 5 million active users (Note: There are only about 5.7 million adults within Switzerland's population of 8.9 million).

The story is similar to those we've seen with digital wallets over the past two decades in other parts of the world: It started with small P2P volumes, eventually gained critical mass, and is now used for online and in-person POS purchases. My casual observation from traveling around Geneva and the southernmost canton of Valais is that TWINT is A LOT more visible at the point-of-sale compared to my last visit in 2022. I went to a few small, independent shops that only accepted TWINT and cash - no cards accepted. And the attached photo shows how the POS at the international grocery store Coop automatically presents consumers with a TWINT QR code. A consumer can initiate a chip-based card payment, a contactless card payment, or a TWINT payment without manually choosing TWINT as a payment option.

Again, if we look at the history of digital wallets, a natural next question will be whether it's time for TWINT to "go international." At this time, it only supports users who have Swiss bank accounts. Switzerland, however, is very much an international destination. Geographically, it's relatively small and at the crossroads of Germany, France, Italy, Austria, and Liechtenstein. It has a high expat population and is flooded with travelers destined for everything from global banks to ski slopes to major international NGOs. Recognizing this, the system has recently allowed users with mobile phone numbers domiciled in the countries I mentioned earlier to register for the service, but the requirement to have a Swiss bank account still stands. Before you even talk about cross-border acceptance or wallet interoperability, the support for foreign bank accounts must be addressed.

Lastly, if you are a merchant looking to accept TWINT, it's supported by most local Swiss and pan-European PSPs, including Adyen and Worldline.

Poland

https://www.blik.com/en

Posts to DIF ID in 2021-09

Question about deployments in Germany = do you know anymore than what is here? Particularly where did the “digital Wallet” come from? https://www.bundesregierung.de/breg-de/aktuelles/oekosystem-digitale-identitaet-1960124

BundesregierungBundesregierung Ökosystem Digitale Identitäten Wie geht es weiter? Anwendungsfälle aus dem Ökosystem digitale Identitäten starten für breite Öffentlichkeit. Kanzlerin spricht mit Wirtschaft wie es weitergehen soll. (31 kB) https://www.bundesregierung.de/breg-de/aktuelles/oekosystem-digitale-identitaet-1960124

In particular it seems that any wallet needs national recognition - does that mean the wallet needs to be verified by one EU country? (by 2022-09) (edited)

Markus Sabadello (Danube Tech) 11:59 PM @Tom Jones I know a little bit about this, but the landscape of projects is pretty complicated. The link you posted is about an initiative led directly by the German government. They already built a pilot for checking into hotels and want to expand that now: https://www.bundesregierung.de/breg-de/aktuelles/start-pilot-hotel-check-in-1914392 Also in Germany, there are several additional projects, e.g. IDunion which is funded by the government, but run by a consortium of private companies. It's a different project than the one above but may converge at some point: https://idunion.org/ I think esatus built one of the wallets for these projects, but other companies such as Jolocom, Spherity, etc. are involved as well. Our German friends should be able to tell you more. @Dr. Andre Kudra @Joachim Lohkamp (Jolocom) @Niclas Mietz (Spherity) There are several bi-lateral / multi-lateral cooperation initiatives, e.g. Germany signed a collaboration agreement with Spain: https://www.bundesregierung.de/breg-de/aktuelles/digitale-identitaeten-spanien-1947050 Separate from such country-level initiatives, there is of course also the EU Commission's own EBSI/ESSIF project. Within this project, there is currently a debate where the wallet(s) will come from, e.g. will they be provided directly by the governments, or can any private company build a "compliant" wallet. I'm not quite sure what's the latest thinking.

Markus Sabadello (Danube Tech) 12:02 AM Here in Austria, we also have a similar initiative, which was one of the first in Europe but is now lagging behind due to political and funding challenges.. https://digitalesvertrauen.at/

Tom Jones 8:43 AM On this side of the pond the FTC woke and made some rumblings about wallets and Kantara has started looking at privacy and security profiles for wallets. — The US FTC Warns Health Apps and Connected Device Companies to Comply With Health Breach Notification Rule They issued this STATEMENT OF THE COMMISSION On Breaches by Health Apps and Other Connected Devices dated 2021-09-15 which noted that “when a health app, for example, discloses sensitive health information without users’ authorization, this is a “breach of security” under the Rule. Violations of the Rule face civil penalties of $43,792 per violation per day.”

Federal Trade CommissionFederal Trade Commission FTC Warns Health Apps and Connected Device Companies to Comply With Health Breach Notification Rule The Federal Trade Commission today issued a policy statement affirming that health apps and connected devices that collect or use consumers’ health information must comply with the Health Breach Notification Rule, which requires that they notify consumers and others when their health data is breached. Sep 15th https://www.ftc.gov/news-events/press-releases/2021/09/ftc-warns-health-apps-connected-device-companies-comply-health

Robert Mitwicki 10:56 AM FYI: as I recently learned ETSI will address digital wallet interfaces in eIDAS 2.0 (the work is just starting), in addition JTC 19 https://standards.cencenelec.eu/dyn/www/f?p=305:7:0::::FSP_ORG_ID:2935523 will address specifically decentralized identity and after first meeting seems that identity backed by DLT is not very popular there. Worth to follow those works. EU is really focus on digital transformation: https://ec.europa.eu/commission/presscorner/detail/en/ip_21_4630 standards.cencenelec.eustandards.cencenelec.eu CENELEC Technical Bodies - CEN/CLC/JTC 19/WG 01 CEN/CLC/JTC 19/WG 01 Decentralized identity management European Commission - European CommissionEuropean Commission - European Commission Press corner Highlights, press releases and speeches (39 kB) https://ec.europa.eu/commission/presscorner/detail/en/ip_21_4630

Tom Jones 2:40 PM @Robert Mitwicki i am somewhat disappointed that the wallet effort seems to be split between mDL folk and ssi folk. I was hoping that a single interface to wallet would evolve as i suspect users will have both and it would be great if both could reside in the same wallet. Since Apple and Google wallets are already handling mDL, a combined approach might get ssi into those wallets w/o much effort. Is there anyway to create a fusion task force to try for a single solution?

Robert Mitwicki 10:51 PM replied to above

If digital wallet is designed according to true principles of SSI (actually it should never be SSI but that another topic :wink: - but close enough), you would realize that this is the most important part in the whole chain. It is a root-of-trust. So it needs to be designed so that it is completely owned and control by user himself. This is hard to achieve nowadays with mentioned platforms. I am not saying that we should not seek for compromise at that stage but I think we need to be careful. If that is done wrong, people can die, election can be win/lost, a lot of bad things could happen. We need to remember that whole SSI is so early stage that hard to think of it as production system, there is more questions then answers at that stage. This is why mDL i think is a bit faster since this is known territory. Look on eIDAS regulation where in EU we have it since 2014 and now we are entering the phase where it goes more into the hands of the citizens (SSI-like). It takes time.

At HCF we are working on the concept of TDA (Trusted Digital Assistant), we sometimes call it human operating system. As it is more concept of operating system for human being to be present in digital space then any app or wallet. If you want to learn more I invite you to our weekly calls or join this year DDE event or IIW where we would address those topics.

To answer directly your question about synergy and single solution, this is why we created HCF to bridge those grounds. You need to remember that level of trust to companies like Apple and Google is quite low at the EU level. So obviously legislators would be very very careful before allowing those companies to have control over user identity. This is why they are planning to roll out something which could be implement by anyone (including Apple and Google). In those CEN groups mentioned above we are working on overall picture how this could be done. As soon as we would have proposition, and address all concerns form EU level I am pretty sure that the dialog with commercial space would start and we would try to find consensus with tech companies. This is why we trying to be active in different communities like ToIP, DIF, Linux foundation, W3C, CEN and more to glue all that stuff in a way.

Joachim Lohkamp (Jolocom) 2:09 AM replied to a thread: @Tom Jones I know a little bit about this, but the landscape of projects is pretty complicated.… thx for looping me in Markus!

the initiative of the German Government goes all the way back to 2016 where I presented the idea of a large lighthouse project for “autonomous digital identity” - the term SSI was only coined shortly after :wink:

here are a few resources of the early and more recent work making way for the current SDI projects schaufenster-sdi.de there was a competition phase of 11 projects in 2020, out of which 4 were selected to make to the 3 year implementation phase, which started in in spring this year. in parallel the Bundeskanzleramt pushed a 5th project, which was on a tighter timeline (think: elections in Germany next weekend). all 5 projects are required to be interoperable. there is even a parallel research project (Begleitforschung) to also support this effort as well as standardization, eIDAS among other research topics.

• Currently there are 3.5 wallets as far as I’m aware involved in these projects. Lissy and esatus self at IDUnion, the Jolocom SmartWallet in SDIKA, ONCE and ID-Ideal, as well as a fork of the esatus self in the fifth project.
• here is a quick intro to the SDI projects from Jolocom’s side * https://jolocom.io/blog/sdi-breakthrough/
• for some more back ground info here are some papers: Position Paper of the German Bundesblock https://jolocom.io/wp-content/uploads/2018/07/Blockchain-Opportunities-and-challen[…]-infrastructure-for-Germany-_-Blockchain-Bundesverband-2018.pdf
• Identity Paper of the German Bundesblock https://jolocom.io/wp-content/uploads/2018/10/Self-sovereign-Identity-_-Blockchain-Bundesverband-2018.pdf
• Identity paper INATBA https://inatba.org/wp-content/uploads/2020/11/2020-11-INATBA-Decentralised-Identity-001.pdf
• JolocomJolocom The latest in the DWeb: SSI's breakthrough - Jolocom Developers can integrate Jolocom's platform-agnostic SSI technology to reach millions of EU citizens across 40 use cases poised to scale. https://jolocom.io/blog/sdi-breakthrough/

References

1. ↑ 53% Of Americans Use Digital Wallets More Than Traditional Payment Methods https://www.forbes.com/advisor/banking/digital-wallets-payment-apps/
2. ↑ Effects of behavioural intention on usage behaviour of digital wallet: the mediating role of perceived risk and moderating role of perceived service quality and perceived trust (2023-09-04) https://fbj.springeropen.com/articles/10.1186/s43093-023-00242-z
3. ↑ Rachelle Sellung and Michael Kubach, Research on User Experience for Digital Identity Wallets: State-of-the-Art and Recommendations (2023) Fraunhofer https://publica-rest.fraunhofer.de/server/api/core/bitstreams/f14ff390-c8a1-42ee-8256-326e2ab41b47/content
4. ↑ European Payment Initiative Changing the way Europe pays (2024-02) https://www.epicompany.eu/