Difference between revisions of "Wallet Notices"

From MgmtWiki
Jump to: navigation, search
(Problems)
(Problems)
Line 15: Line 15:
 
==Problems==
 
==Problems==
 
* User fatigue sets in on excessive notice displays. This fatigue is different for different user and so display thresholds need to be under user control.
 
* User fatigue sets in on excessive notice displays. This fatigue is different for different user and so display thresholds need to be under user control.
* [[Smartphone]]s typically have one notification setting per app. The wallet setting should be on, but that is not very likely.
+
* [[Smartphone]]s typically have one overall notification setting per app. The wallet setting should be on, but that is not very likely.
 
** There are detailed settings under notifications (Banners, Sounds, Badges, etc.), but they are very seldom part of the user's attention.
 
** There are detailed settings under notifications (Banners, Sounds, Badges, etc.), but they are very seldom part of the user's attention.
 
* Some wallet devices can be tracked by the radio signals that are released as a part of establish a connecting to the wallet.
 
* Some wallet devices can be tracked by the radio signals that are released as a part of establish a connecting to the wallet.

Revision as of 10:31, 31 January 2024

Full Title

The contents and availability of notification to the user of a digital Wallet needs to satisfy both privacy concerns and user preferences.

Context

  • The term user applies to wallets holders and Subjects when they are different from the holder.
  • Typically only the holder (owner) of the wallet receives and stores notices.
  • This page considers only the role of the Verifier as it is assumed that any other party first needs to verify the wallet and holder.
  • Government legislation that mandates the release of information on different terms than these is not in the scope of this page.

Goals

The following are the required success criteria for both the user and the Verifier.

  • The identification of the Verifier must be established prior to the release of any information that can be used to identify or track the user.
  • Once an enduring relationship has been established with a user as evidenced by the acquisition of user information, the Verifier is obligated to notify the user by some channel when that information is released under any condition not approved by the user.

Problems

  • User fatigue sets in on excessive notice displays. This fatigue is different for different user and so display thresholds need to be under user control.
  • Smartphones typically have one overall notification setting per app. The wallet setting should be on, but that is not very likely.
    • There are detailed settings under notifications (Banners, Sounds, Badges, etc.), but they are very seldom part of the user's attention.
  • Some wallet devices can be tracked by the radio signals that are released as a part of establish a connecting to the wallet.

Solutions

  • The initial message from the Verifier to the user will contain ...

Audit

  • The only way to verify that privacy-preserving mandates are satisfied is for some level of auditing as to what a Verifier actually does.
  • All audits have some information that should not be released to the public.
  • A list of notifications from Verifiers should be maintained by user wallets for the user's sole benefit. This can be consider to be an audit trail.
  • Audit trails in the Verifier containing user private information must be protected by encryption or similar levels of protection.

References