Difference between revisions of "Derived Mobile Credential"
(Created page with "==Full Title or Meme== derived mobile credentials Inbox Tom Jones <thomasclinganjones@gmail.com> 6:08 AM (5 hours ago) to pemc Here is a good idea for age verification that...") |
(→Full Title or Meme) |
||
| Line 1: | Line 1: | ||
==Full Title or Meme== | ==Full Title or Meme== | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
Here is a good idea for age verification that I learned from Joe Andreau. I have not been able to understand how they protect privacy, which brings us to an interesting question. We have been discussing what the user sees in terms of privacy protection, but there are other stakeholders that need to get a verification of the services policies as well. Food for thought. https://www.businesswire.com/news/home/20210511005386/en/NACS-Announces-TruAge%E2%84%A2-Digital-ID-Verification-Solution | Here is a good idea for age verification that I learned from Joe Andreau. I have not been able to understand how they protect privacy, which brings us to an interesting question. We have been discussing what the user sees in terms of privacy protection, but there are other stakeholders that need to get a verification of the services policies as well. Food for thought. https://www.businesswire.com/news/home/20210511005386/en/NACS-Announces-TruAge%E2%84%A2-Digital-ID-Verification-Solution | ||
| Line 22: | Line 16: | ||
Noreen | Noreen | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
Salvatore DAgostino | Salvatore DAgostino | ||
6:43 AM (4 hours ago) | 6:43 AM (4 hours ago) | ||
| − | |||
Some thoughts, | Some thoughts, | ||
| Line 41: | Line 25: | ||
So multiple angles here, determining an age vs. age appropriate design, and I’d think there are some differences between age to acquire license (firearm, fishing, …), buying beer or accessing adult content, in the credential apart from the age field in each of these cases. | So multiple angles here, determining an age vs. age appropriate design, and I’d think there are some differences between age to acquire license (firearm, fishing, …), buying beer or accessing adult content, in the credential apart from the age field in each of these cases. | ||
| − | |||
| − | |||
lots in the UK on topic as most here likely know, e.g. https://ico.org.uk/for-organisations/guide-to-data-protection/ico-codes-of-practice/age-appropriate-design-a-code-of-practice-for-online-services/ | lots in the UK on topic as most here likely know, e.g. https://ico.org.uk/for-organisations/guide-to-data-protection/ico-codes-of-practice/age-appropriate-design-a-code-of-practice-for-online-services/ | ||
| − | |||
| − | |||
I don’t need a 3rd party to validate my age, I have a relationship with that authority, they provide me with credential I can then use to derive others (“micro-credentials), also if I am in charge of the release then this is the best way to address privacy concerns… | I don’t need a 3rd party to validate my age, I have a relationship with that authority, they provide me with credential I can then use to derive others (“micro-credentials), also if I am in charge of the release then this is the best way to address privacy concerns… | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
I think you are missing something more interesting here. My point is not specifically about age. Many of us will never bother to get an mDL, but can use the machine readable 18013 card to acquire one of these that will reside on the phone. | I think you are missing something more interesting here. My point is not specifically about age. Many of us will never bother to get an mDL, but can use the machine readable 18013 card to acquire one of these that will reside on the phone. | ||
| Line 66: | Line 41: | ||
Salvatore DAgostino | Salvatore DAgostino | ||
| − | |||
| − | |||
Is it the grant they want to acquire or can a person actually authorize the grant/permission? | Is it the grant they want to acquire or can a person actually authorize the grant/permission? | ||
| − | |||
| Line 78: | Line 50: | ||
Peter Davis | Peter Davis | ||
| − | |||
| − | |||
Can you elaborate on what you mean by an “18013 card”? | Can you elaborate on what you mean by an “18013 card”? | ||
| Line 92: | Line 62: | ||
the driver's license card (or state ID) that you most likely have in your wallet right now. | the driver's license card (or state ID) that you most likely have in your wallet right now. | ||
| − | |||
| − | |||
| − | |||
==References== | ==References== | ||
[[Category: Identity]] | [[Category: Identity]] | ||
Revision as of 11:40, 3 June 2022
Full Title or Meme
Here is a good idea for age verification that I learned from Joe Andreau. I have not been able to understand how they protect privacy, which brings us to an interesting question. We have been discussing what the user sees in terms of privacy protection, but there are other stakeholders that need to get a verification of the services policies as well. Food for thought. https://www.businesswire.com/news/home/20210511005386/en/NACS-Announces-TruAge%E2%84%A2-Digital-ID-Verification-Solution
What this is, is a derived credential, or a ticket that allows access to a particular venue, that is, to purchase age related goods from a convenience store.
This is also the description of an identity federation which is determined by its focus on a single attribute - age.
Be the change you want to see in the world ..tom
Noreen Whysel 6:15 AM (5 hours ago) to me, pemc
Lik a digital hand stamp. Does it expire or is it permanent?
Noreen
Salvatore DAgostino 6:43 AM (4 hours ago)
Some thoughts,
So multiple angles here, determining an age vs. age appropriate design, and I’d think there are some differences between age to acquire license (firearm, fishing, …), buying beer or accessing adult content, in the credential apart from the age field in each of these cases.
lots in the UK on topic as most here likely know, e.g. https://ico.org.uk/for-organisations/guide-to-data-protection/ico-codes-of-practice/age-appropriate-design-a-code-of-practice-for-online-services/
I don’t need a 3rd party to validate my age, I have a relationship with that authority, they provide me with credential I can then use to derive others (“micro-credentials), also if I am in charge of the release then this is the best way to address privacy concerns…
I think you are missing something more interesting here. My point is not specifically about age. Many of us will never bother to get an mDL, but can use the machine readable 18013 card to acquire one of these that will reside on the phone.
So the cred that can be used to derive this cred can be much broader than mDL. The question is not what each person needs, but rather what grant each person wants to acquire and there may be many paths to acquire that derived cred.
From my perspective, the 18103 card IS A MOBILE CRED and needs the sort of privacy protections we are describing here.
Be the change you want to see in the world ..tom
Salvatore DAgostino
Is it the grant they want to acquire or can a person actually authorize the grant/permission?
Tom Jones
7:13 AM (4 hours ago)
To me one thing that is interesting about this is the conjunction of the real and the virtual worlds. The place where the human engages varies by use case. For
Peter Davis
Can you elaborate on what you mean by an “18013 card”? Peter Davis Chief Technology Officer, Chief Privacy Officer peter.davis@airsidemobile.com
Tom Jones
9:27 AM (2 hours ago)
to Peter, Salvatore, pemc
the driver's license card (or state ID) that you most likely have in your wallet right now.
