Presentation from a Wallet

From MgmtWiki
Revision as of 16:58, 8 February 2022 by Tom (talk | contribs) (Response)

Jump to: navigation, search

Full Title or Meme

This represents a bundle of claims and credentials in a Presentation from a Wallet.

Context

  • This was generated as the high-level view of a Mobile Driver's License Presentation.
  • Wallets are now (in 2021-07) being asked to accumulate a variety of user private information and credentials. Here-to-fore not common request to a wallet has been proposed.
  • See the wiki page Direct Presentation for Microsoft's take on the same topic.

Actors

The issuer of the credential is not included in this list but is essential to the entire Ecosystem.

  1. The human user of a computing device with a means to securely store secrets.
  2. The application running as a User Agent on the computing device with access to a secure, hardware enabled wallet containing user credentials and other secrets.
  3. The computing device, whether mobile phone or laptop, will need to provide secure storage and collect user inputs for transmission in the bundle to the RP.
  4. The Relying Party aka the Verifier of the bundle sent by the Wallet.

Problems

Standards and other guidance have been created for requesting private information from users. There is little coordination between these efforts. A partial list follows:

  1. W3C Verifiable Credentials
  2. OpenID Connect
  3. IETF GNAP
  4. Open ID SIOP
  5. ISO 18013-5 on the Mobile Driver's License

Solution

The following is both a collection and a proposal for a unified solutions to the problems.

Request

Collection of needs sent to the wallet

Response

Bundled set of credentials presentations and user information from the Wallet.

User Journey

  1. User is at a place where some form of ID is required.
  2. User taps wallet to verification device
  3. Verification Device sends a request to the user
  4. Uwe Wallet interprets the verifier request into a SINGLE SCREEN UX
  5. If there are optional requirements the user can disable them.
  6. The user clicks OK
  7. The response returns to the verifier
  8. If the verifier is happy the user gains access

References