Versions Compared

Old Version 8

changes.mady.by.user Rounak Nayak

Saved on

compared with

New Version 9

changes.mady.by.user Rounak Nayak

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Credential holders should be able to retrieve, securely store and manage various types of digital credentials, including educational, professional, and other verifiable credentials in the Wallet.

1.1. Integrate with Credential Issuers

...

colourGreen
titlePhase 1

The wallet must seamlessly integrate with a variety of credential issuers, ensuring a streamlined process for credential issuance and updates into the wallet.

A user-friendly and customizable mechanism should be in place to facilitate integration with credential issuers. This ensures a simplified and efficient addition of new credentials to the wallet.

1.2. Secure Storage of Credentials

...

...

The wallet must provide a secure environment for storing sensitive credential information, implementing encryption techniques to protect stored credentials and ensuring that only authorized users can access and decrypt the information.

...

The wallet must empower credential holders with control over their digital credentials, allowing them to decide when and how to share specific information.

2.1. Presenting Credentials in Standardized Formats

...

...

colourGreen
titlePhase 1

The holder should be able to digitally present the credentials to relying parties or verifiers through a secure and standardized format, making it interoperable and convenient for various verification scenarios.

...

  • QR Code Sharing

    • Method: Generate a QR code representation of the verifiable credentials.

    • Usage: Users can display the QR code on their device, and verifiers can scan it to receive the credential information. This method is efficient and can be used in offline scenarios.

  • Secure URL or Links

    • Method: Create a secure URL link to the verifiable credentials.

    • Usage: Users can share the link with verifiers, who can then access the credential information through a secure online connection. This method is convenient for remote verification.

  • Bluetooth Sharing StatuscolourGreentitlePhase 1

    • Method: Leverage Bluetooth technology for secure data transmission.

    • Usage: Users can share their credentials with Bluetooth-enabled devices, providing a wireless and secure means of transferring information.

  • NFC (Near Field Communication) Sharing

    • Method: Transmit credential information between devices using NFC.

    • Usage: Users tap their device against an NFC-enabled verifier's device to securely share the credential.2. User Control and Consent.

  • Deep Linking

    • Method: Generate a deep link pointing to the specific credential within the Digital Credential Wallet.

    • Usage: Users share the deep link, and recipients can click or open it to access the credential directly within the app.

  • Credential Sharing via DLT (Distributed Ledger Technology):

    • Method: Leverage blockchain or other DLT for secure and tamper-evident credential sharing.

    • Usage: Credentials are stored on a decentralized ledger, and users can share proof of credentials without revealing the actual data.

  • Email or Messaging Integration:

    • Method: Send encrypted credential information via email or messaging.

    • Usage: Users send verifiable credentials directly to verifiers through secure communication channels.

2.4. Biometric Authorization for Sharing

...

...

The digital wallet should offer a provision for credential holders to authenticate themselves, preferably utilizing biometrics, before sharing credentials, thereby adding a layer of security. This process also ensures that the credential holder was physically present during the credential sharing, and implicit consent was captured.

...

The wallet must automatically identify credential based on the expirations and marking expired credentials as invalid.

5. Using Wallet as an Authenticator

This feature allows credential holders to authenticate themselves using selected credentials stored in the wallet, leveraging diverse authentication mechanisms available within the wallet's functionality.

5.1. Authentication Methods

The wallet should be able to support multiple authentication methods, including but not limited to biometrics (fingerprint, facial recognition), PIN, and passphrase. This would enable the holder to have the flexibility to choose and configure their preferred authentication method.

5.2. Secure Authentication Protocols

The wallet should have robust and secure authentication protocols, ensuring the confidentiality and integrity of authentication processes. Industry-standard protocols such as OAuth or OpenID Connect should be used for secure interactions.

5.3. Multi-Factor Authentication (MFA):

The wallet can have the support for multi-factor authentication for enhanced security where a combination of two or more authentication factors are used, such as biometrics and a PIN, to strengthen user verification.