| Info |
|---|
This section will highlight important requirements or describe any additional cross-cutting requirements that apply to this Building Block. |
1. Privacy Protection
...
As PII data would be stored in the Wallet, it is important to make sure that the privacy of the holder is preserved by the implementation of cryptographic techniques and adherence to privacy-preserving standards.
2. Security
Robust security measures should be implemented to protect sensitive user information and prevent unauthorized access or tampering with digital credentials. As part of the security requirements, we need to look at the below parameters,
Utilization of the hardware key store in the mobile device (Android or iOS) to store the private keys of the wallet needs to be defined.
Defining Key Management for the Issuer and the Holder
Defining the Key Rotation Policy
Enabling an option for Key Revocation & Replacement when the key is compromised
3. Interoperability Standards
...
The wallet must conform to established standards like Decentralized Identifiers (DIDs) and Verifiable Credentials data models
...
, ensuring seamless compatibility and interoperability across
...
Continuous Improvement Mechanism
Incorporate agility for continuous improvement, adapting to emerging technologies, standards, and user feedback to remain at the forefront of digital credentialing.
Security
...
diverse systems.
Considering the wallet building block's intention to accommodate various credential formats, an interoperable profile can be constructed. This profile would encompass attributes such as communication protocols, credential format(s), signature algorithms, key management methods, and trust management methods.
Credential Format Profiles | Details |
|---|---|
W3C VC (1.1) signed as JWT (not using JSON LD) | |
W3C VC (1.1) signed as JWT (using JSON LD) | |
ISO mDL MDOC | |
IETF SD-JWT VC | |
ICAO DTC | |
AnonCred |