Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

This section will highlight important requirements or describe any additional cross-cutting requirements that apply to this Building Block.

1. Privacy Protection

As PII data would be stored in the Wallet, it is important to make sure that the privacy of the holder is preserved by the implementation of cryptographic techniques and adherence to privacy-preserving standards.

2. Security

Robust security measures should be implemented to protect sensitive user information and prevent unauthorized access or tampering with digital credentials. As part of the security requirements, we need to look at the below parameters,

  • Utilization of the hardware key store in the mobile device (Android or iOS) to store the private keys of the wallet needs to be defined.

  • Defining Key Management for the Issuer and the Holder

    • Defining the Key Rotation Policy

    • Enabling an option for Key Revocation & Replacement when the key is compromised

3. Interoperability Standards

The wallet must conform to established standards like Decentralized Identifiers (DIDs) and Verifiable Credentials data models, ensuring seamless compatibility and interoperability across diverse systems.

Considering the wallet building block's intention to accommodate various credential formats, an interoperable profile can be constructed. This profile would encompass attributes such as communication protocols, credential format(s), signature algorithms, key management methods, and trust management methods.

Credential Format Profiles

Details

W3C VC (1.1) signed as JWT (not using JSON LD)

W3C VC (1.1) signed as JWT (using JSON LD)

ISO mDL MDOC

IETF SD-JWT VC

ICAO DTC

  • No labels