Cross-Cutting Requirements

1. Privacy Protection

As PII data would be stored in the Wallet, it is important to make sure that the privacy of the holder is preserved by the implementation of cryptographic techniques and adherence to privacy-preserving standards.

2. Security

Robust security measures should be implemented to protect sensitive user information and prevent unauthorized access or tampering with digital credentials. As part of the security requirements, we need to look at the below parameters,

• Utilization of the hardware key store in the mobile device (Android or iOS) to store the private keys of the wallet needs to be defined.

• Defining Key Management for the Issuer and the Holder

  • Defining the Key Rotation Policy

  • Enabling an option for Key Revocation & Replacement when the key is compromised

3. Interoperability Standards

The wallet must conform to established standards like Decentralized Identifiers (DIDs) and Verifiable Credentials data models, ensuring seamless compatibility and interoperability across diverse systems.

Considering the wallet building block's intention to accommodate various credential formats, an interoperable profile can be constructed. This profile would encompass attributes such as communication protocols, credential format(s), signature algorithms, key management methods, and trust management methods.

3.1. Communication Protocols

3.1.1. Credential Issuance Protocol

• OpenID4VCI

  • Authorization Code Flow

  • Pre-authorization Code Flow

3.1.2. Credential Presentation Protocol

• OpenID4VP

3.2. Credential Formats

• W3C VC (1.1) signed as JWT (not using JSON LD)

• W3C VC Secured using Data Integrity, using JSON-LD, with a Proof Suite Requiring Linked Data Canonicalization

• W3C VC (1.1) signed as JWT (using JSON LD)

• ISO mDL MDOC

• IETF SD-JWT VC

• ICAO DTC