Digital Wallets and Self Sovereign Identity
Explainer
- Handout: The history and future of digital wallets 2023-06-29 Steve Lockstep PDF
We can trace the history of digital wallets with a Capability-Maturity Model (CMM) from paper and magnetic stripes to chip and mobiles. The fundamentally important trend over the decades has been to use smart technology to prove the properties of the data carried in the wallet. Today’s smart phone wallets prove the origin of each credential, possession by its rightful owner, the manufacturer and history of the wallet, and other metadata.
- GlobaliD 101: ID wallets 2022-08-02 GlobalID
What if instead, you could securely and selectively share your ID with an expiring link? Your name and photo will be visible but other private details will be blurred out. Your Airbnb now believes you are who you say you are because they also trust the issuer of your digital credential. Likewise, you don’t have to worry that a copy of your full license is on a stranger’s phone forever. Everyone rests easy, and you enjoy the heck out of your vacation.
- A Business Trip with FlexID SSID 2022-03-19 Kudzaishe George Zharare
In the offline world, we typically store credentials in a physical wallet — it keeps them all in one place, protects them by keeping them close to our body, and makes them easy to carry around and access when we need them. The job of a digital wallet is no different:
- Store your credentials, keys/keycards, bills/receipts, etc
- Protect them from theft or prying eyes.
- Keep them handy — easily available and portable across all your devices.
- Self-Sovereign Identity: The Foundation of the Digital Wallet 2022-03-03 Nevis
Turning identifying features into verified credentials
How exactly does this work? Let’s look at the three roles of user, issuer and verifier. Firstly, users can have any number of attributes – such as their credit rating, national identity document or driving licence – certified by the entity responsible for each attribute.
- Digital Identity Wallet: A place for your self-sovereign identity 2021-06-20 SSI Ambassador
This article explains what a wallet is, how it works and how you can use it for managing your digital identity. While there are also wallets for institutions, this article only focuses on wallets for end users. The article also takes into consideration the revised eIDAS regulation including the ‘European Digital Identity Wallet’.
- 5 Reasons to Use an Identity Wallet 2021-06-14 Affinidi
Undoubtedly, identity wallets are an integral part of the future as it comes with a ton of benefits geared for the next-gen online security.
- The benefits of Self-Sovereign Identity wallets: Collaborating on Self-Sovereign Identity wallets 2021-03-18 Rabobank (Part 2
SSI and identity wallets will make it easier for citizens, organizations and governments to manage (digital) identities. It will make registrations and transactions across the internet private and secure. It will also make organizations more efficient and effective. As administration is reduced, costs will decrease. As their user interface becomes easier to use, their customers will perform more registrations with less errors - what in some cases will lead to extra revenue, but in all cases will lead to more satisfied customers
- Digital Wallets and Digital Agents: Putting the Individual in Control 2021-03-05 Evernym
Fittingly, some define wrath as “when anger is directed against an innocent person, and when it is unduly strong or long-lasting.” That feels right if you consider the real-life impacts of disabling someone’s digital identity without notice.
- [Report] Making Sense of Digital Wallets (DIACC) 2020-12-15 DIACC
This report proposes what a trusted digital wallet should aim to do.
- Operationalizing Digital Relationships 2020-11 Phil Windley
An SSI wallet provides a place for people to stand in the digital realm. Using the wallet, people can operationalize their digital relationships as peers with others online.
Policy
- An Identity Wallet Bill of Rights - Starting With the Mobile Driver License 2022-09-12 Spruce Systems
The EFF further has recommended W3C Verifiable Credentials due to their history of being developed in the public, and being an open standard. We agree with this. Vendors such as Microsoft, Ping Identity, Workday, and Spruce have already adopted these in pilots and production use cases. Furthermore, Underwriter Labs, an author of ISO 18013-5, has described how to interoperate Verifiable Credentials with the ISO described data model and protocols. We look forward to continuing our collaborations here such as demonstrating interoperability with TBD:
- Digital Wallets and Migration Policy: A Critical Intersection 2022-06-15 Bosh Stiftung (Download
In cross-border and migration contexts, digital wallets promise to have wide ranging implications for global governance, especially in identity management and finance. In this brief Margie Cheesman outlines use cases as well as concerns and risks when it comes to their adoption in the migration sector.
- Validated ID’s journey to becoming EBSI compliant 2022-05-10 Validated ID
[Wallet Conformance Tests] are designed to demonstrate that the wallet provider can onboard users safely, receive verifiable credentials from a trusted issuer, and present verifiable credentials to a verifier. All of these, using of course EBSI infrastructure.
- Trust In Your Wallet 2022-04-27 Findy Agency
Finnish Trust Network consists of “strong electronic identification” providers. The concept means proving one’s identity in electronic services that meets specific requirements laid down by Finnish law. The identity providers are required to implement multi-factor authentication to authenticate the users.
- Identity Wallets & eIDAS 2.0 2022-03-24 State of Identity
What role will public vs. private institutions play in the rollout of eIDAS 2.0 wallets? On this week’s State of Identity podcast, host Cameron D’Ambrosi is joined by Marcel Wendt, CTO & Founder of Digidentity. The duo discusses the looming impact of eIDAS 2.0 on digital identity globally, how to keep data secure when verifying the identity of individuals and businesses online, and the European Union’s clear vision for where digital identity is headed].
Organization
- Wallet Security [email protected] 2023-06-13 DIF
The WG will design and define secure wallet architecture, establish common terminology, produce guidelines, classify and specify security capabilities and best practices, and more.
- OpenWallet Foundation 2022-09 Nat Sakimura
The formation of the OpenWallet Foundation was announced at the Open Source Summit held in Dublin on the evening of the 14th. The OpenWallet Foundation is an open source wallet based on standard protocols
Product
- Super Apps Or Smart Wallets? David G.W. Birch 2022-01-04
There’s plenty of talk of super apps around at the moment as a variety of players attempt to become the western equivalent of the Asian app giants such as Alipay, Gojek and Kakao. But how do you get from a digital wallet to a super app?
- The easiest tool to imagine is a wallet or a wallet app (here’s one) with some kind of dashboard 2020-11-11 [ Sources]
It’s understandable then why Civic is phasing out it’s identity app and merging it into its wallet. (Which further validates GlobaliD’s current path.)
- Trinsic Introduces Interactive Connections in their Wallet & Platform 2020-11-03
Instead of a passive responder, the wallet holder is a peer who can initiate actions of their own. In addition, wallet holders can interact not only with institutions, but also with other wallet holders, to communicate securely and share verified information [using DIDComm V1].
Development
- W3C CCG Digital Wallet Protocols Analysis 2022-03-24 Credentials Community Group
This document contains an analysis of the protocols available for performing digital wallet invocation and Verifiable Presentation exchange.
- Universal Wallet 2020 2023-02-22 Credentials Community Group
This specification describes a portable, extensible, JSON-LD wallet representation, supporting digital currencies and credentials.
- DIF Wallet Security WG - Wallet Implementers Survey 2022-01-07 Paul Bastian
I summarized our goals and visions in this presentation, for more information check out the Github page
Also we ended up to initiating 2 new work items at the end of last year:
- Paper based credentials: Demo and discussion 2021-05-06 Kyle Den Hartog, Preet Patel
Paper VC’s demo YouTube links:
- https://youtu.be/EXvWxFjHvdY
- https://youtu.be/fEBNGj377Vc
Second demo video using a different potential flow: https://www.youtube.com/watch?v=fEBNGj377Vc
Paper VC’s are hard to bring to parity with “digital VC’s”. The biggest issue is binding subject to holder and verifying that. There were also callouts on how do you prevent replication.
Traditionally, QR codes with the entire VC can be put onto a piece of paper. We proposed compression on those QR codes using CBOR-LD that reduces size of codes by 50%.
Alternative ways include adding VC’s into NFC chips and adding the NFC identifier as a claim to the VC preventing duplication. There is a cost overhead to this compared to paper but is a cost potentially worth occurring.
- Indicio contributes UI messaging design for digital wallet to open source 2021-03-23 Indicio
A finalist in the Department of Homeland Security (DHS) Science and Technology ( S&T) Trusted User Interface (UI) Digital Wallets Challenge, the UI digital wallet design is now available in the Indicio public Github repository.
- What’s in a Wallet? The recap 2020-07 Heather Vescent
The CCG hosted two sessions where we asked people from inside and outside the community to answer the question,“What’s in a Wallet?” You can review the meeting notes and listen to the audio below:
- Tuesday July 7, 2020
- Tuesday July 14, 2020
“What’s in a Wallet?” as answered by… - Manu Sporny, Digital Bazaar: Wallet Architecture Diagram
- Christopher Allen: Decentralized Identity Network Components
- Dan Buchner: Microsoft (check the minutes.)
- Kyle Kemper, SwissKey
- Kaliya Identity Woman Young: CCG Glossary Group with DIF Presentation
- Orie Steele, Transmute: Universal Wallet
- Daniel Hardman: What goes in a Wallet?
- Darrell O’Donnell: The State of Digital Wallets
- Charles Cunningham, Jolocom: What’s in a Wallet?
- Katryna Dow, MeeCo (check the minutes.)
- Nathan Tonani, Learning Economy.io: What is a Wallet?
- Dealing with private key loss or compromise in digital identity systems 2015-10-31 Christian Lundkvist RWoT 1
If an identity is tied to a single persistent private key, then loss or compromise of the private key will mean total loss of the identity. Since key compromise and/or loss do happen there needs to be a way to recover from this in order to have a persistent digital identity. See here for definitions used.
If the user of the identity suspects that a key is or may be compromised the user can rotate their key by submitting a new key to the system, signed by the old key. After this the old key can be revoked.
User Experience
- Custodial vs Non-custodial Wallets 2022-01-21 Affinidi
The biggest disadvantage of non-custodial wallets is their inaccessibility when you lose or forget the password. Since you are the sole custodian, there is a huge responsibility on you to always remember the password of your wallet.
- Determinants of Behavioral Intention to Use a Self-Sovereign Identity Digital Wallet: Extending the UTAUT with Trustworthiness 2021-09-27 Kerri Lemoie
The unified theory of acceptance and use of technology was extended to examine the potential influence of the self sovereign identity principles and trustworthyness, along with other factors such as percieved usefulness and perceived ease of use, on the adoption of this new approach to online identity
- Dissertation Study on Adoption of SSI Digital Wallet 2021-05-06 Kerri Lemoie [Slides]
Perceived benefit + Perceived ease of use => Behavioral intention
Her hypotheses: (slide 13)- H1: Perceived usefulness will have a positive effect on behavioral intention to use a self-sovereign identity digital wallet.
- H2: Perceived ease of use will have a positive effect on behavioral intention to use a self-sovereign identity digital wallet.
- H3: Trustworthiness will have a positive effect on behavioral intention to use a self-sovereign identity digital wallet.
- H3a: Trustworthiness will have a positive effect on perceived usefulness.
Methodology: anonymous online survey using design fiction (think “Star Trek”)
- Digital Identity Wallet UI Competition 2020-12-14 Federal Blockchain News
Kathleen Kenyon & Anil John believe that blockchain-based identity wallets are designed for engineers, not users, and created the Digital Identity Wallet UI Design Competition to address that challenge. Hear from the finalists’: Jeff Stephens of Dignari, Josh Welty of Trinsic, along with Ken Ebert and Scott Harris of Indicio.
Ecosystem
Wallet Overview TNO SSI-Lab 2023 Related
Wallet | Open Source | Credential Format | Encoding Scheme | Signature Algorithm | Revocation Algorithm | Peer-to-Peer Protocol | Blockchain Type | Blockchain Purpose | Credential Exchange Protocol | Connection Type |
---|---|---|---|---|---|---|---|---|---|---|
AceID Wallet* - AceBlock | ? | - | - | - | - | - | AceBlock blockchain framework | - | - | - |
Apple Wallet | - | - | - | - | - | - | - | - | - | |
Atala PRISM - IOHK | No | JWT-VC, soon:AnonCreds | JSON, JSON-LD | ECDSA, soon: CL | Revocation not supported, soon: Revocation List 2021 | DIDComm | Cardano | Anchoring public DIDs for issuers and/or verifiers (ie: enabling trust registry) | Issue Credential Protocol, Present Proof Protocol, Presentation Exchange | Connection-based communication |
Blockcerts Wallet - Hyland Credentials | Yes | - | - | - | - | - | Bitcoin and Ethereum, with Merkle proof linking credential to blockchain transaction | - | - | - |
Blockpass | No | - | - | - | - | - | Ethereum or Blockpass | - | - | - |
Secure Identity - Bloom | No | - | - | - | - | - | ? | - | - | - |
CertiShare Wallet - The Ego Company | No | AnonCred, JSON-LD | JSON | BBS+ | Indy revocation | DIDComm, DID Exchange Protocol, openID | Hyperledger Indy | Schema, CredentialDefinitions, DID, Revocation | OIDC4CI, Issue Credential Protocol, Present Proof Protocol, Presentation Exchange | Direct communication, Connection-based communication |
Connect.Me - Evernym | Yes | - | - | - | - | - | Hyperledger Indy and Hyperledger Ursa | - | - | - |
Data Wallet - iGrant.io | No | AnonCreds, VC(?) | JSON | CL, ES256 | Indy revocation, EBSI revocation | OIDC, SIOP, DIDComm, DID Exchange Protocol, Connection protocols in AIP 1.0 | Hyperledger Indy, Ethereum, EBSI blockchain | For publishing schema IDs, credential def IDs and public DID | OIDC4CI, OIDC4VP, Issue Credential Protocol, Present Proof Protocol, Presentation Exchange, DEXA | Direct communication, Connection-based communication |
Datakeeper - Rabobank Nederland | No | LDP-VC | JSON-LD | ECDSA | Validity credential, Revocation not supported | Datakeeper protocol | N/A | N/A | Datakeeper protocol (Verifiable Presentation) | Direct communication |
DID:Wallet - ArcBlock | No | - | - | - | - | - | ArcBlock’s own blockchain and comprehensive support for the Ethereum ecosystem. | - | - | - |
esatus Wallet | A new version, SOWL wallet, coming soon, with an open source SDK. | AnonCred | JSON | CL | Indy revocation | DIDComm | N/A | N/A | Issue Credential Protocol, Present Proof Protocol, Presentation Exchange | Connection-based communication |
Gataca | No | LDP-VC, JTW-VC | JSON-LD | EdDSA, RSA, secp256k, P-256, CadEs | Status List 2017, Status List 2021 | OIDC, SIOP | We are agnostic to the infra, so the platform right now supports Ethereum, Fabric and EBSI | To anchor DIDs (legal entities), and to anchor the trust framework | OIDC4CI, OIDC4VP, Presentation Exchange | Direct communication, Connection-based communication |
Gimly ID | - | - | - | - | - | - | - | - | - | |
helix id - Blockchain Helix AG | partly open sourced | JWT, JWT-VC | compact and JSON serialization, JSON, JSON-LD | BBS+, ECDSA | DID Revocation | OIDC, DIDComm, DID Exchange Protocol | public permissioned Ethereum, IPFS | No personal data | Issue Credential Protocol, Present Proof Protocol, Presentation Exchange | Direct communication, Connection-based communication |
IDEMA | - | - | - | - | - | - | - | - | - | |
idento.one | - | - | - | - | - | - | - | - | - | |
Identry | No | AnonCred | JSON | CL | Indy revocation | DIDComm | HyperLedger Indy | Authorization, Credentials Schemas, Revocation registry | Present Proof Protocol | Direct communication, Connection-based communication |
Jolocom SmartWallet | Yes | - | - | - | - | - | Ethereum | - | - | - |
KayTrust Wallet | No | - | - | - | - | - | Blockchain network based on Ethereum | - | - | - |
Lissi Wallet | No | AnonCred | JSON | CL | Indy revocation | DIDComm | Hyperledger Indy | Decentralized Public Key Infrastructure | Issue Credential Protocol, Present Proof Protocol, soon: OpenID4VCI and OpenID4VP | Direct communication, Connection-based communication |
MATTR Wallet | No | LDP-VC | JSON-LD | BBS+, EdDSA | RevocationList2020 | OIDC, DIDComm | ION - if ION DID menthod used | Storing public keys | OIDC4CI | Direct communication, Connection-based communication |
Microsoft Entra | No | - | - | - | - | - | - | - | - | |
MYKEEPiN - Metadium | No | JWT, JWT-VC | compact and JSON serialization, JSON, JSON-LD | ECDSA | Non-revocation token | N/A | Metadium | Scale up for DID | N/A | Direct communication |
Paradym Wallet - Animo | Yes | JWT-VC | compact and JSON serialization, JSON | EdDSA, ES256 | No | OID4VC | N/A | N/A | OIDC4CI, OIDC4VP, Presentation Exchange | Direct communication |
SelfKey Wallet | Yes | - | - | - | - | - | Ethereum | - | - | - |
Sphereon Wallet | Yes | JWT, JWT-VC, LDP-VC | compact and JSON serialization, JSON, JSON-LD, JSON-LD | BBS+, ECDSA, EdDSA, RSA | Status List 2021, Validity credential | OIDC, SIOP, DIDComm | N/A | N/A | OIDC4CI, OIDC4VP, Presentation Exchange | Direct communication, Connection-based communication |
Spherity Wallet | No | AnonCred, JSON-LD | - | CL, BBS+, EdDSA | Indy Revocation, Revocation 5539, Status List 2021 | OIDC, SIOP, DIDComm, DID Exchange Protocol | Ethereum | Anchor DID & DID Documents, Trust Registry, Revocation Registry | OIDC4CI, OIDC4VP, Issue Credential Protocol, Present Proof Protocol, Presentation Exchange | Direct communication, Connection-based communication |
Talao | Yes | JWT-VC, JSON-LD | JSON, JSON-LD | ECDSA | Status List 2021 | OIDC, SIOP, DID Exchange Protocol | Ethereum, ION, EBSI, PolygonID | identity, crypto | OIDC4CI, OIDC4VP, Present Proof Protocol, Presentation Exchange | Direct communication, Connection-based communication |
uPort | No | - | - | - | - | - | Ethereum | - | - | - |
VIDwallet - Validated ID | No | JWT-VC, JSON-LD, JWT | JSON, JSON-LD | ECDSA, EdDSA | Status List 2021 | OIDC, SIOP | EBSI, Alastria, Ethereum | Trust Anchor, Trust registry, root of trust | OIDC4CI, OIDC4VP | both |
walt.id | Yes | JWT, LDP-VC | compact and JSON serialization | ECDSA, EdDSA, RSA | Revocation not supported | OIDC, SIOP | ebsi, iota, cheqd, velocity | EBSI - cross-border digital public services. IOTA - the Internet of Things (IoT) ecosystem. Velocity - Verified career credentials / trusted talent marketplace. Chqed - credential exchange between individuals and orgs. | OIDC4CI, OIDC4VP, Presentation Exchange | Direct communication, Connection-based communication |
Workday Wallet | - | - | - | - | - | - | - | - | - | |
Yivi - Privacy by Design Foundation | Yes | Idemix ABC | JSON | CL, Schnorr | Own implementation on top of Idemix | IRMA protocol | N/A | N/A | IRMA protocol | Direct communication, Interpreted as direct wallet to IDP and wallet to RP connections. No communication through centralized components in our infrastructure. IRMA is fully decentralized. |
ZADA | Yes | AnonCred, RSA | JSON | CL, RSA | Indy revocation | DIDComm | Sovrin | Public DIDs and associated DID documents with verification keys and endpoints, schemas and credential definitions, revocation registries, agent authorisation policies | Issue Credential Protocol, Present Proof Protocol, Presentation Exchange | - |
- Verifiable Credentials Wallets for Learning and Employment 2022-04 Jobs for the Future Wallet Survey
Skills-based practices make pathways to good careers more accessible to a wider segment of the workforce by focusing on what workers can do, not on the degrees or certifications they’ve earned. The verifiable credentials wallets highlighted in this market scan give learners and workers the tools they need to communicate the totality of their skills and abilities and translate their achievements into future opportunities
[…]
We narrowed the field from hundreds of digital wallets to those that workers and learners can use to store and share their verifiable credentials. - SSI Wallet LIst 2022-03-31 Gimly
- Trinsic Wallet by Trinsic
- Esatus Wallet by Esatus
- Lissi ID Wallet by Lissi
- SelfKey Wallet by SelfKey Foundation
- Connect.Me Wallet by Evernym
- Data Wallet by iGrant.io
- Gataca Identity by Gataca
- Talao Wallet by Talao
-
AceID Wallet by [AceBlock Netis](https://github.com/aceblockID) - Mattr Wallet by Mattr
- DataKeeper by Rabobank
- Microsoft Authenticator by Microsoft (Not open source)
- Bloom by Bloom
- DID Wallet by ArcBlock
- Wallet-Mania 2021-09-24 Mike Vesey, Dev Bharel, Adrian Doerk, RJ Reiser, Michael Boyd Northern Block
Digital Wallets are taking off! OS operators such as Apple are starting to support open standards for digital credentials (here). Technology disruptors (like the companies represented in this episode) are taking wallet solutions to market (here.
- The State of Digital Identity Wallets 2019-02-27 Darrell O’Donnell SSI Meetup
The seemingly simple wallet turns out to be exceedingly hard. The initial focus of the study was on the enterprise aspects of Digital Wallets but it quickly shifted and broadened to apply generally to people and organizations. The project is culminating in a public and private report. The public report is intended to start a deeper discussion into what we really need from our Digital Wallet.
Wallets
- Selv identity wallet 2023-06-30 IOTA
You can use the included CLI to generate a credential. Supply the name of schema as defined in “Add Credential Schemas” and a path to your input data.
- Global ID: Introducing our new ID Wallet 2022-09-14 FUTURE PROOF
Our biggest product release in some time, our new ID Wallet is a core pillar of our mission to enable anyone to create and own their digital identity. We spoke with GlobaliD’s Trey Steinhoff to discuss the launch.
- The Launchpad: Introducing the new ID Wallet 2022-09-13 Global ID
As the user-facing part of the Trust Triangle, your ID Wallet should be beautiful, secure, and convenient.
- OKTA Identity Cloud Integration with SSI agent 2021-11-23 Sethi Saab
You will be able to learn how we can integrate existing centralized IDM solutions like Oracle Identity Cloud Service, OKTA identity Management, Sailpoint or Saviynt with SSI solutions like Hyperledger Aries, Spherity, or Trinsic to issue Verifiable credentials at the enterprise level as per
- Datarella Launches SSI Wallet For Innovative Identity Management 2021-06-22 Datarella
It can be integrated into new or existing ecosystems and provide fundamental decentralized identity infrastructure for users to authenticate, issue and receive Verifiable Credentials or transfer data. This allows for many innovative use cases like credential-based access management, automatic credential verification or trusted data transfer.
- Self-Sovereign Identity Mobile Wallet 101: Key Features 2021-04-22 Northern Block
In this video we showcase the features that a NB Orbit Mobile Wallet user can use:
- Form P2P connections through DIDComm
- Receive credential proof requests
- Manage Verifiable Credentials
- Scan QR codes to initiate proof requests
- Manage profile
- An Introduction to the Trinsic Wallet 2021-03-02
When an organization requests information from an end user, the end user can decide whether to accept or reject the request. If the request is accepted, the wallet will find the relevant data from all of their credentials that is needed to fulfill the request.