search

WICG / digital-credentials

Digital Credentials, like driver's licenses
https://wicg.github.io/digital-credentials/
Other
66 stars 8 forks source link

Digital credential API should support identity verification #127

Open pkotwicz opened 1 week ago

pkotwicz commented 1 week ago

One use case where it is likely that the digital credential API will be used is identity verification. For instance, a hotel booking website wants to verify that the user is who they say they are.

It would be better if instead of the website requesting the user's full identity (name, address, social security number) via the digital credentials API that the digital credentials API offered a version of the API which allowed the website to pass to the wallet the information that it has about the user (that the user entered in <input> fields). The wallet app would return the passed-in credentials via the digital-credentials-API only if the passed-in credentials matched the credentials in the user's wallet app.

This proposal likely will not affect the shape of the digital credentials API but will affect the contents of IdentityRequestProvider::request object.

I haven't yet thought through how to prevent the wallet app from learning the user's credentials if the user hasn't yet entered any credentials into the wallet app. (use hashes?)

jogu commented 1 week ago

I've not thought about how good/bad an idea this is, but this kind of "I only want a credential if it has attributes with particular values" is already supported by OpenID4VP. It doesn't appear to need any changes at the browser API level.

npdoty commented 4 days ago

Is this a recommended type of query for the verifier? It seems like it might be brittle (like, in your example, if the credential has a different spelling of the visitor's name than what they entered into the hotel's form) and I'm not sure the user will see a big privacy advantage or be more comfortable making a presentation of their name if it's limited to the name that the verifier queried.

The biggest privacy advantage it seems to me might be to help the user from accidentally providing another distinct credential even though they intended to present the one that just confirmed the same identity information. Or there might be a convenience advantage that it helps filter the credentials to only the ones that have the prompted value already.