RE: How much is it reasonable to generalize from the TruAge implementation?

>I'm increasingly concerned by this whole "approved/certified app" concept. […]

>Unless these certifications are based purely on "detecting features" (you've proven that you have an HSM-bound private key)

>instead of "detecting vendors" (you've proven that you're Apple, come on through), I'm concerned that the road we're walking down leads

>to centralization and anti-competitive behaviour wrt. certification.



This is a concern that I share and is something we have discussed internally as well.



The following is from an e-mail that I had sent to the Open Wallet Foundation Listserv back in August, that seeks to provide a bit more detail on this topic:


Zooming out a bit, one of the motivations for our Digital Wallets and Verifiers solicitation is that when it comes to the 3 party identity model (Issuer, Holder, Verifier) there is significant amount of energy being expended when it comes to the pipes (protocols) that connect those 3 entities and the payloads (data models) that move within those pipes.

However, we are concerned about the *lack* of similar investments of attention and treasure to date to determine “What makes a good digital wallet?”.

U.S. Customs and Border Protection and U.S. Citizenship and Immigration Services are both Issuers and Verifiers of very high value global credentials related to cross-border travel, employment and immigration. At a mechanical level, when a digital wallet shows up at our front door, we need to have an understanding of the security, privacy and interoperability capabilities of that wallet before we can make a decision to issue credentials into that wallet and verify credentials coming from that wallet.

In an ideal world that could in-part consist of some manner of real time query, challenge, interrogation that could give information on a certain sub-set of the capabilities of that wallet.,

However, there are simply some capabilities that are not amenable to such an approach. Which means, there needs to some manner of evaluation/assessment done of that wallet that results in some manner of trust mark provided by an acceptable entity that provides confidence to the issuers and verifiers that the wallet has been tested and assessed to have a specific set of capabilities.

I tend to call this “Capability Detection” and contrast it with what is going on in the market right now which is simple “Product/Vendor Detection”.

I think it is important if you seek a future of multiple independent, interoperable and capable digital wallets, the global community (including both the public and the private sector) put energy into developing a shared definition of what capabilities a digital wallet must have, how you can assess and evaluate the quality of those capabilities, and ultimately support mechanisms and process that use those openly developed criteria to do certifications and assessments of digital wallets against a set that shared, open criteria.

In the absence of such investment, you will end up in a place where decisions regarding the acceptance of a digital wallet are based on the vendor or jurisdiction that produced it, with no understanding of how that wallet manages, uses, shares and potentially monetizes the very private and sensitive data in the wallet. And over time, the number of wallets will naturally reduce down to handful of entities who control *your* data within *their* wallet – rather than the promise of individual agency and control that many seek with the use of the 3 party model.

We support and desire a future that is focused on “Capability Detection” and NOT “Product/Vendor Detection” when it comes to digital wallets, and that is something we would like to move the needle on.




Best Regards,

Anil

Anil John
Technical Director, Silicon Valley Innovation Program
Science and Technology Directorate
US Department of Homeland Security
Washington, DC, USA

Email Response Time – 24 Hours or more; I sometimes send emails outside of business days/times because it works for me; please do not feel any obligation to reply to them outside of your normal working patterns.

[A picture containing graphical user interface  Description automatically generated]<https://www.dhs.gov/science-and-technology>[/Users/holly.johnson/Library/Containers/com.microsoft.Outlook/Data/Library/Caches/Signatures/signature_1972159395]

Received on Monday, 13 November 2023 16:50:49 UTC