In part 1 of our blog on wall-id we discussed the basic principles of the technology and some of the strategic choices that Trust1Team has made to develop the library.
In this second part we will discuss another important aspect of digital wallets: Level of Assurance.
Let’s start again with the beginning:
Definition
The term “level of assurance” is defined in the European eIDAS regulation and refers to the degree of confidence in the claimed identity of a person – how certain a service provider can be that it is you the one using your eID to authenticate to the service, not someone else pretending to be you.
Let’s translate this into a simple use case: Renting a car
User experience:
As a user you want to rent a car while you are on holiday. It would be a great user experience if you could just pick-up the key of the car at the rental office without the hassle of showing your identification and your driver's license (which are then copied, auwch GDPR), signing with a wet signature (auwch again) an insurance contract and then getting the key of the car.
Merchants experience:
As a merchant you want to have proof of who is renting the car and proof that this person has a valid driver's license. Furthermore you would like this person to subscribe to the insurance for the car with a valid verifiable signature (QeS). And finally you would like to have proof of the creditworthiness.
Technology principles
Enabling the above mentioned use case starts with the user. He needs to fill his wallet with personal information that is verifiable. As discussed before European Citizens have an eID. The certificates on this eID can be verified against the European Trusted List (EUTL).
There are other Trusted Lists available from Trust Service Providers (TSP). For clarification sake Trust1Team is not an issuer of certificates and does not have a Trusted List. We use the Trusted Lists of Trust Service Providers.
To be able to translate the personal information into verifiable claims, the personal information needs to be verifiable. THIS IS KEY in the digital wallet principle.
The more verifiable information a user puts in his wallet, the higher the level of trust (assurance) will become and the easier it will be for the user to do transactions with less risk of fraud (stealing of an ID, unwanted use of personal information, financial fraud). As discussed in our previous blog. wallid is built on the principles of Zero Knowledge Proof (ZKP).
Verifiable claims
In the use case of renting a car we have now discussed how the user can give sufficient information to the car rental company by adding his eID, his driver’s license and his credit card to the wallet.
We have not discussed yet how the car rental company can get you to sign the insurance contract and how this is stored in your wallet.
It is quite simple. While you, as a user, are on the website of the merchant, you will be redirected to a signing page in which you can read the contract and agree with the terms. Once you push the agree button, a claim is sent to your wallet that you can either agree to or decline. If you agree to it the wallid will sign the contract with a Qualified Electronic Signature based on the eID that is stored in your wallid. (By the way, Trust1Team has already developed the redirect signing service)
After signing of the contract the car rental company will issue a verifiable claim in your personal blockchain vault (ledger), which is automatically copied to your wallid. This verifiable claim will have a validity for the rental period. At the end of the period, the claim will no longer be valid.
So, not only governments can issue verifiable claims, also companies and organisations can do this. A verifiable claim can have a well defined life-time in which it is valid.
Based on the above mentioned and in the previous blog mentioned principles one can go nuts on the use cases. I will give you one more and then let your own imagination take over.
Use case 2
You are a highly trained network engineer from a Telecom company. New physical servers need to be installed in the Core Datacenter. This is a highly secured environment. The company can sent a verifiable claim (eg. QR-code) to you wallid that is valid for a specific day and time. This code will give you access to the datacenter.
Thinking alike? Let’s talk!