Primer on digital identity wallets from DHS breaks down W3C standards

The U.S. Department of Homeland Security is forging ahead with its plan for digital credentials, this week publishing a feature article that offers an overview of digital identity and digital wallet systems.

“The Question of Who You Are” follows in the wake of the DHS Science and Technology Directorate (S&T)’s announcement that it has awarded contracts to six firms to develop digital credential wallets based on open standards through its Silicon Valley Innovation Program (SVIP). It explains how S&T and the U.S. Citizenship and Immigration Service (USCIS) have come together to issue mobile digital identity credentials such as green cards, using free, open internet standards.

Together, S&T and USCIS’s Office of Intake and Document Production (OIDP), which designs and secures vendors to produce immigration documents, decided to use two open global standards – the Verifiable Credentials Data Model (VCDM) and Decentralized Identifiers (DIDs).

“Created by the World Wide Web Consortium (W3C), a global standards development organization, with the support of S&T, USCIS, and many other like-minded partners, these standards describe how a secure, privacy respecting digital credentialing process can be implemented,” the article says.

It goes on to explain how DIDs, as unique identifiers, cannot be used for ID verification; “that role is deliberately separated and implemented using public key cryptography.”

VCDM, meanwhile, is defined as “a way to express credentials in a way that is cryptographically secure, privacy respecting and machine verifiable.”

A selling feature is how digital credentials enable selective disclosure, in accordance with the principle of data minimization – sharing only the personal information that is necessary, while all other data remains hidden. In this scenario, someone looking to buy alcohol could show a digital credential that has been biometrically verified to prove they are of age, without even having to share a birth date. This, says DHS, is a major step toward putting data privacy in the control of individuals.

SVIP Managing Director Melissa Oh says that “by helping implement these standards in our digital credentialing efforts, S&T, through SVIP, is helping to ensure that the technologies we use make a difference for people in how they secure their digital transactions and protect their privacy.”

Jared Goodwin, chief of the document management division within USCIS, says that “going forward, the government wants to ensure individuals have agency and control over their digital interactions. The user should be able to own their identity and decide when to share it, and we don’t want a system that has to reach back to a government agency for verification.”

Article Topics

data privacy  |  decentralized identifiers (DIDs)  |  DHS  |  digital identity  |  digital wallets  |  standards  |  W3C  |  W3C standards