Australia opens feedback on verifiable credential policy, trust framework proposals

Australia’s Department of Finance is inviting community feedback on a policy for using verifiable credentials proposed by the Commonwealth. The completed policy is a milestone coming up on the pathway set out by Australia’s Digital ID and Verifiable Credentials Strategy, which was published in March as the result of an agreement between the Commonwealth and state and territory governments.

The government consultation opened this week and runs through July 3, 2026.

The primary consultation paper is titled “Part A: Embracing the potential of verifiable credentials in the Commonwealth, and is accompanied by another paper on “Part B: Proposed Commonwealth policy positions for the use of verifiable credentials.”

VCs can help increase innovation and efficiency in Australian credentials, the government says, through reduced regulatory and compliance burdens, fraud reduction and data breach impact minimization, faster access to financial services and streamlined employee onboarding, according to the consultation announcement.

The policy proposal gives VCs a central role in the Australian Government Digital ID System (AGDIS), which just received a funding boost. The emergence of government-issued VCs through state and territory mobile driver’s license (mDL) programs has already pushed AusPost to abandon its Digital iD.

A third-party audit of AGDIS has been contracted ahead of a planned expansion of the system to private sector identity exchanges at the end of this year.

The Digital ID and Verifiable Credentials Strategy sets out a plan for consumers and businesses to be able to use VCs for safer and easier identity verification for access to services by 2030.

Introducing the Commonwealth VC Trust Framework

Part A of the consultation presents a high-level position, but also introduces the notion of a Commonwealth VC Trust Framework which would facilitate the issuance and use of interoperable VCs, provide protections for people and organizations using the credentials, and provide guidance to VC implementers.

The government alludes to similar frameworks being considered in Europe (eIDAS) and New Zealand (Digital Identity Services Trust Framework Act 2023).

Tucked within the paper are several noteworthy observations on the current state of digital ID in Australia. How much demand there is to shift to new types of credentials is unclear to the national government. It would like confirmation that its prioritization of interoperability is warranted.

The Commonwealth also wants to know which types of VCs, from the leading ISO/IEC (18013-5, -7 and 23220), W3C and JWT/SD-JWT options is preferable. Commonwealth, state and territory governments have already agreed to align around the ISO/IEC standards to achieve national interoperability, though.

The paper concludes with a dozen specific questions about how VCs can help Australians, what options are feasible, what concerns need to be kept in mind and what balance the VC Trust Framework should strike between guidance, the current approach, and regulation.

Specifics come with more questions

Part B of the consultation specifies policies in nine specific areas: use case selection; issuers; verifiers; digital wallets; trust services; privacy and consumer protection; voluntariness and inclusion; interoperability and standards and security.

They grapple with questions like how much the value of a credential is dependent on its rate of adoption

The paper also states that issuers must be responsible for VCs throughout their life cycle, that identity proofing must be proportionate to risk and that VCs can be issued to organizations and devices as well as people. VCs would have equivalence to physical credentials. Verifiers would not be required to register, but a voluntary registry or assurance process could be established as a complementary trust mechanism. Issuers and verifiers will support the principle that VC holders can use their choice of digital wallet. Issuers may not track VC use.

Six general questions and 27 specific to particular to the nine different modules and policy positions outlined in the paper.

All are invited to contribute feedback, which will be considered in VC policy development, including of the Commonwealth VC Trust Framework.

Article Topics

Australia  |  Australia Digital ID and Verifiable Credentials Strategy  |  Australian Government Digital Identity System (AGDIS)  |  digital ID  |  trust framework  |  verifiable credentials