Menu Close

U.S., EU agencies consider role of digital wallets, cloud in digital identity ecosystems

The Department of Homeland Security’s (DHS) S&T’s Silicon Valley Innovation Program is now accepting applications around the topic of privacy-preserving digital credential wallets and verifiers.

The program looks to nurture an R&D environment for technologies with potential government use cases.

The government project is looking to assess solutions that “catalyze, develop, enhance, and operationalize a set of privacy-preserving building blocks that can support the needs of a privacy-preserving digital credentialing ecosystem.”

A ‘Digital Wallets Call Industry Day’ event will be held on August 18 to help vendors understand the requirements and how to apply.

In particular, the project is looking for “privacy preserving technical capabilities” that support and integrate with the three-party digital identity model (issuer, holder, verifier) enabled by the World Wide Web Consortium (W3C), the Verifiable Credential Data Model (VCDM), and W3C Decentralized Identifiers (DIDs).

In addition, applications will need to be seen to meet the needs of the DHS Operational Components and Offices, including U.S. Citizenship and Immigration Services (USCIS), Customs and Border Protection (CBP), and the DHS Privacy Office (PRIV).

Applications must respond and must fit into the technical specifications of either a “Digital Wallet” or “Mobile Verifier” to be eligible.

In the case of digital wallets, the project is seeking applications that are “useful across contexts and jurisdictions, and can support credentials made possible with W3C VCDM/DID standards that include verified support for DHS-issued credentials.”

The project also specified that these should be “portable, highly secure, privacy-preserving, standards-based, interoperable, and multi-functional.”

In terms of mobile verifiers, these applications must be able to be deployed on mobile devices, including iOS and Android-based devices.

In addition, these applications will need to support a broad range of credentials possible, including W3C VCDM/DID standards with verified support for DHS-issued credentials.

The above is not the only area of the biometrics ecosystem which the DHS is supporting.

In 2023, the DHS unveiled the “second track” of its small ID validation demo.

This will examine the applicants’ software capabilities when it comes to spotting imposters in selfies and in images of identification documents.

EU tackles trust services move to the cloud first

In Europe, the public sector is also looking to address the technical issues and nurture the ecosystem surrounding digital identity.

The European Union Agency for Cybersecurity (ENISA) has issued a report on moving trust services, such as those of the eIDAS digital identity project to the cloud. Although eIDAS 2.0 proposes the establishment of European digital identity wallets, the update is still in development, and ENISA therefore steers clear of the topic, along with the four new trust services proposed.

The report found that though some services, including “validation of signatures, registered delivery, time stamp or signature preservation” can be transitioned from on-premises implementations to the cloud quickly, others such as  “issuance of certificates and remote control over the signing device” require more nuanced analysis and preparation.

Data sovereignty issues were also touched on and the report found that the migrated data must stay in the data of the service provider and that some services may not be suitable for cloud migration.

ENISA recently hosted a workshop in Amsterdam, Netherlands to discuss some of the challenges around moving national implementations of trust services to the cloud, and remote identity proofing with digital wallets.

Topics touched on included the potential for existing and emerging attacks as well as potential security measures for remote identity proofing in Europe.

Article: US, EU agencies consider role of digital wallets, cloud in digital identity ecosystems

Leave a Reply

Your email address will not be published. Required fields are marked *