Digital wallets will be a crucial element of digital ID adoption, as they will carry the credentials that enable people and businesses to prove who they are and what they are eligible to do.There is significant focus on the evolution of digital wallets around the globe as governments try to determine how their own citizens can use them to carry government issued credentials.
The biggest question being asked is ‘who should provide these digital wallets?’ and more specifically, ‘should governments provide digital wallets?’
The Open Identity Exchange launched a paper – Governments and Digital Wallets – recommending that governments do not provide their own ID wallets to citizens and outlining why this would not be the right approach.
According to the OIX, there are vast costs associated with issuing and managing a wallet, and the development requirements as wallets evolve will be extremely technical and complex. Governments are not best placed to maintain these effectively.
Based on OIX’s vast research of digital ID trust frameworks across the globe, the Governments and Wallets paper outlines four key models of how governments might choose to interact with the world of digital wallets. It will detail the pros and cons of each one.
- Government provides silo wallet to hold government issued credentials only
The government ID wallet model cannot be used to store private sector credentials, although non- government issued credentials may be accepted in some specific use cases when authenticating into a government service. And vice versa, the state-issued wallet may be used for purposes in the private sector which could raise concerns about privacy for some users. The report raises the issue around the array of private sector wallets and credentials available on the market which users are likely to have installed on their modern devices. This contradicts the principle of having a single, common use wallet.
2. Government provides a wallet to hold both government private sector issued credentials
In this second model, government provides an ID wallet that contains government credentials, including a trust anchor and integrates private sector credentials. However, private sector wallets are not allowed to hold government issued ID credentials.
3. Government wallet to hold government issued credentials that co-exist with approved private sector wallets to hold government issued credentials
4. Government does not provide a wallet – but allows approved private sector wallets
The OIX recommends that the role of governments should be to create strong trust frameworks that enable the approval and trust of private sector provided wallets. This includes the tech-giants, such as Google an Apple, that may want to hold and present government credentials in their wallets. Government credentials can then be issued only into these approved private sector wallets.
This will help address any perceived loss of control or oversight by governments, and there are significant advantages to this approach for all the parties involved.
The OIX is a global non-profit organisation that has been working across sectors, borders and with governments, to ensure that digital ID works well for organisations that will come to accept digital credentials.
Nick Mothershaw, Chief Identity Strategist at OIX, said: “Any concerns governments may have about issuing government credentials into digital wallets that they have not provided, can be mitigated by them creating strong trust frameworks. It also means the expense and technical resources required to build, operate and continually develop a wallet is not a burden on governments.”
“For consumers, it means having one wallet rather than two, that holds a mix of government and non-government credentials – much like they do today with a physical wallet. If governments are the providers of digital wallets, it could also fuel privacy concerns among their citizens (real or imagined) that governments are monitoring how and where they use those wallets.”
“Private sector wallets that are subject to a government trust framework are the best approach for all parties – governments, their citizens and the organisations that will come to rely on digital ID.”