Visit Tech Alliance
‘Identiful’ Digital Wallets and why you should care | October Newsletter
Kia ora e te whānau
You would have heard digital wallets mentioned almost every week, if not every day, over the past couple of years. They formed part of the discussion on this International Panel I participated in very early one morning last week.
As conversations build on each other and as we increasingly use banking apps, Apple Pay or Google Pay when shopping, you might ask yourself how hard can it be when I see how many apps I have on my smartphone? Right there, is a challenge around scale.
Most phone apps have a 1:1 relationship with the job they do – an app for our bank, our supermarket, our photo ID,contact tracing and so on. We don’t carry 50 wallets each with one physical credential in each of them. That’s why the digital equivalent seems a bit ridiculous! This cannot scale to deliver you a great consumer experience for a future where for many people, their interactions will be mostly digital.
Another challenge is around security, data protection and privacy. How secure is the binding between you and your smartphone and the apps and wallets contained within it? That starts with high quality digital identification but extends into managing situations like coercion, or how to nullify the features on the phone if it’s lost or stolen. These problems can be complex, expensive and time consuming to mitigate against, meaning that developing and operating a commercially viable universally trusted digital wallet will not be for the faint-hearted (global platforms excepted but with the related considerations they may bring).
Consequently, alongside specifically purposed private sector wallets we may see the public sector in some jurisdictions taking a role in aspects of their development – be it interoperable open standards and code libraries or a completely built digital wallet – for its people. This demo from global thought leaders the Province of British Columbia peeks into the possible future (you need to download the BC Wallet app from the App Store or Google Play and read the privacy notice and terms & conditions).
As an aside, Digital Identity NZ was amongst the first associate sponsors of the Open Wallet Foundation, the only sponsor in this part of the world, to promote OWF’s outputs in Aotearoa for adoption as we travel the world. While not the only approach, the fact that the state often holds the authoritative identity data (e.g. date and place of birth, citizenship etc) and commercial viability of digital wallets could be a lower priority by considering it a public good, the state may be best placed to provision these high trust cryptographically protected attributes onto a smartphone’s private or public sector developed digital wallet.
Regardless, it will have to be trusted by us and by relying parties to be useful across a wide range of online transactions transcending our daily lives. Of course to maintain trust and integrity, the system will have to be architected in a way that after the authoritative attributes are provisioned to the smartphone’s digital wallet, the issuer doesn’t see or know where they are used. So where the state is the issuer, its responsibility ends there except for the rare instances of revoking or restoring compromised attributes.
You might ask why you should care? You should care because in return for having determination over your personal data in a digital wallet on your smartphone you will have to use it thoughtfully. Since your smartphone’s digital wallet will hold the attributes and you decide when and to whom you release them, there will be very few parties to hold responsible if things go wrong. (Thank you Venkat and Waylon for your technical peer reviews prior to publishing).
Ngā Mihi
Colin Wallis
DINZ Executive Director
Read the full news here: ‘Identiful’ Digital Wallets and why you should care | October Newsletter
