Prime Discount
expires in
Register Now

Agenda

Wallets & Authentication

Wallets & Authentication

Combined Session
Friday, June 07, 2024 11:30—12:30

Digital Wallet Holder Binding
11:30—11:50
 

Digital wallets are applications used to receive, store, and share identity attributes in a standards-based [preferably], secure, privacy enhancing fashion. To prove that the legitimate, natural person is receiving, in possession of, or sharing these identity attributes a means to bind them to the natural person is needed.
In 1995, for example, the International Civil Aviation Organization (ICAO) clearly recognized the desirability of pursuing the use of biometrics in travel documents as the single best way to link the document and its rightful “owner.”
In this example the issuing authority binds the identity attributes to the authorized holder by including biometric data in the cryptographically signed logical data structure. When the holder makes an identity claim the relying party (verifier) can determine the authenticity and integrity of the identity attributes and, through biometric recognition, determine if the authorized holder is presenting the information. This works well for the intended use case: in-person identity verification by government authorities for cross border travel.
The EU, for another example, specifies three assurance levels for electronic identification (low, superior, and high) which involve different levels of rigor in the identity proofing process and in the binding process itself, from:
The binding has been established on the basis of nationally recognised procedures.
to
The binding has been verified on the basis of a unique identifier representing the legal person used in the national context; and on the basis of information uniquely representing the natural person from an authoritative source.
Here the EU defines authoritative source as:
any source irrespective of its form that can be relied upon to provide accurate data, information and/or evidence that can be used to prove identity;
The goal of digital wallets in general, and the EU digital wallet in particular, is to be able to prove identity claims to a certain level of assurance both in-person (like an ICAO ePassport or ISO 18013-5 mDL) and on-line (like an ISO 18013-7 mDL).

This session will discuss how authentication may rely on the digital wallet to bind the holder to identity claims and what the associated challenges as influenced by varying levels of assurance.

Daniel Bachenheimer
Digital Identity Innovations Technical Lead
Accenture
Daniel Bachenheimer, an Electrical Engineer by training, is Accenture’s Digital Identity Innovations technical lead and has been designing and delivering solutions for various clients for...
Bridging OIDC & SIOPv2 to Kick-Start Adoption
11:50—12:10
 

OpenID Connect (OIDC) has become the go-to method for user authentication due to its seamless integration. Transitioning towards the more privacy-preserving Self-Issued OpenID Connect Provider (SIOPv2) will be a complex endeavor.

To simplify this shift, Impierce Technologies has created an open-source OIDC - SIOPv2 Bridge. This bridge can run alongside an Identity Provider, allowing seamless interaction with SIOPv2 Identity Wallets. The Relying Party (RP) continues to enjoy the ease of integration that OIDC provides, while the user can utilize their Identity Wallet to authenticate themselves. Through the inclusion of the OpenID4VP standard, users can also include Digital Credentials such as Verifiable Presentation in order to share (verifiable) attributes.

The bridge is an intermediary solution that provides a straightforward way to boost the adoption of SIOPv2-enabled Identity Wallets with minimal integration effort, bringing RPs closer to eIDAS 2.0 compliance and following Self-Sovereign Identity (SSI) principles.

We will explore how we bridged the 2 standards, showcase the results, and explore further opportunities with this concept.

Jelle Millenaar
CEO & Co-Founder
Impierce Technologies
Jelle is a Self-Sovereign Identity expert with the goal to make SSI technology accessible to all. As the former Lead of Identity at the IOTA Foundation, he led the team and architectural design of...
Secure your ticket
Be quick before the Prime Discount expires in
00d 00h 00m 00 s
Get a ticket
Almost Ready to Join EIC 2024?
Reach out to our team with any remaining questions
Get in touch