Google to use digital driver’s licenses to verify the age of website users
A trial for the Digital Credentials API is starting from Chrome 128. Digital Credentials API is a new web platform API that allows websites to selectively request verifiable information about the user through digital credentials such as a driver's license or a national identification card stored in a digital wallet.
Real world digital identity is becoming a reality with many public and private entities starting to issue device-bound digital credentials. For example, mobile driver's licenses and IDs in select US states (such as Arizona, California, Colorado, Georgia, and Maryland) can now be provisioned to digital wallet apps such as Google Wallet on mobile devices. Regulations concerning the acceptance of digital credentials for certain online verifications are also emerging and eIDAS 2.0 is one example.
The features of a digital credential depend on its format, though they typically include:
Enhanced security and privacy: The use of advanced encryption and strong authentication methods helps protect sensitive data and ensures secure access. For example, presenting a credential is usually protected behind a user authentication through the wallet app.
Selective disclosure: Relying parties (RP) can request select information from the credential, allowing users to limit the data shared to what is needed for the use case. For example, whether a user is over 18 can be shared without revealing the user's date of birth.
Interoperability: The credential should adhere to international standards, enabling compatibility across different systems and countries, facilitating cross-border acceptance.
Verifiability: The credential data shared is digitally signed by the issuer; RP can verify this signature to verify the data's authenticity.
Because of digital credentials' verifiable nature, they could enable use cases such as:
Age verification: Request age to verify a person's age before serving age-restricted content or purchasing age-restricted items.
Identity verification: Request name and address to verify a person's identity for legal compliance or fraud-prevention.
Driving privileges check: Verify a person's eligibility to drive (for example, when renting a car).
As websites have begun communicating directly with mobile wallet applications (such as by using custom URL schemes) to request digital credentials for various use cases, browsers see an opportunity to make this interaction more secure, resistant to abuse and easier to use via a purpose-built API.
The Digital Credentials API is a new web platform API that allows RP websites to request the presentation of digital credentials from wallet apps. The API is available in Chrome as an origin trial starting from Chrome 128.
Real world digital identity is becoming a reality with many public and private entities starting to issue device-bound digital credentials. For example, mobile driver's licenses and IDs in select US states (such as Arizona, California, Colorado, Georgia, and Maryland) can now be provisioned to digital wallet apps such as Google Wallet on mobile devices. Regulations concerning the acceptance of digital credentials for certain online verifications are also emerging and eIDAS 2.0 is one example.
The features of a digital credential depend on its format, though they typically include:
Enhanced security and privacy: The use of advanced encryption and strong authentication methods helps protect sensitive data and ensures secure access. For example, presenting a credential is usually protected behind a user authentication through the wallet app.
Selective disclosure: Relying parties (RP) can request select information from the credential, allowing users to limit the data shared to what is needed for the use case. For example, whether a user is over 18 can be shared without revealing the user's date of birth.
Interoperability: The credential should adhere to international standards, enabling compatibility across different systems and countries, facilitating cross-border acceptance.
Verifiability: The credential data shared is digitally signed by the issuer; RP can verify this signature to verify the data's authenticity.
Because of digital credentials' verifiable nature, they could enable use cases such as:
Age verification: Request age to verify a person's age before serving age-restricted content or purchasing age-restricted items.
Identity verification: Request name and address to verify a person's identity for legal compliance or fraud-prevention.
Driving privileges check: Verify a person's eligibility to drive (for example, when renting a car).
As websites have begun communicating directly with mobile wallet applications (such as by using custom URL schemes) to request digital credentials for various use cases, browsers see an opportunity to make this interaction more secure, resistant to abuse and easier to use via a purpose-built API.
The Digital Credentials API is a new web platform API that allows RP websites to request the presentation of digital credentials from wallet apps. The API is available in Chrome as an origin trial starting from Chrome 128.
No comments: