All Research
Whitepaper

Why don't you like this?

I like this
I don't like this

Guidance on Implementing Verifiable Credential Issuance

Anne Bailey
Description
The organization interacts with many users including employees, customers, suppliers, and contractors. In order to flexibly and securely handle the variety of each user’s digital journey in an interoperable way, organizations must shift to more user-controlled methods. OpenID for Verifiable Credential Issuance (OID4VCI) is an emerging standard that bridges the gap between a new model of digital identity interaction and the known and often already implemented standards. The scope of this paper is to provide guidance to Identity and Access Management (IAM) and security architects on implementing OIDC4VCI. This whitepaper provides context for the user-controlled model, separates hype from reality, and identifies early learnings for organizations that are ready to issue verifiable credentials.
Short Summary
Lorem ipsum odor amet, consectetuer adipiscing elit. Luctus fames rutrum metus habitasse donec quis turpis.

Nibh porta tristique sociosqu eleifend condimentum sapien ultricies. Dapibus rhoncus urna elit commodo blandit ut vestibulum tristique. Ante parturient morbi maecenas leo ac est dolor aliquam iaculis.

Leo vehicula vivamus ipsum lacinia cubilia torquent accumsan! Viverra a dictumst dapibus; nam consequat felis mus. Euismod semper iaculis congue mauris nullam.
Sign up and get more insights
Become a member of the KuppingerCole Community to access this and thousands of other publications.
Log in or register
Interesting Facts
Lorem ipsum odor amet, consectetuer adipiscing elit. Luctus fames rutrum metus habitasse donec quis turpis.

Nibh porta tristique sociosqu eleifend condimentum sapien ultricies. Dapibus rhoncus urna elit commodo blandit ut vestibulum tristique. Ante parturient morbi maecenas leo ac est dolor aliquam iaculis.

Leo vehicula vivamus ipsum lacinia cubilia torquent accumsan! Viverra a dictumst dapibus; nam consequat felis mus. Euismod semper iaculis congue mauris nullam.
Sign up and get more insights
Become a member of the KuppingerCole Community to access this and thousands of other publications.
Log in or register
Notable Quotes
Lorem ipsum odor amet, consectetuer adipiscing elit. Luctus fames rutrum metus habitasse donec quis turpis.

Nibh porta tristique sociosqu eleifend condimentum sapien ultricies. Dapibus rhoncus urna elit commodo blandit ut vestibulum tristique. Ante parturient morbi maecenas leo ac est dolor aliquam iaculis.

Leo vehicula vivamus ipsum lacinia cubilia torquent accumsan! Viverra a dictumst dapibus; nam consequat felis mus. Euismod semper iaculis congue mauris nullam.
Sign up and get more insights
Become a member of the KuppingerCole Community to access this and thousands of other publications.
Log in or register
Recommendations
Lorem ipsum odor amet, consectetuer adipiscing elit. Luctus fames rutrum metus habitasse donec quis turpis.

Nibh porta tristique sociosqu eleifend condimentum sapien ultricies. Dapibus rhoncus urna elit commodo blandit ut vestibulum tristique. Ante parturient morbi maecenas leo ac est dolor aliquam iaculis.

Leo vehicula vivamus ipsum lacinia cubilia torquent accumsan! Viverra a dictumst dapibus; nam consequat felis mus. Euismod semper iaculis congue mauris nullam.
Sign up and get more insights
Become a member of the KuppingerCole Community to access this and thousands of other publications.
Log in or register
Takeaways
Lorem ipsum odor amet, consectetuer adipiscing elit. Luctus fames rutrum metus habitasse donec quis turpis.

Nibh porta tristique sociosqu eleifend condimentum sapien ultricies. Dapibus rhoncus urna elit commodo blandit ut vestibulum tristique. Ante parturient morbi maecenas leo ac est dolor aliquam iaculis.

Leo vehicula vivamus ipsum lacinia cubilia torquent accumsan! Viverra a dictumst dapibus; nam consequat felis mus. Euismod semper iaculis congue mauris nullam.
Sign up and get more insights
Become a member of the KuppingerCole Community to access this and thousands of other publications.
Log in or register
Description
Short Summary
Interesting Facts
Notable Quotes
Recommendations
Takeaways

1 Introduction

Identity management has moved beyond just identity for the standard personas of employees or customers. Digital identity is about everything – partners, suppliers, devices, services, and even "things". Each needs an identity, and to mesh with the modern organization, their user journey must be flexible, privacy-forward, secure, interoperable, and increasingly user-centric. While KuppingerCole’s Identity Fabric illustrates the ways other IAM tools and capabilities help organizations meet these needs, there is one specific capability to address the rising user-centric need: verifiable credentials.

A verifiable credential is a digital, tamper-evident claim about a subject. Verifiable credentials are typically held by the subject (the holder), and can be digitally presented by the holder to other parties (verifiers) without having to involve the credential issuer. Verifiable credentials place the user in control of the information shared with other parties.

The user-controlled digital identity model allows an individual – be it consumer, employee, or other persona – to hold digital credentials and present them to another party, even if that party did not issue the credentials, meaning that issuing and presenting verifiable credentials do not require a pre-existing relationship between issuer and verifier or relying party. When verifiable credentials are issued according to best practice specifications like OpenID for Verifiable Credential Issuance (OID4VCI), they are secure, verifiable, privacy-protecting, and portable. An organization doesn’t need to start from scratch every time it interacts with a new persona or organization.

When verifiable credentials are issued according to best practice specifications like OpenID for Verifiable Credential Issuance (OID4VCI), they are secure, verifiable, privacy-protecting, and portable.

There is quite a bit of hype around verifiable credentials and user-centric digital identity, including technology solutions with unproven track records. But there are tangible projects and initiatives that lay out the architectures for common use cases, agree on and test open standards, ecosystem requirements, and integrations between the issuer, holder, and verifiers. This is a dynamic market where – unusually – regulation and technology development are propelling each other forward; user-controlled, verifiable credential technology is developing to realize forward-thinking regulation like the European Digital Identity (EUDI) Regulation, which came to be because of advances in user-controlled digital identity technology. The EUDI regulation mandates that Member States offer digital wallets for holding verifiable credentials to residents for public and private sector use, creating an entirely new user-controlled market for digital identity issuance and exchange.

For organizations that see the potential in issuing verifiable credentials, tapping into the benefits of cost savings, efficiency gains, privacy-enhancements, and improved user experiences, OID4VCI is the place to get started.

For organizations that see the potential in issuing verifiable credentials for the emerging user-centric ecosystem, tapping into the benefits of cost savings, efficiency gains, privacy-enhancements, and improved user experiences, OID4VCI is the place to get started. It is an open standard designed for organizations that already use OpenID to easily issue verifiable credentials based on IETF SD-JWT VC, W3C VC, ISO/IEC 18013-5 for mobile driving licenses, and other formats. It bridges the gap between a new model of digital identity interaction and the known and often already implemented standards.

For guidance, look to those working on the front lines of user-centric digital identity. Organizations like Authlete have actively contributed to key specifications like OpenID for Verifiable Credential Issuance (OID4VCI), and have built support for OID4VCI into their API authorization solutions, and tested it with the numerous wallet providers participating in the EUDI Wallet large-scale project Potential and others around the world.

1.1 Highlights

  • Modern digital identity management must be flexible and secure to handle diverse personas, including user-controlled models.
  • The user-centric digital identity market is uniquely evolving because regulation and technology development are propelling each other forward.
  • The user-controlled digital identity ecosystem has the benefit of cost savings, efficiency gains, privacy-enhancements, and improved user experiences.
  • Organizations interested in issuing verifiable credentials should consider OpenID for Verifiable Credential Issuance (OID4VCI).
  • Organizations ready to start issuing verifiable credentials don’t need to reinvent the wheel – learn from those already doing it.
Full article is available for registered users with free trial access or a paid subscription.
Log in
Become a Member and read on!
Create an account and buy a Membership package or use our 7-days free trial period to access this and 600+ other in-depth and up-to-date insights.
Register and request your 7-day free trial
Register
Already convinced? Check out our packages
Choose a package

Stay up to date

Subscribe for a newsletter to receive updates on newest events, insights and research.
I have read and agree to the Privacy Policy
I have read and agree to the Terms of Use