1 of 13

Identity Credentials at W3C

The path toward a Credentials Working Group at W3C

Manu Sporny

Founder/CEO, Digital Bazaar

2 of 13

Subject Area and Terminology

FOR THE PURPOSES OF THIS PRESENTATION

Credential - the representation of a qualification, achievement, personal quality, or aspect of an entity’s background, typically used to indicate suitability.

Synonyms: Verifiable entity attributes, attestations

Examples: driver’s license, proof of age, loyalty card, shipping address, university degree, license to practice medicine, license to practice law, passport, etc.

3 of 13

How can credentials be used?

  • Ensure that customers are who they say they are (open a bank account)
  • Prove education and qualifications when applying to jobs
  • Auto-form fill for shipping address and other ecommerce personal info
  • Automatically ensure regulatory compliance (over 18, licensed doctor, etc.)
  • Certifications: CPR, diving, IT, corrosion engineer, etc.

4 of 13

Credentials Community Group

  • Credentials CG work started in Web Payments CG
  • Group founded by Accreditrust, ETS, Digital Bazaar, and Badge Alliance
  • 67 members, weekly teleconferences, open to the public
  • Pre-standards specs and implementations exist
  • Pilot projects underway

5 of 13

Credential Use Cases Survey Questions

  • What is your most compelling credentials business use case?
  • What technologies do you use today for credentials?
  • Do these technologies meet your needs?
  • What capabilities do you need from a credentialing solution?

[Link to survey]

6 of 13

Responses to Survey

  • 58 organizations surveyed, 44 responded (high response rate - 76%)
  • Payments: Walmart, Target, Bloomberg, Ingenico, Rabobank, NACS, Connexxus, ETA, Worldpay
  • Education: ETS, Pearson, IMS Global, DCMI, Vital Source, Badge Alliance
  • Healthcare: Verisys, New Zealand Government
  • Government / NGO: US Federal Reserve Bank of Chicago, Dutch National Bank, Bill and Melinda Gates Foundation

[Link to anonymized results]

7 of 13

Use Case Themes

  • Ensure applicant has proper education for position (degree, job training, ...)
  • Ensure proper licensure and background checks (doctor, nurse, stock trader)
  • Ensure automatic compliance with regulations (purchasing alcohol, controlled substances, drug sales to proper patient)
  • Simplify checkout experience (collection of shipping address, phone number, ...)
  • Automatic background check on customers before bank account creation

[Link to all submitted use cases]

8 of 13

Desirable Credential Capabilities Have Been Identified

9 of 13

Wide Variety of Technologies in Use Today

10 of 13

Gaps Exist in Current Technology Solutions

11 of 13

The Credentials Ecosystem

  • Holders - receive credentials for use
    • Examples: Citizens, Students, Employees, Professionals, Customers
  • Credential Issuers - issue credentials to holders
    • Examples: Universities, Department of Motor Vehicles, Passport Agencies, Retailers
  • Identity Providers/Vaults - store credentials for holders
    • Examples: Social Network Websites, Banks, your personal server
  • Credential Consumers - request credentials from holders
    • Examples: Universities, Employers, Banks, Healthcare Providers, Retailers

12 of 13

A Desire to Participate in Solving the Problem at W3C

13 of 13

Discussion and Next Steps

  • Web Payments IG may create a Credentials Task Force to try and draft a Credentials WG charter
  • What else is needed to get this work started at W3C?
  • Who in the room would support this work at W3C?