Open in app

Sign in

Write

Sign in

Where the W3C Verifiable Credentials meets the ISO 18013–5 Mobile Driving License

New Community Project Sponsored by Spruce

Identity Woman in Business
5 min readSep 12, 2022

Digital identity, which used to work mostly behind the scenes, has increasingly come under the spotlight of today’s business and everyday conversations. This only accelerated since the beginning of the pandemic, when all of a sudden our lives started to become more and more digital and involve more use of digital credentials, such as COVID test certificates.

While most users don’t know about the technical work going on backstage when receiving a COVID test certificate on an airline app, they are definitely aware of shortcomings around user-experience. Users need multiple apps to request and receive the same certificates, and are unable to use their preferred existing apps to manage an increasing amount of digital credentials in their possession. If you are an app creator who wants to avoid such unpleasant user experiences, what we are about to say and do may be relevant to you.

Our Internet is and needs to be built on open protocols, such as HTTP for web servers and SMTP for emails. This allows a plethora of vendors to be able to build useful applications and tools that serve our different needs, while having an open and fair baseline to work from as a part of an ever-expanding digital space.

For a long time, we’ve lacked a layer of open protocols that can enable desirable user control and experience over digital identity. However, recently the Verifiable Credentials Data Model (VC) was created at and approved by the World Wide Web Consortium (W3C), the main international standards organization for the Web. It fills in some of the gap by providing a standardized data model that gives entities a broad expressive capacity to make claims about any other entity or thing.

Obviously, the world doesn’t easily arrive at consensus on standards, especially at this early stage of problem-solving for such a large challenge like the future identity layer of the Internet. While the W3C VCs are being rolled out globally, several parallel efforts are taking place to address similar issues in a specific area defined in their own ways. “ISO 18013–5 Mobile Driving License (mDL)”, as its name suggests, is a prominent one that focuses on the important document of the drivers’ license.

The ISO (International Standards Organization) has had a working group to standardize the drivers’ license since the early 2000s. In 2018, they began working on 18013–5 to define how the equivalent of a physical drivers’ license (18013–1) could be held and shared on mobile devices. Now that both VC and mDL standards are in active use by an growing number of organizations (e.g. governments, industry associations, enterprises), it is critical that stakeholders from both efforts look at where things are falling short in real-world implementations and how the next generation of the two standards can converge and align to provide better user experiences and support a more open and fairer vendor ecosystems.

With this aspiration, Spruce, an active technology player that is building open source solutions that use both VCs and mDL, reached out to us to sponsor a community project aiming to clearly articulate the key needs of stakeholders working on and/or with both. The project will particularly focus on:

  • Enabling a bigger ecosystem of players to take advantage of mobile driving licenses by making sure the VCs are a viable alternative for implementers to the ISO 18013–5 standard, and are compatible to the fullest extent possible of the outputs of ISO working groups
  • Giving both VC and mDL wallet vendors equal opportunity to compete and providing users with options by urging the open-up of privileged, internal APIs for all wallet vendors and developers.

Knowing our two partners, Kaliya Young and Lucy Yang, and their reputation in facilitating open community collaborations, Spruce trusts us to produce outcomes that will positively shape the ongoing standardization efforts and contribute to the formation of a level playing field for vendors/implementers of all sorts.

We’re excited to work with such a longstanding member of the identity ecosystem on this important initiative to create a level playing field for identity wallets without compromising on security. At Spruce, we believe that users should have a choice in which wallet manages their most critical data, and that two or three companies should not dictate the most meaningful and high-stakes digital interactions for billions of people. We are working on a set of requirements that we believe would enable wallet vendors to achieve the same levels of user experience, functionality, and security that are enjoyed by wallets with privileged, internal APIs not currently available to third-party developers. We want to invite you to do the same through this community effort so that together we can ensure that wallets have a level playing field and that users have true choice.

Wayne Chang, Co-Founder and CEO of Spruce

We are excited to kick off the project in September, starting with synthesizing existing conversations that have taken place in the communities that we are active in, e.g. the Internet Identity Workshop, the Decentralized Identity Foundation, and the W3C Credentials Community Group. In the first phase of the project, we will focus on gathering input from stakeholders who are working in the areas where these two standards overlap. Our goal is to come up with a list of recommendations to foster greater alignment between the two efforts.

As done by Kaliya and Lucy in their other community work, we strive to conduct the project in an open and transparent manner so that you can all see how we reach our recommendations. For now, follow our blog to receive open updates. We welcome anyone to reach out to us at kaliya@identitywoman.net and lucy@identitywoman.net if you think we should speak to you, or sign up through this form to suggest your interest in contributing.

We look forward to hearing from and working with you!

Added Notes:

We have set up two community sessions (for different time zones) to present our plan for the initial stage of the project and get feedback:

  • Community Session 1 (APAC Time): Tuesday, September 27 at 10:30 am SGT / 8 am IST / 12:30 pm AEST
  • Community Session 2 (EU, Americas & Africa Time): Tuesday, September 27 at 7:00 am PT / 10:00 am ET / 4:00 pm CEST

We look forward to seeing you on the sessions!

Digital Identity
Open Standards
Verifiable Credentials
Community
Digital Wallet

--

--

Identity Woman in Business

Written by Identity Woman in Business

101 Followers

We provide consulting and advisory services to organizations across the world to help them succeed in adopting, developing and investing in Decentralized ID.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams