Digital Identity Wallets: What They Mean For Banks
1. & What They Mean For Banks
Digital Identity Wallets
Prepared for Mobey Forum
Presented by Drummond Reed
Director of Trust Services, Avast
drummond.reed@avast.com
2. ● Director of Trust Services, Avast
● Chief Trust Officer, Evernym
● Co-Author, W3C Decentralized Identifiers (DID) Spec
● Co-Author, Self-Sovereign Identity (Manning, 2021)
● Co-Founder / Steering Member, Trust over IP Foundation
● Chair, ToIP Governance Stack WG
● 25+ years in Internet identity, security, privacy, trust
● 20+ years in identity standards
You can reach me at @drummondreed or
drummond.reed@avast.com.
A little about me
2
4. But what do you use your
physical wallet for?
4
Money Identity
5. Digital identity wallets present a
massive opportunity for banks.
5
● Streamline KYC with immediately verifiable customer data
● Replace usernames and passwords with one-tap authentication that
works online, offline, and over the phone
● Improve member experiences with secure messaging channels and
personalized marketing
● Stay compliant with evolving privacy regulations by minimizing data
collection and the use of centralized databases
● Provide members with portable credentials they can use to prove key
financial and demographic information to other parties
6. Smarter KYC/AML
for banks and
fintechs
FCA (UK)
Staff ‘passports’ for
streamlined access
control
NHS (UK)
Trusted
authentication and
secure messaging
for credit unions
Bonifii (US)
Verifiable health and
travel records for
global travel
IATA (Global)
Reusable identity for
all Europeans
EU Digital Wallet
Digital identity wallets and credentials
will be portable and user-centric
6
7. Will your organization be ready?
● The proposed eIDAS 2.0 regulation calls for a new digital identity ecosystem
that will enable every European to have a set of digital identity credentials,
held in a wallet, to enable streamlined access to online services
○ Based on the principles of privacy, security, and user centricity
pioneered by Evernym/Avast
● Many private sector organizations (banks, telcos, utility companies, etc.) will
need to be able to accept and verify these credentials
○ Enhance and extend, not rip and replace → Digital credentials are
designed to work seamlessly with existing systems
○ A source of competitive advantage → Early adopters will be able to
offer better customer experiences than their competitors, in addition to
the other benefits we outlined earlier
Digital wallets are coming to the EU
7
9. It’s all based on the “trust triangle.”
9
Holder
Issuer Verifier
Verifiable
Credential
Trust
Proof
Verifiable Data Registry (e.g., Blockchain)
Public Key
+ other cryptographic metadata
DID
✗ No integration
needed!
Wallet
Sign
Write Read
Verify
10. A bank can be an issuer.
10
Member
Bank Lender
Balance
Statement
Trust
Proof of Assets
Verifiable Data Registry (e.g., Blockchain)
Public Key
+ other cryptographic metadata
DID
✗ No integration
needed!
Wallet
11. A bank can be a verifier.
11
Member
Gov’t Bank
Government
-issued ID
Trust
Proof of age and
address
Verifiable Data Registry (e.g., Blockchain)
Public Key
+ other cryptographic metadata
DID
✗ No integration
needed!
Wallet
12. For some credentials, a bank will be both.
12
Member
Bank Bank
Member
Credential
Trust
Proof of bank
membership
Verifiable Data Registry (e.g., Blockchain)
Public Key
+ other cryptographic metadata
DID
✗ No integration
needed!
Wallet
13. The governance
trust diamond
How can digital identity wallets scale?
13
Holder
Issuer Verifier
Verifiable
Credential
Trust
Proof
Wallet
Trust
Governance
Framework
Publishes
Governing
Authority
Cardholder
Merchant
Bank
Mastercard
15. At Internet Scale
● All communication channels
are private and encrypted,
using pairwise peer DIDs
● All data is stored off-chain,
securely inside of the user’s
digital wallet
● Fully GDPR compliant, with
consent-based data sharing
and data minimization through
zero-knowledge proofs
Privacy by Design
15
Holder
Issuer Verifier
Trust
Verifiable Data Registry (e.g., Blockchain)
Public Key
+ other cryptographic metadata
DID
Wallet
100%
Off-Chain
GDPR
Compliant
Private
Pairwise Peer
DIDs
Private
Pairw
ise
Peer
DIDs
16. Individuals control what credential data they show and
to whom they show it
Benefit 1: An end to data overcollection
16
Age verification
without privacy protocols and
zero-knowledge proofs:
Age verification
with privacy protocols and
zero-knowledge proofs:
● Date of birth
● First Name
● Last Name
● Photo
● Address
● Height
● Weight
● Eye color
● Sex
● License Number
● License Class
● Issue Date
● Expiration Date
● Donor Status
● Holder is over 21
17. Your data and communications are always safe and private
Benefit 2: And end to tracking / correlation
17
An issuer's digital signature is the same for
every use of a credential, creating a
'super-cookie' correlating all of your behavior.
Digital signatures
without privacy protocols
and zero-knowledge proofs:
Each signature is unique, greatly reducing the
risk of correlation and tracking.
Digital signatures
with privacy protocols
and zero-knowledge proofs:
18. Here are my top four predictions.
What does the future hold
for digital identity wallets?
18
19. 19
Once a user has their own set of
cryptographic keys and DIDs in a secure,
backed-up, portable wallet — unlocked
with biometrics — it will become the new
universal multi-factor authentication.
#1: Digital identity wallets will,
finally, kill the password
20. 20
The wallet by itself is just secure storage
of keys, IDs, credentials, and other
cryptographic materials. What’s exciting is
the software operating the wallet. Secure
messaging and signed digital transactions
are just the start…
#2: It won’t be about the wallet,
it’ll be about the agent
21. 21
Interoperability of digital identity wallets
(and payment wallets) is low today. This
will be solved through development of a
common technical and governance stack
— see the work of the Trust Over IP (ToIP)
Foundation at https://trustoverip.org/
#3: Interoperability will be
achieved via a common “stack”
22. 22
Today they are separate, with very
different user experiences. But they are
on a collision course to get smarter,
simpler, and more convenient. Within a
decade, a unified digital wallet will be as
essential to our online lives as a browser is
today.
#4: Digital identity wallets and
payment wallets will converge
23. We’ve put together a list
of our top resources.
>> www.evernym.com/mobey
Interested in
learning more?
23