Page Status:
| Status | ||||
|---|---|---|---|---|
|
...
This is one of the broad
listlists of abstract user stories focused on Privacy-Enhanced Mobile Credentials (PEMC) on a mobile device platform.
Description (User Story)
The user wants to be able to carry a collection of credentials with them that can give then them access to physical locations as well as digital assets. The user needs to believe that they are in control of the release of their information and that the information will be handled security securely once released. The function of the holder's platform must include the acquisition, display, protection and creation of a presentation of the appropriate user attributes to the verifier. The holder must be able to trust the platform to protect their interests. The issuer must be able to trust the wallet to follow their policies, the verifier must be able to trust the platform to prove that presences presence and ownership of the presented attributes of a real-world human user of the platform. In addition, the platform might be required to prove the "liveness" of the real-world human at the time that the presentation was made.
...
The user on their smartphone travels in the real - world or the digital - world from place to place and easily access the locations or resources that they need in their day-to-day activities.
Secondary Use Case
The user caries back-up carries backup documents that can be used when the digital ecosystem is non-functional.
...
| Term | Definition |
|---|---|
| Credential | A protected structure is given by the issue to the holder's wallet. For example the mdoc from ISO 18013-5 |
| Presentation | A protected message given by the holder's wallet to the verifier. It will contain only that the user data that is needed for the purpose of the transaction. |
| Purpose | A structured list of attributes and the retention permissions from some trusted authority. For example the US TSA list of attributes needed to enter an airport. |
...
| Element | Detail | Notes | ||||
|---|---|---|---|---|---|---|
| As a, | human user | Typically this is the holder of the credentials. | ||||
| I want | access | to either a real-world or a digital resource | ||||
| so that | I can complete whatever task that currently has my attention. | without cognitive dissonance. | ||||
| Acceptance Criteria | ||||||
| Given | The user has a modern smartphone that comes with , or has installed, a wallet application that holds modern mobile credentials. | Laptops also will work, but the smartphone limitations are more germane to this use case. | ||||
| When | I start any task that requires identity credentials. | or when I start planning for future needs. | ||||
| Then | I consider the credentials I might need to complete my task. This is typically on a website that tells me how access is granted. | The user should not need much special knowledge to complete this step. | ||||
| As Needed | I migrate to an issuer web site website using either the browser or the wallet, as appropriate to acquire new credentials. | The user can be guided to get any missing credentials with major frustration. | ||||
| Fall back | I can scan some credentials from hard copy for entry into the secure store along with the fully digital credentials. See video for example. |
| ||||
...
- There are a few standard credential types like ISO 18013-5 mobile driver's license or W3C Verifiable Credentials.
- Smartphone Smartphones are available that can securely store credentials and proof prove the holder's presence and ownership of the credentials.
- There are wallet apps that can required require mobile credentials and release only that information that is needed for the user's purpose.
- The purpose of the access can be specified or determined by the user.
- The purpose will determine the data required by the user. (This is the definition of purpose for this user story.)
...
Related Material
Resources and Links
...
Page Tasks
- Type your task here, using "@" to assign to a user and "//" to select a due date