...
Description (User Story)
This is a generical generic use journey that involves the verifier submitting a request for user information and the user responding with the data that they are willing to share. Comparisons with other recommendations include FI = https://www.future-identity.org/recommendations
Narrative
What happens during the use caseSince this is a generic use case it only talks at a high level about the user acquiring a phone, wallet and appropriate credentials and then using them to access a desired resource.
Secondary Use Case (optional)
...
| # | Step | Description | Issues |
|---|---|---|---|
| 1 | acquire device | typically a smartphone from a telco | |
| 2 | acquire wallet | can be resident on the phone or acquired from a app store. | |
| 3 | acquire creds | from issuers like state DMV's or healthcare providers | |
| 4 | determine a goal | typically travel to another country, go to a ball game or get access to a video | |
| 5 | go to a web site for access ticket | only needed if access requires check-in or if the user wants assured access | |
| 6 | go to location of resource | either physical site or digital site | |
| 5 | select type of access | optional depending on resource, the purpose for the visit may be established here | |
| 6 | verifier sends request for data | at this point the purpose of the visit and the policy of the rules engines are queried | This is a bundled request which violate violates FI 2.8.12 |
| 7 | user wallet presents to user | the wallet converts the requestor name and purposes into a UI for the user to see | |
| 8 | user chooses | if some purposes have been added at the option of the verifier, the user can remove them | |
| 9 | presentation of user data | the wallet sends the presentation to the verifier based on the user request | |
| 10 | acceptance by verifier | this is the PEP = policy enforcement point, the user is granted access or not | |
| 11 | remediation | if the user is not granted access they should know why and how this can be rectified, usually by directing the user to acquire additional credentials. |
Verifier User Journey - establishing the policies to present to the user by the verifier
...