Status: draft contribution

This is one of the broad list of abstract user stories focused on Privacy Enhanced Mobile Credentials (PEMC) on a mobile device platform.

Description (User Story)

This is a generical use journey that involves the verifier submitting a request for user information and the user responding with the data that they are willing to share.

...

Secondary Use Case (optional)

Taxonomy

...

Term
Definition
Holder The human user of the mobile credentials. The first person (I, we) of this story.
Device A smartphone or other mobile computing device including the operating system (OS) software.
Wallet
An application running on the OS that has access to protected storage on the device. Often called a native app.
Issuer of a mobile credential.
Verifier of one or more mobile credentials.
Credential A protected structure given by the issue to the holder's wallet. For example the mdoc from ISO 18013-5
Presentation A protected message given by the holder's wallet to the verifier. It will contain only that user data that is needed for the purpose of the transaction.
Purpose A structured list of attributes and the retention permissions from some trusted authority. For example the US TSA list of attributes needed to enter an airport.
PDP Policy Definition Point (aka policy issuer) This could be a government or the business that owns the Verifier)
PEP Policy Enforcement Point (aka policy verifier)

User Stories

Element	Detail	Notes
As a,	User of a web site
I want	to acquire access to some resource
so that	So that i can download content of physically access some venue
Acceptance Criteria
Given	<how things begin>
When	<action taken>
Then	<outcome of taking action>

...

Prerequisites / Assumptions

...

The user has a smartphone (or similar) with a operating system that can protect user credentials and other data.
The user has access to one or more wallets that will hold their credentials in the protected data store.
The user has reason to believe that they have loaded the credentials that will be needed to access the resource of interest to them.

Use Case Details

Privacy

Data Provided

...

Versions Compared

Old Version 2

New Version 3

Key

Status: draft contribution

Description (User Story)

Secondary Use Case (optional)

Taxonomy

User Stories

Prerequisites / Assumptions

Use Case Details

Privacy

Data Provided

Term	Definition
Holder	The human user of the mobile credentials. The first person (I, we) of this story.
Device	A smartphone or other mobile computing device including the operating system (OS) software.
Wallet	An application running on the OS that has access to protected storage on the device. Often called a native app.
Issuer	of a mobile credential.
Verifier	of one or more mobile credentials.
Credential	A protected structure given by the issue to the holder's wallet. For example the mdoc from ISO 18013-5
Presentation	A protected message given by the holder's wallet to the verifier. It will contain only that user data that is needed for the purpose of the transaction.
Purpose	A structured list of attributes and the retention permissions from some trusted authority. For example the US TSA list of attributes needed to enter an airport.
PDP	Policy Definition Point (aka policy issuer) This could be a government or the business that owns the Verifier)
PEP	Policy Enforcement Point (aka policy verifier)

Page Comparison

Versions Compared

Old Version 2

New Version 3

Key

Status: draft contribution

Description (User Story)

Secondary Use Case (optional)

Taxonomy

User Stories

Prerequisites / Assumptions

Use Case Details

Privacy

Data Provided