...
| Element | Detail | Notes |
|---|---|---|
| As a, | human user with a smartphone containing several mobile credentials | |
| I want | to travel to a foreign country or enter a sports venue | |
| so that | I can check that i have the privileges needs needed to access my destination | |
| Acceptance Criteria | ||
| Given | <how things begin> | |
| When | <action taken> | |
| Then | <outcome of taking action> | |
...
- The access pre-check performed by the user at the computing device will have a lifetime of several days. The policy check made at that time till continue to be valid even if the policy changes.
Use Case Details
Privacy
There are (in effect) two distinct access credentials created as a result of this process. One inside the seller's (or government's) system that can be used for the real-time access check. A second that can be held by the user's smartphone.
Data Provided
The seller needs to acquire a REAL ID for the holder which must include biometric data. This is highly sensitive and must not be shared. The verification device can send a real-time biometric scan, but does not see the store biometric data.
Data Retained
The seller may maintain the holder's legal name for as long as a relationship exists with the holder. The holder may terminate the relationship at any time. The seller will delete all references to the holder as soon as legally permitted.
The retention of biometric source data (like the user's image) is a difficult decision, but the holder must understand what happens to biometric data.
Diagram
Steps
Primary Use Case
...