Conference PaperPDF Available

What is a (Digital) Identity Wallet? A Systematic Literature Review

  • June 2022
DOI:10.1109/COMPSAC54236.2022.00131
  • Conference: IEEE 46th Annual Computers, Software, and Applications Conference (COMPSAC)
Authors:
Blaž Podgorelec at Graz University of Technology
Blaž Podgorelec
Lukas Alber
Lukas Alber
Lukas Alber
  • This person is not on ResearchGate, or hasn't claimed this research yet.
Thomas Zefferer
Thomas Zefferer
Thomas Zefferer
  • This person is not on ResearchGate, or hasn't claimed this research yet.
Download full-text PDF
Read full-text
Download citation

Abstract

Identity management is crucial for any electronic service that needs to authenticate its users. Different identity-management models have been introduced and rolled out on a large scale during the past decades. Key distinguishing criteria of these models are the storage location of users' identity data and the degree of involvement of central entities such as identity providers, which can potentially track user behavior. Growing privacy awareness has led to a renaissance of user-centric identity-management models during the past few years. In this context, especially the concept of wallets applied to the digital identity domain has recently attracted attention, putting users into direct control of their identity data. Various approaches and solutions relying on this concept have been introduced recently. However, no generally accepted definitions of the concept "digital identity wallet" and of its related features and implementations exist so far, leading to considerable confusion in this domain. This paper addresses this issue by providing a systematic literature review on wallets applied to the digital identity domain to identify, analyze, and compare existing definitions, features, and capabilities of such solutions. By means of two research questions, this paper thereby contributes to a better understanding of identity wallets and the various recent developments in this domain.
Content uploaded by Blaž Podgorelec
Author content
All content in this area was uploaded by Blaž Podgorelec on Jul 12, 2022
Content may be subject to copyright.
What is a (Digital) Identity Wallet? A Systematic
Literature Review
Blaˇ
z Podgorelec
Graz University Of Technology
Graz, Austria
blaz.podgorelec@iaik.tugraz.at
Lukas Alber
Graz University Of Technology
Graz, Austria
lukas.alber@iaik.tugraz.at
Thomas Zefferer
A-SIT Plus GmbH
Vienna, Austria
thomas.zefferer@a-sit.at
Abstract—Identity management is crucial for any electronic
service that needs to authenticate its users. Different identity-
management models have been introduced and rolled out on a
large scale during the past decades. Key distinguishing criteria
of these models are the storage location of users’ identity
data and the degree of involvement of central entities such as
identity providers, which can potentially track user behavior.
Growing privacy awareness has led to a renaissance of user-
centric identity-management models during the past few years. In
this context, especially the concept of wallets applied to the digital
identity domain has recently attracted attention, putting users
into direct control of their identity data. Various approaches and
solutions relying on this concept have been introduced recently.
However, no generally accepted definitions of the concept “digital
identity wallet” and of its related features and implementations
exist so far, leading to considerable confusion in this domain.
This paper addresses this issue by providing a systematic
literature review on wallets applied to the digital identity domain
to identify, analyze, and compare existing definitions, features,
and capabilities of such solutions. By means of two research
questions, this paper thereby contributes to a better understand-
ing of identity wallets and the various recent developments in
this domain.
Index Terms—Identity management, identity, wallet, review
I. INTRODUCTION
Intensified by the pandemic, digitalization is moving more
and more transactions to the digital world. We increasingly use
electronic services to declare taxes, access our vaccination and
test certificates, or file applications at public administrations, to
mention just a few examples. Many of these electronic services
require users to authenticate, i.e., to prove their electronic
identity (eID), before access to personalized services and data
is granted. Secure and reliable user authentication is a complex
task typically enabled by so-called identity-management (IdM)
systems.
Different models for identity-management systems have
been proposed, introduced, and applied in practice during the
past decades. Most of these models have in common that they
involve four entities: a service provider (SP) offering electronic
services (e.g., a tax-declaration service), a user aiming to
access these services, an identity provider (IdP) authenticating
the user on behalf of the SP and providing the SP with the
This work was supported by the European Union’s Horizon 2020 Frame-
work Programme for Research and Innovation under grant agreement No.
959072 (mGov4EU).
user’s identity data, and a controlling party (CP) enforcing
relevant regulations [1].
From a historical perspective, the first IdM model broadly
applied was the so-called isolated model. As the most rudi-
mentary among the models, it simply combines the SP and IdP
in one component. Accordingly, each SP not only implements
specific business logic but also features its own IdP. In this
model, user authentication is not outsourced to an external
entity. Consequently, the user has to register separately at
each service provider, which then stores all required identity
information of its users. That implies a high burden for the
user since she has to remember separate credentials for each
service provider [1] she aims to access and use.
The central identity model has solved the problem of SP-
specific registrations. In this model, IdP functionality is out-
sourced and implemented by a separate entity, which multiple
SPs can then employ. This approach allows users to register
only once at this central IdP and later use the IdP to access
different SPs. As multiple SPs outsource user authentication
to one IdP, users can authenticate at all these SPs using the
same credentials. This characteristic is advantageous in terms
of usability. However, it makes the central IdP a single point
of failure since the IdP stores required identity information
of users for all SPs. Also, the central IdP is directly involved
in all authentication processes. Hence can potentially learn
which user authenticates at which service provider at which
time. Such information could be used to track users and
learn their behavior. Still, the central IdM model has found
application broadly. One prominent early example of an IdM
system following this model is Kerberos [2]. Other prevalent
examples are Google Identity1or Apple ID2, in which the
role of the identity provider is assumed by Google and Apple,
respectively.
The crux of the central identity model is that, in practice,
multiple IdPs exists, which all serve their own set of SPs.
Hence, a user registered at IdP A can only authenticate at SP
X if IdP A serves SP X. If another IdP instead serves SP X,
e.g., IdP B, the user either needs to register at that IdP B or
is excluded from SP X. The federated IdM model solves this
problem by establishing trust relationships between multiple
1https://developers.google.com/identity, accessed on 24.01.2021.
2https://appleid.apple.com/, accessed on 24.01.2021.
IdPs. The goal is to form a circle of trust. IdPs that are part of
this circle can delegate authentication requests to each other.
In the example above, IdP B can delegate an authentication
request from SP X to IdP A, as this IdP can authenticate
the user. The user’s identity information is then compiled by
IdP A and returned to IdP B, which can then continue as
if it had authenticated the user itself. In this model, users’
identity information is stored in a distributed way by different
IdPs. A well-known example of a federated IdM system is the
European eIDAS interoperability framework, which federates
national IdM systems of EU Member States to enable cross-
border authentication processes.
In all models discussed so far, the IdP stores the user’s iden-
tity data. By successfully authenticating against the IdP, the
users authorize the IdP to forward their identity information to
the requesting SP. This central storage of identity information
can be problematic, making the IdP an attractive target for
attacks. Hence, an approach that exposes the user’s identity
data less is the so-called user-centric IdM model. Instead of
storing the identity data at an IdP, the data is stored in the
user’s domain (e.g., on a smartcard or the user’s smartphone
protected with a hardware-based security element). The fact
that the user always remains in possession and full physical
control of her identity data gives the model advantage in
terms of privacy [1]. Typical examples of such solutions are
national IdM solutions relying on smartcards like the card-
based Austrian Citizen Card [3] or the German eID [4]. In
solutions following the user-centric model, required identity
information is retrieved from the user domain (e.g., read from
a smartcard) and forwarded to the requesting SP at each
authentication process. Still, some central IdP is typically in
place, which merely serves as middleware between the SP and
the token storing the identity information.
Recent developments like Self-Sovereign Identity (SSI) go
even one step further. While user-centric IdM solutions are
still dependent in most cases on central IdPs, SSI aims to
make the user the sole sovereign of her credentials. That is
achieved through central authority agnostic identity data and
peer-to-peer authentication. In many cases, a distributed ledger
is used by various IdPs in the corresponding circle of trust to
register new credentials. These credentials are then directly
issued to the requesting user [5]. Examples of this model are
the European Self-Sovereign Identity Framework (ESSIF)3or
Veramo4.
Recent steps in the historical development of identity-
management systems indicate a trend towards user-controlled
identity data. In this context, the term identity wallet has
recently attracted attention. The trend has also been noticed by
the European Commission. They recently published a proposal
for a new European Digital Identity [6], which is also based
mainly on the concepts of identity wallets. The Commission’s
proposal aims to extend and partly replace provisions of the
EU’s eIDAS Regulation [7]. The eIDAS Regulation currently
3essif-lab.eu, accessed on 11.01.2021.
4veramo.io, accessed on 14.01.2021.
defines the use and mutual acceptance of State-issued eIDs
amongst the Member States. The proposal demonstrates that
identity wallets are regarded as a future key technology in the
eID domain not only by technicians but also by policymakers.
Unfortunately, the term digital identity wallet is only
vaguely defined. Like many buzz words, the term is currently
used (and misused) in multiple contexts and for multiple tech-
nical concepts and solutions. That adds significant confusion
to discussions about the topic. To tackle this unsatisfying
situation, we provide a thorough review of digital wallets in
the digital identity domain while examining their underlying
technical concepts and investigating opportunities, barriers,
and current trends. The overview we present in this paper
is developed through a systematic literature review and a
survey of related scientific contributions. With the help of
two concrete research questions, existing scientific work is
analyzed to compile a clear picture of digital identity wallets
and their underlying concepts.
The remainder of this paper is structured as follows. In
Section II, the systematic literature-review approach is de-
tailed, and two research questions are defined. It is followed
by Section III, where thirteen groups of papers that passed the
rigorous reviewing process are identified and presented. Next,
Section IV employs the knowledge gathered from the review
process to answer the previously defined research questions
and to create a taxonomy of the wallet domain. Finally, we
draw relevant conclusions in Section V.
II. RESEARCH METHOD
We performed a systematic literature review based on the
state-of-the-art method introduced by Kitchenham and Char-
ters [8], wherein the review process is divided into three major
phases. In the first phase, the review is planned, comprising
the specification of research questions and the development of
a review protocol. In the next phase, the review is conducted,
including identification and selection of primary studies fol-
lowed by data extraction and synthesis. In the third and last
phase, the review’s results are reported. The essential steps of
the first and the second phase are recapitulated in this section,
while obtained review results are presented and discussed in
Section III.
A. Research Questions
To specify well-formatted research questions for the sys-
tematic literature review, we utilized the PICOC (Population,
Intervention, Comparison, Outcome, Context) method criteria
framework as defined in [8, 9]. In the targeted domain of
digital wallets and digital identities, Population refers to
digital wallets that are in some way used or play a role
in the domain of digital identity. Intervention that affects
the Population refers to characterization, data extraction, and
synthesis actions. For the conducted review, the Comparison
criterion is irrelevant, as no comparison will be performed. The
Outcome of Intervention comprises the reasons for utilizing a
digital wallet in the digital identity domain and the principal
features of such a digital wallet. The Intervention on the
before-mentioned Population will be carried out in the Context
of academic peer-reviewed articles.
With the help of the applied PICOC criteria framework, we
had identified and clarified the main concepts that were the
focus of this research and derived the following two research
questions:
RQ1: What are the primary motivations for applying
digital wallets in the digital identity domain?
RQ2: What are the main features of digital wallets
concerning digital identity, i.e., digital identity wallets?
B. Identification and Selection of Studies
To identify relevant studies for the literature review, we
composed a search strategy consisting of two phases. The
automated search on selected academic databases was per-
formed in the first phase. The following academic databases,
mostly used when performing systematic literature reviews
on computer science-related fields, were selected: IEEEX-
plore, ACM, ScienceDirect, Web of Science, and SCOPUS.
The search was performed using search strings within the
databases’ search engines. The search string was composed of
the keyword Wallet indicating digital wallet, and the keyword
Identity describing digital identity domain. The two keywords
were combined with the logical operator AND. A logical
operator was used to restrict results to studies incorporating
both concepts in the respective article’s metadata (i.e., Title,
Abstract, or Keywords). That yielded the final search string:
Wallet AND Identity.
Studies considered in the review phase had to satisfy
some predefined inclusion and exclusion criteria. Concretely,
considered studies had to be written in English language
(IC1), scientifically peer-reviewed (IC2), content-wise related
to the specified keywords and research questions (IC3), and
available as a full paper in digital academia databases (IC4).
Therefore, considered studies were not allowed to be published
as Editorial, Abstract, Poster, Demonstrators or Short Paper
(EC1), scientifically non-peer-reviewed (EC2), and were not
allowed to be content-wise unrelated to the specified keywords
and research questions (EC3).
It should be noted that some of the inclusion and exclusion
criteria could already be used thanks to the database search
engines. Figure 1 shows that after extraction of all the relevant
studies (i.e., 285 studies in total) from academic databases
using the search string as mentioned earlier within automated
search, IC1, IC2, IC4, EC1, and EC2 were applied, which
decreased the total number of relevant studies to 253. After
we removed duplicate studies, the search resulted in 141
studies. All the other inclusion and exclusion criteria (i.e.,
IC3 and EC3) were applied within the next important step in
the study selection process, i.e., Screening. In the Screening
step, we read 141 studies titles and abstracts and manually
rejected irrelevant studies for the conducted review. This step
reduced the number of relevant studies to 42. We continued the
Screening step, where we read the full text of the remaining
42 studies thoroughly, reducing the number of relevant studies
to 23. These 23 studies were finally accepted for review.
Studies extracted
from academic
databases
(N=285)
IC1, IC2, IC4 and
EC1, EC2 applied
(N=253)
Remove duplicates
(N=141)
Screening - title and
abstract; IC3, EC3
applied
(N=42)
Screening - full
reading; IC3, EC3
applied
(N=23)
Snowballing - round 1
(N=3)
Snowballing - round 2
(N=0)
Studies accepted into
review
(N=26)
Fig. 1. Study identification and selection process.
We identified 23 relevant studies that concluded the first
phase of the applied search strategy. The 23 identified studies
then served as input to the search strategy’s second phase.
In this second phase, we applied the Snowballing method to
identify additional studies that should be considered in the
review but had been for any reason missed within the auto-
mated search approach we performed in the first phase. The
Snowballing method includes two techniques for identifying
relevant studies, i.e., Backward Snowballing, which identifies
new studies using a reference list, and Forward Snowballing,
where new studies are identified based on citations of already
examined studies. The input of studies, i.e., start set examined
within Snowballing, are the studies that have been identified
and selected based on automated search in the first phase. The
Snowballing method is iterative and executed as long as new
studies can be identified. Newly identified studies then serve as
input for the next Snowballing iteration. All studies identified
in an iteration were screened by applying the screening process
already known from the first phase. As depicted in Figure 1, in
the first iteration of Snowballing, we identified, selected, and
accepted to the literature review three new studies. However,
the second iteration of Snowballing already did not yield any
new study to be accepted for the literature review. Thus, we
accepted a total of 26 studies to the review phase.
C. Data Extraction and Synthesis
We thoroughly read the studies accepted for our literature
review to extract the necessary information and answer the pre-
defined research questions. For this reason, a data-extraction
form, consisting of the following items, was outlined to ensure
the equal processing of all studies: Study ID, Title, Author,
Year, Keywords, IdM considered, Digital wallet features, Con-
clusions. Based on extracted data, a synthesis strategy was
defined. The initial step in data synthesis was to group studies
from the same authors or authors with the same content-
wise concepts. This step comprised the studies accepted in
the review phase that were logical successors, predecessors, or
content-wise related to the same domain of the same subset of
authors. After that, the extracted data relevant to answer each
predefined research question was additionally synthesized, i.e.,
categorized on the iterative definition to be ready for analysis
to provide answers to the predefined research questions.
III. RES ULTS
As a result of the steps mentioned above, we identified
thirteen contentwise related groups. Each group is comprised
of one or more studies. A brief overview of identified groups
is presented in Table I, while below each group and identified
study is described in more detail and placed in the scope
of our research. Further, we extracted the IdM in the focus
and information about the role of the digital wallet from
each identified group of studies. The aforementioned extracted
information was reconsidered and synthesized when answering
RQ1. Moreover, we extracted information concerning digital
wallet features for each group of studies. Extracted pieces
of information were later synthesized and in-depth analyzed
when answering RQ2.
The first group is comprised of two studies by Abraham
et al. [10, 11]. In [10], the authors extended the SSI model
to support revocation and offline verification. In [11], the
authors proposed a new generic concept that could enable
mobile-based identity wallets to achieve an eIDAS-defined
Level of Assurance High. In the context of these studies, the
identity wallet was utilized to support the SSI model paradigm,
including the Decentralized Identifier (DID) system, and to
ensure that the identity-related data remains stored with the
user on her mobile device. The identity wallet was used for
storing and managing cryptographic material, identifiers, and
identity data (in the form of Verifiable Credentials), including
controlled sharing of identity-related information upon user
consent.
The second group includes a study by Augusto and Correia
[12]. A novel, user-centric identity management was proposed
in the domain of the federated IdM. In the scope of the
study, a digital identity wallet acts as an authorization broker
to avoid a massive aggregation of users’ identity attributes.
Therefore, a digital identity wallet on a mobile device was used
to store and aggregate identity attributes together with related
cryptographic material inside a secure element. However, a
wallet was also used to manage and revoke access to identity
attributes towards a Relying Party (i.e., Service Provider).
The third group is comprised of articles by Bandara et al.
[16, 14, 13, 15]. In [16] authors proposed a Cyber Threat
Information platform, in [14] a Know Your Customer (KYC)
platform, and in [13, 15] a digital contact tracing platform.
The blockchain-based SSI model with an SSI-enabled mobile
wallet was incorporated in all studies. A mobile identity wallet
was used to store identity-related data, including cryptographic
material, in a secure, local storage, while the identity proof,
i.e., DID, was written in a blockchain network. The mobile
wallet enables users to capture/verify identity proofs and share
identity information between wallets upon user consent. The
digital wallet was introduced to overcome privacy concerns
related to storing identity data in centralized storage plat-
forms and building data silos that could lead to massive data
breaches.
The fourth group is comprised of two articles by Bernabe
et al. [17, 18] that in the scope of the reliAble euRopean
Identity EcoSystem (ARIES) project proposed a new identity-
management system based on SSI principles that enable the
use of privacy-preserving mobile identities through the usage
of a secure mobile identity wallet. Linkage of identity-related
attributes and identity providers to Relying Parties (i.e., Ser-
vice Providers) was prevented with the identity wallet that
acts as mediate. The identity wallet is part of a mobile appli-
cation and stores identity-related data, including cryptographic
material in secure storage (i.e., in the mobile device’s secure
element). A digital wallet was presented as a means by which
the user could manage his identity data. Moreover, the authors
stated that identity data should be exported from identity
wallets only upon user consent, and if possible, selective
disclosure of identity data should be enabled.
The fifth group is comprised of studies by Gajek et al.
[19, 20] and Bugiel et al. [21]. A new approach was presented
to prevent classical and malware phishing attacks in the
domain of centralized IdM. The approach is based on ideas
of compartmentalization for isolating applications of different
trust levels and trusted wallets. In [19, 20], a wallet-based
authentication tool was introduced to enable secure storage of
identity-related information, including cryptographic material,
and to protect web-based authentication procedures. With a
wallet, transfer (i.e., share) of identity-related data to Relying
Parties (i.e., Service Providers) became possible. A digital
wallet was used as an instrument that protects web-based
authentication and acts as a man-in-the-middle proxy in the
browser on behalf of the user between server and storage of
identity-related data (i.e., login credentials). In that manner,
authors claimed that identity theft through phishing attacks
could be prevented. In [21], the authors proposed a further
extension of the digital wallet to enable the protection of login
credentials used in web browsers on mobile platforms. This
addition was achieved by extending a digital wallet with secure
hardware elements on mobile devices.
The sixth group is comprised of six studies [22, 23, 24,
25, 26, 27] published in the scope of the EU-funded research
project CREDENTIAL - Secure Cloud Identity Wallet Euro-
pean. Because of the lack of privacy-preserving storage and
advanced identity sharing services in the domain of Identity
as a Service, a novel user-centric cloud-based data storage
and sharing platform that enhances user privacy was proposed.
Thus, a user could store, control, and share identity data and
other sensitive data in a cloud wallet. However, the cloud
provider never has access to plain (i.e., unencrypted) data be-
cause advanced cryptographic techniques (e.g., re-encryption,
malleable digital signatures) are applied. The designated iden-
tity wallet acts as privacy-preserving storage deployed in the
cloud, including sharing services based on selective disclosure.
TABLE I
STU DIE S ACC EPT ED I NTO R EVI EW C ATEG ORI ZE D IN GRO UP S.
Group Studies in group Brief description
# 1 [10], [11] Extends the SSI model with support for revocation and offline verification and presents
a novel mobile-based identity wallet to achieve eIDAS LoA high.
# 2 [12] Proposes a novel framework for user-centric IdM.
# 3 [13], [14], [15], [16] Presents a mobile-based identity wallet based on blockchain-based SSI applied on
different domains (i.e., threat information exchange and contact tracing).
# 4 [17], [18] Proposes a novel IdM framework based on SSI principles.
# 5 [19], [20], [21] Presents a wallet-based authentication tool for web-based authentication
that prevents phishing knowing the authorized servers within a centralized IdM.
# 6 [22], [23], [24], [25], [26], [27] Introduces a novel end-to-end secure and privacy-preserving cloud-based identity wallet.
# 7 [28] Presents a holistic view of the DID system.
# 8 [29] Proposes a context-aware service system architecture based on identity
interchange layer including mobile digital identity wallet.
# 9 [30] Proposes several specifications to evaluate any SSI IdM solution.
# 10 [31] Derives privacy requirements for browser-based attribute exchange.
# 11 [32] [33] Examines a proof of concept digital wallet in the SSI context
and provides a novel practical decentralized key recovery solution.
# 12 [34] Demonstrates how blockchain-based SSI can be used to solve challenges of KYC processes.
# 13 [35] Introduces a decentralized, interoperable approach to IdM, discusses challenges of centra-
lized IdM and investigates current developments of verifiable credentials and digital wallets.
The usage of data stored in the wallet is transparent to the
user and can be exported from the identity wallet only with
her consent.
In [28], which is the only study comprising the seventh
group, the authors provided a holistic view on DID system. It
serves to understand different DID building blocks that enable
the SSI model, including identity wallet and its interactions
with the DID system components. The DID identity wallet was
presented as a piece of the software part of the Agent (Cloud
or Edge). It serves as secure storage for identity-related data
(in the form of Verifiable Credentials) and other cryptographic
material (DID signing and verification keys, link secret, agent
policy keys, and secret value commitments). Therefore, an
identity wallet was used to avoid the storage centralization of
identity-related data. Also, it enables user control over identity,
aggregation of identity-related data (i.e., sharing), backup, and
recovery.
The eighth group includes a study by Kim et al. [29]. In
the scope of the user-centric IdM, the authors presented an
identity interchange layer, including a mobile digital identity
wallet. The latter is a personalized context-aware agent on
a personal device. Every user’s identity-related information
flows through a digital identity wallet. The user can control
when identity information is provided (i.e., shared) to the
requesting entity which can be done only upon user consent.
With a digital identity wallet, storage and management of
identity-related data (i.e., credentials) are provided. Moreover,
the wallet use allows complete control, enabling users to
enforce their security and privacy policies.
The ninth group is comprised of only one study by Naik
and Jenkins [30], which built on existing specifications for
evaluating federated IdM and proposed new specifications for
evaluation of any SSI model. A digital wallet was described as
a maintainer (i.e., storage) of all identity-related information
fully controlled by the user (i.e., identity owner), who typically
owns the device (i.e., edge agent) where the digital wallet
resides. Digital wallet was introduced to give users control
over identity-related data, including identity recovery and
sharing of identity upon user consent. As secure storage of
all identity-related information, the digital wallet could also
be part of the Cloud agent, which should be protected from
unauthorized access and enable full control and ownership of
identity-related data only to the identity owner.
The tenth group consists only of one study by Pfitzmann and
Waidner [31]. The authors derived the privacy requirements
of browser-based attribute-exchange protocols from general
privacy principles. The browser-based attribute exchange is a
three-party protocol that enables users to send identity-related
information (i.e., attributes) via browser (i.e., client) to some
destination site (i.e., to service provider) without remembering
or typing them. In this protocol, the authors introduced a
digital wallet to strengthen the privacy and security of identity-
related data. The authors stated that the digital wallet could
operate in different environments depending on where ex-
changeable information resides. Therefore authors differenti-
ated between the local environment, i.e., local digital wallet
where identity-related information to be exchanged reside on
the user’s local machine, and the remote environment, i.e.,
remote digital wallet where identity-related information to be
exchanged reside at some other machine. Regardless of its
actual type, the wallet was described as a collection (stor-
age) of identity-related information (i.e., attributes), including
cryptographic material and methods to use them. Moreover,
the authors stated that the wallet should only send, i.e., share
identity-related information to the service provider upon the
user’s explicit consent.
Two studies by Soltani et al. [32, 33] form the eleventh
group. In those studies, a proof-of-concept digital wallet in
the context of SSI was examined, and a novel practical decen-
tralized key recovery solution was proposed. A digital wallet
was described as software that runs on a smartphone and acts
as the electronic version of a physical wallet. It securely stores
identity-related information, including cryptographic material,
on the mobile device within the secure element. Moreover,
a digital wallet is able to connect with other entities to
exchange information (e.g., for user authentication). Besides,
within a digital wallet, only the identity owner, i.e., the user,
should be able to perform operations with identity-related
information, for which cryptographic means are required.
Thus, a digital wallet was introduced to empower users to
control identity-related data, including cryptographic material,
mitigate password-based authentication, decrease data frag-
mentation, and prevent identity breaches.
In [34], which is part of the twelfth group, the authors
demonstrated how blockchain-based SSI using DIDs could be
applied to solve the challenges of KYC processes. A digital
wallet, also called a digital agent, operated on a smartphone,
computer, or cloud, serves as storage for DIDs, cryptographic
materials, and identity-related information (e.g., credentials).
Users have complete control over their data, regardless of
the storage, i.e., digital wallet location (e.g., edge or cloud).
Moreover, the authors stated that data stored in the digital
wallet could be shared, and the digital wallet should enable
backups of identity-related information. Hence, a digital wallet
was introduced to foster user control of identity-related data,
avoid centralization storage, and enhance privacy.
The last and thirteenth group consists of a study by Sedlmeir
et al. [35]. In this study, the authors discussed the challenges of
the centralized IdM, examined current trends in development
regarding verifiable credentials, and emphasized that digital
wallets could be a promising research area. A digital wallet
was presented as a tool for storing identity-related data (i.e.,
verifiable credentials), including cryptographic material on
mobile devices or any other edge device or cloud. The authors
stated that users could control digital identity-related data and
share it with other stakeholders using a digital wallet. More-
over, the authors stated that with digital wallets, identity silos
could be avoided, users’ privacy and security increased, and
fast-machine exchange of identity-related information enabled.
This section described and exposed essential data of all
13 identified groups of studies accepted into the review,
relevant and crucial to recognizing the primary motivations
for applying digital wallets in the digital identity domain and
identifying the main features of such digital identity wallets.
In the next section, that data is further utilized and analyzed
to provide an answers to the predefined research questions.
IV. DISCUSSION OF RES ULT S
Based on the data extracted from the categorized groups of
studies presented in Section III, this section discusses findings
and synthesizes data. This way, answers to the predefined
research questions are derived.
As can be observed from Table II, most groups of studies
(9 of 13) reported that digital wallets were introduced to
the digital identity domain in order to improve the storage
security of identity-related data and to enhance user privacy
when sharing identity-related data with service providers (M1).
The second most recognized motivation for introducing digital
wallets to the digital identity domain (mentioned in 7 of 13
studies groups) was to avoid centralization of identity-related
data (M2) and thus prevent the formation of large data silos of
identity-related data. To keep identity-related data under user
control (M3) was noted as motivation in 4 of 13 studies groups.
Facilitating ease of use of digital identity (M4) was reported in
3 of 13 studies groups. IdM, which was in the focus of each
group of studies, and the environment, where digital wallet
operates were extracted to understand better the motivations
for introducing digital wallets into the identity domain. All
extracted pieces of information are presented in Table II.
While we already described IdMs in Section I, it is crucial to
recognize, define, and also describe the environments in which
digital wallets are supposed to operate. Two environments
where digital wallets operate were identified from extracted
data: local and remote environments. In a remote environment
also called a Cloud environment the digital wallet’s
infrastructure is not owned and managed directly by the user
but by the remote-environment provider. In contrast, the user
controls and owns the required infrastructure (e.g., a mobile
device) in the local environment.
Except for one group of studies, the local environment was
identified in most of the studies (12 of 13). However, in some
studies (5 of 13), both (i.e., local and remote environments)
were identified as possible. Nonetheless, in the majority (7
of 13), only the local was identified as the digital wallet’s
environment. In those groups of studies (9), where security and
privacy were recognized as motivation to apply digital wallets
to the digital identity domain (M1), most of the studies (5
of 9) identified the local environment as the sole environment
where a digital wallet operates. However, in 3 out of 9 studies,
both environments were mentioned as options. In contrast,
only one group of studies identified the remote environment
suitable for a digital wallet solely. Almost the same pattern
occurred in groups of studies (7) where avoiding centralization
(M2) was specified as the primary motivation for introducing
digital wallets into the digital identity domain. The majority
of those groups (4 of 7) foresee only the local environment.
Nevertheless, in 3 out of 7 studies, both environments were
identified. In groups (4), where providing control over identity-
related data (M3) was defined as motivation, half of the
groups foresee only the local environment, and half of the
groups mentioned both environments are possible. Further,
only a remote environment should be in place was identified
in 1 out of 3 groups of studies motivated to ease the use
of digital identity (M4). In comparison, 2 out of 3 groups
mentioned both environments as possible. Based on these
results, it can be concluded that those groups of studies, where
security and privacy of identity-related data (M1), avoiding
centralization (M2), and providing control (M3) were the
primary motivations for introducing digital wallets, mainly
assumed or suggested to operate digital wallets in a local
TABLE II
IDM, DIGITAL WALLET ENVIRONMENT,MOTIVATIONS BEHIND APPLYING DIGITAL WALLET TO DIGITAL IDENTITY DOMAIN,AND IDENTITY DIGITAL
WALLET FEATURES IDENTIFIED WITHIN GROUPS OF STUDIES ACCEPTED INTO THE REVIEW.
Group
IdM Environment
(M1) Security & privacy
(M2) Centralization
(M3) Provide control
(M4) Ease of use
(F1) Store identity data
(F2) Manage identity data
(F3) Share identity data
(F4) Store crypto material
(F5) Combine identity data
(F6) Recover & backup
#1 SSI Local
#2 Federated Local
#3 SSI Local
#4 SSI Local
#5 Centralized Local
#6 as a Service Remote
#7 SSI Remote or Local
#8 User-centric Local
#9 SSI Remote or Local
#10 Centralized Remote or Local
#11 SSI Local
#12 SSI Remote or Local
#13 SSI Remote or Local
environment. In contrast, requirements related to ease-of-use
typically (M4) lead to digital wallets being operated in a
remote environment.
In IdM solutions that most frequently apply digital wallets,
i.e., SSI (8 of 13 studies groups), the environment is called
an agent and is either Cloud (referring to the remote envi-
ronment) or Edge (referring to the local environment, most
usually mobile device). The motivation to enhance security
and privacy (M1) was recognized within all identified IdM
models. At the same time, the SSI model was in the focus of
6 out of 7 groups of studies, in which avoiding centralization
(M2) was described as motivation. Only one group describing
the avoidance of centralization as motivation (M2) focused on
federated IdM. All groups where control over identity-related
data (M3) was identified focused on SSI IdM. The Identity
as a Service model was in the focus of one group of studies
with ease-of-use motivation (M4), while two other groups of
studies with the same motivation had SSI IdM in their focus.
Based on the discussed findings, which were extracted and
synthesized from studies accepted into the review, we are now
able to provide the following answer to Research Question 1:
The primary motivations for applying digital wallets to
the digital identity domain are to avoid digital identity-
related data centralization, enhance the security and privacy
of identity-related data, provide control over identity-related
data under user responsibility, and ease the use of digital
identities.
The features of digital wallets applied to the digital identity
domain were extracted and synthesized from studies accepted
for review. They are presented in Table II separately for
each identified group of studies. In all groups of studies,
the following three digital-wallet features regarding the digital
identity domain have been identified: storing identity-related
data (F1), managing identity-related data (F2), and sharing
identity-related data (F3).
Identity-related data storing refers to the digital-wallet fea-
ture that enables storage of identity and identity-related inside
a digital wallet (F1). A feature that enables users to manage
and control their identity-related data (F2) covers the following
functionalities: select identity data to be stored in a digital
wallet (FN2.1), remove identity data from the digital wallet
(FN2.2), review identity data stored in a digital wallet (FN2.3),
and select identity data to be shared outside the digital wallet
(FN2.4).
Select identity data to be stored functionality (FN2.1) en-
ables the user to decide which identity data should be stored
in a digital wallet and enriches the storing identity-related data
feature (F1), which focuses solely on storing abilities of the
digital identity wallet. Similarly, the select identity data to
be shared outside digital wallet functionality (FN2.4) extends
the sharing identity-related data feature (F3). Thus with select
identity data to be shared outside digital wallet functionality
(FN2.4), only the user can (by providing explicit consent)
decide which identity data could be exposed, i.e., shared out
of a digital wallet. However, the sharing identity-related data
feature (F3) focuses solely on the sharing abilities of identity-
related data stored in the digital identity wallet.
The three features (F1, F2, and F3) mentioned above have
been identified in all groups of studies, which implies that they
are independent of the IdM and the digital wallet operating
environment. The digital wallet feature, which describes the
capacity of a digital wallet to store cryptographic material
related to digital identity securely (F4), was identified in 12 of
13 groups of studies. All these groups presented the local or
remote environment where the digital wallet can operate. In
contrast, the only group of studies where the feature mentioned
above (F4) was not identified envisioned that the digital wallet
operates only in a remote environment, and identity-related
cryptographic material is stored out of the scope of a digital
wallet.
Next, the feature that a digital wallet applied in the digital
identity domain should allow identity data to be combined
before being shared outside the digital wallet (F5), including
selective disclosure, was identified in 8 of 12 groups of studies.
This feature (F5) could be understood as an extension of select
identity data to be shared outside the digital wallet func-
tionality (FN2.1). However, no pattern related to the digital
wallet identity data-combining feature (F5) was identified with
relation to IdM and the digital-wallet environment.
The last identified feature of the digital wallet, applied to the
digital identity domain, was specified in 5 out of 13 groups.
It describes the digital wallet’s ability to recover and backup
identity data (F5). However, in those studies, such a feature
was partially always realized by using specific characteristics
of the digital-wallet environment. Therefore, it could not be
identified fully as a desired feature of the digital wallet applied
on the digital identity domain.
Based on the findings extracted from studies, which were
accepted into the review, and which have been discussed in
this section, we are now able to provide the following answer
to Research Question 2:
The digital identity wallet is software that operates in the
remote or local environment and enables the storing, manag-
ing, and sharing of digital identity-related data. The digital
identity wallet also provides secure storage for cryptographic
material associated with digital identity-related data. With a
digital identity wallet, the user controls and manages identity-
related data. That includes removing and reviewing identity-
related data stored in the wallet and explicitly selecting what
identity-related data to store/share into/outside the wallet.
Moreover, when selecting identity-related data to be shared
outside the digital identity wallet, a user should be able to
combine different identity-related data. Additionally, with the
support of the underlying environment, a digital identity wallet
can recover and back up identity-related data.
V. CONCLUSION
This paper provides a systematic review of literature on
digital wallets applied to the digital identity domain. To
support the systematic approach, we initially defined two
research questions. Subsequently, we first identified relevant
studies, then extracted data, and finally synthesized the re-
maining studies to answer these questions. That way, this paper
revealed motivations for applying digital wallets in the digital
identity domain and examined features provided by digital
identity wallets. Even more important, this paper is to the
best of our knowledge the first to survey and study the role of
digital wallets in the digital identity domain, to contextualize
relevant and frequently used terms and concepts related to
digital wallets, and to hence provide a comprehensive overview
of this increasingly important topic.
In future work, we plan to extend the systematic review,
e.g., by extending the scope of considered scientific works and
by defining further research questions with the goal further
to enrich the overview of the state-of-the-art. Also, we aim
to put particular focus on analyzing and incorporating input
provided by the European Commission. The latter has recently
published a proposal for a new European Digital Identity,
which is also largely based on the concepts of identity wallets.
These activities are supposed to further boost the relevance
of digital-wallet technology, especially in Europe, and lift
digital wallets’ relevance to a new stage. Keeping an overview
of relevant concepts and ongoing activities is vital for fully
employing this technology’s potential. The work presented in
this paper and future extensions shall contribute towards that
goal.
REFERENCES
[1] B. Zwattendorfer, T. Zefferer, and K. Stranacher,
An overview of cloud identity management-models,
in WEBIST 2014 - Proceedings of the 10th
International Conference on Web Information Systems
and Technologies, Volume 1, Barcelona, Spain, 3-
5 April, 2014, V. Monfort and K. Krempels, Eds.
SciTePress, 2014, pp. 82–92. [Online]. Available:
https://doi.org/10.5220/0004946400820092
[2] C. Neuman, T. Yu, S. Hartman, and K. Raeburn,
“The kerberos network authentication service (V5),
RFC, vol. 4120, pp. 1–138, 2005. [Online]. Available:
https://doi.org/10.17487/RFC4120
[3] H. Leitold, A. Hollosi, and R. Posch, “Security
architecture of the austrian citizen card concept,” in
18th Annual Computer Security Applications Conference
(ACSAC 2002), 9-13 December 2002, Las Vegas, NV,
USA. IEEE Computer Society, 2002, pp. 391–400.
[Online]. Available: https://doi.org/10.1109/CSAC.2002.
1176311
[4] J. Fromm and P. Hoepner, “The new german eid card,
Handbook of eID Security: Concepts, Practical Experi-
ences, Technologies, pp. 154–166, 2011.
[5] A. Abraham, C. Schinnerl, and S. More, “SSI
strong authentication using a mobile-phone based
identity wallet reaching a high level of assurance, in
Proceedings of the 18th International Conference on
Security and Cryptography, SECRYPT 2021, July 6-8,
2021, S. D. C. di Vimercati and P. Samarati, Eds.
SCITEPRESS, 2021, pp. 137–148. [Online]. Available:
https://doi.org/10.5220/0010542801370148
[6] “Proposal for a regulation of the european parliament
and of the council amending regulation (eu) no
910/2014 as regards establishing a framework for
a european digital identity, June 2021. [Online].
Available: https://digital-strategy.ec.europa.eu/en/library/
trusted-and-secure-european-e-id-regulation
[7] “Regulation (eu) no 910/2014 of the european
parliament and of the council of 23 july 2014 on
electronic identification and trust services for electronic
transactions in the internal market and repealing
directive 1999/93/ec, July 2014. [Online]. Available:
https://eur-lex.europa.eu/eli/reg/2014/910/oj
[8] B. Kitchenham and S. Charters, “Guidelines for perform-
ing systematic literature reviews in software engineer-
ing,” 2007.
[9] M. Petticrew and H. Roberts, Systematic reviews in the
social sciences: A practical guide. John Wiley & Sons,
2008.
[10] A. Abraham, S. More, C. Rabensteiner, and F. H ¨
orandner,
“Revocable and offline-verifiable self-sovereign identi-
ties,” in 2020 IEEE 19th International Conference on
Trust, Security and Privacy in Computing and Commu-
nications (TrustCom). IEEE, 2020, pp. 1020–1027.
[11] A. Abraham, C. Schinnerl, and S. More, “Ssi strong
authentication using a mobile-phone based identity wallet
reaching a high level of assurance, in Proceedings-8th
International Conference on Security and Cryptography
(SECRYPT 2021), 2021.
[12] A. B. Augusto and M. E. Correia, “Ofelia–a secure mo-
bile attribute aggregation infrastructure for user-centric
identity management,” in IFIP International Information
Security Conference. Springer, 2012, pp. 61–74.
[13] E. Bandara, X. Liang, P. Foytik, S. Shetty, C. Hall,
D. Bowden, N. Ranasinghe, K. De Zoysa, and W. K. Ng,
“Connect-blockchain and self-sovereign identity empow-
ered contact tracing platform.” in MobiHealth, 2020, pp.
208–223.
[14] E. Bandara, X. Liang, P. Foytik, S. Shetty, and
K. De Zoysa, A blockchain and self-sovereign identity
empowered digital identity platform, in 2021 Interna-
tional Conference on Computer Communications and
Networks (ICCCN). IEEE, 2021, pp. 1–7.
[15] E. Bandara, X. Liang, P. Foytik, S. Shetty, C. Hall,
D. Bowden, N. Ranasinghe, and K. De Zoysa, A
blockchain empowered and privacy preserving digital
contact tracing platform,” Information Processing &
Management, vol. 58, no. 4, p. 102572, 2021.
[16] E. Bandara, X. Liang, P. Foytik, and S. Shetty,
“Blockchain and self-sovereign identity empowered cy-
ber threat information sharing platform,” in 2021 IEEE
International Conference on Smart Computing (SMART-
COMP). IEEE, 2021, pp. 258–263.
[17] J. B. Bernabe, A. Skarmeta, N. Notario, J. Bringer,
and M. David, “Towards a privacy-preserving reliable
european identity ecosystem,” in Annual Privacy Forum.
Springer, 2017, pp. 19–33.
[18] J. B. Bernabe, M. David, R. T. Moreno, J. P. Cordero,
S. Bahloul, and A. Skarmeta, Aries: Evaluation of a re-
liable and privacy-preserving european identity manage-
ment framework, Future Generation Computer Systems,
vol. 102, pp. 409–425, 2020.
[19] S. Gajek, A.-R. Sadeghi, C. Stuble, and M. Winandy,
“Compartmented security for browsers-or how to thwart
a phisher with trusted computing,” in The Second In-
ternational Conference on Availability, Reliability and
Security (ARES’07). IEEE, 2007, pp. 120–127.
[20] S. Gajek, H. L¨
ohr, A.-R. Sadeghi, and M. Winandy,
“Truwallet: trustworthy and migratable wallet-based web
authentication,” in Proceedings of the 2009 ACM work-
shop on Scalable trusted computing, 2009, pp. 19–28.
[21] S. Bugiel, A. Dmitrienko, K. Kostiainen, A.-R. Sadeghi,
and M. Winandy, “Truwalletm: Secure web authentica-
tion on mobile platforms,” in International Conference
on Trusted Systems. Springer, 2010, pp. 219–236.
[22] F. Karegar, C. Striecks, S. Krenn, F. H¨
orandner,
T. Lor¨
unser, and S. Fischer-H¨
ubner, “Opportunities and
challenges of credential,” in IFIP International Summer
School on Privacy and Identity Management. Springer,
2016, pp. 76–91.
[23] F. Karegar, D. Lindegren, J. S. Pettersson, and S. Fischer-
H¨
ubner, Assessments of a cloud-based data wallet
for personal identity management,” in 26th Interna-
tional Conference on Information Systems Development
(ISD2017 Cyprus). Larnaca, Cyprus, September 6-8,
2017, 2017.
[24] A. Kostopoulos, E. Sfakianakis, I. Chochliouros, J. S.
Pettersson, S. Krenn, W. Tesfay, A. Migliavacca, and
F. H ¨
orandner, “Towards the adoption of secure cloud
identity services,” in Proceedings of the 12th Interna-
tional Conference on Availability, Reliability and Secu-
rity, 2017, pp. 1–7.
[25] S. Krenn, T. Lor¨
unser, A. Salzer, and C. Striecks,
“Towards attribute-based credentials in the cloud, in
International Conference on Cryptology and Network
Security. Springer, 2017, pp. 179–202.
[26] U. Hab¨
ock and S. Krenn, “Breaking and fixing anony-
mous credentials for the cloud,” in International Confer-
ence on Cryptology and Network Security. Springer,
2019, pp. 249–269.
[27] F. Veseli, J. S. Olvera, T. Pulls, and K. Rannenberg,
“Engineering privacy by design: lessons from the design
and implementation of an identity wallet platform, in
Proceedings of the 34th ACM/SIGAPP Symposium on
Applied Computing, 2019, pp. 1475–1483.
[28] B. G. Kim, Y.-S. Cho, S.-H. Kim, H. Kim, and S. S. Woo,
A security analysis of blockchain-based did services,”
IEEE Access, vol. 9, pp. 22 894–22 913, 2021.
[29] S.-H. Kim, S.-R. Cho, and S.-H. Jin, “Context-aware
service system architecture based on identity interchange
layer, in 2008 10th International Conference on Ad-
vanced Communication Technology, vol. 2. IEEE, 2008,
pp. 1482–1486.
[30] N. Naik and P. Jenkins, “Self-sovereign identity spec-
ifications: Govern your identity through your digital
wallet using blockchain technology, in 2020 8th IEEE
International Conference on Mobile Cloud Computing,
Services, and Engineering (MobileCloud). IEEE, 2020,
pp. 90–95.
[31] B. Pfitzmann and M. Waidner, “Privacy in browser-based
attribute exchange, in Proceedings of the 2002 ACM
workshop on Privacy in the Electronic Society, 2002, pp.
52–62.
[32] R. Soltani, U. T. Nguyen, and A. An, “Prac-
tical key recovery model for self-sovereign iden-
tity based digital wallets, in 2019 IEEE Intl Conf
on Dependable, Autonomic and Secure Computing,
Intl Conf on Pervasive Intelligence and Computing,
Intl Conf on Cloud and Big Data Computing, Intl
Conf on Cyber Science and Technology Congress
(DASC/PiCom/CBDCom/CyberSciTech). IEEE, 2019,
pp. 320–325.
[33] ——, “Decentralized and privacy-preserving key man-
agement model,” in 2020 International Symposium on
Networks, Computers and Communications (ISNCC).
IEEE, 2020, pp. 1–7.
[34] V. Schlatt, J. Sedlmeir, S. Feulner, and N. Urbach,
“Designing a framework for digital kyc processes built
on blockchain-based self-sovereign identity,” Information
& Management, p. 103553, 2021.
[35] J. Sedlmeir, R. Smethurst, A. Rieger, and G. Fridgen,
“Digital identities and verifiable credentials, Business
& Information Systems Engineering, vol. 63, no. 5, pp.
603–613, 2021.
... In [4], the authors performed a Systematic Literature Review (SLR) on digital identity wallets focusing on users' private data. Their results confirm the need for digital identity wallets, with the main reasons being having secure storage for cryptographic keys, ways to manage identifiers and data, and others. ...
... Two main building blocks comprise SSI as a whole: Decentralized Identifiers (DIDs) [17] and Verifiable Credentials (VCs) [18]. Both standards are recommendations by the World Wide Consortium (W3C) 3 , and are defined by W3C and the Decentralized Identity Foundation (DIF) 4 . DIDs are based on standardized globally unique persistent identifiers, similar to Uniform Resource Identifiers (URI). ...
... Digital wallets are software applications allowing users to manage their digital identifiers and related assets securely. There are several implementations of digital wal- lets, e.g., mobile, desktop, browser, cloud, or hardwarebased, whereby each of these implementations could be for multiple types of digital wallets, like the e-banking wallets, EUDIW (European Digital Identity Wallet), Web3 (crypto) wallets and SSI wallets [4], [14]. In this paper, we focus on digital wallets where digital identities are based on cryptography, i.e., public-key cryptography, and users store their identity keys in their wallets. ...
Orchestrating Digital Wallets for On- and Off-Chain Decentralized Identity Management
Article
Full-text available
  • Jan 2023
Digital identity is becoming one of the core elements during the digitalization age, when more and more processes and interactions are taking place in the digital sphere. Therefore, current identity management approaches will define how these interactions will look in the future, but different fields and communities often approach management with their own solutions and tools, despite their similarities. This includes decentralized digital identities, where the identity is managed with asymmetric cryptographic keys, and no centralized entity oversees the whole identity system. This paper focuses on managing on- and off-chain decentralized digital identities, with the former being used for blockchain networks and the latter for self-sovereignty and privacy. While both types of decentralized identity build on the same cryptographic and identity primitives, there is no single wallet that handles both. Therefore, this paper proposes an orchestration solution for both wallet types, which enables their convergence to a single universal wallet and validates it with a real-life decentralized identity use case.
View
... In the first phase: (1) we conduct a thorough literature review on digital identity wallets, eIDAS2, and SSI [35,57,60,63] to identify and extract the design requirements, both functional and non-functional, that these wallets are developed for, (2) we use next a reference technology architecture (specifically, ToIP [3]) to study the technological possibilities for these wallet solutions. As a result, we provide Table 1 with a list of non-functional requirements and the technologies that may be employed to meet them. ...
... Identity wallets also provide secure storage for cryptographic material associated with the data. The wallet may additionally have functionalities for recovery and back up [35,57,60]. The eIDAS2 regulation counts several functionalities as well for the EUDI Wallet in a recently published Architecture and Reference Framework (EUDI-ARF) [18]. ...
Control is Nothing Without Trust a First Look into Digital Identity Wallet Trends
Chapter
Full-text available
  • Jul 2023
In recent years, user-centric digital identity wallets have become increasingly available, aiming to give individuals direct control over their personal data. The EU proposal in the context of the recently revised eIDAS and its EU digital identity wallet reflects the high ambitions in this field at the EU level. However, to the best of our knowledge, no research review on the core technologies used to implement various features of these wallet solutions has been proposed so far. Our work addresses this issue providing a systematic analysis of a selection of available digital identity wallets on the market in terms of the technologies used to establish trust and controlled sharing. Building on this overview and help providers (including companies and European Member States) in charge of developing secure and trustworthy wallet-based infrastructures, we propose a classification of wallet solutions along two main dimensions (namely trust establishment and controlled credential sharing) with the goal of assisting designers to make informed design decisions and guarantee security, privacy, and trustworthiness.KeywordsDigital IdentityIdentity WalletTrust
View
... For that the user relies on self-sovereign identity attributes, which they receive from an issuer or identity provider in the form of digital credentials. The user then stores their credentials in a digital identity wallet [40]. To authenticate, the user bundles the needed credentials to its service request and sends it to the SP. ...
... Our system consists of the following actors/components: User (Prover): The actor that wants to access a resource or consume a service at the SP, and needs to authenticate to do so. Their identity attributes are stored in form of digital credentials in a digital identity wallet [40]. Part of the wallet, the user's system is also a policy client, which prepares a presentation token that satisfies a presentation request. ...
Extending Expressive Access Policies with Privacy Features
Preprint
Full-text available
  • Dec 2022
Authentication, authorization, and trust verification are central parts of an access control system. The conditions for granting access in such a system are collected in access policies. Since access conditions are often complex, dedicated languages -- policy languages -- for defining policies are in use. However, current policy languages are unable to express such conditions having privacy of users in mind. With privacy-preserving technologies, users are enabled to prove information to the access system without revealing it. In this work, we present a generic design for supporting privacy-preserving technologies in policy languages. Our design prevents unnecessary disclosure of sensitive information while still allowing the formulation of expressive rules for access control. For that we make use of zero-knowledge proofs (NIZKs). We demonstrate our design by applying it to the TPL policy language, while using SNARKs. Also, we evaluate the resulting ZK-TPL language and its associated toolchain. Our evaluation shows that for regular-sized credentials communication and verification overhead is negligible.
View
... This endeavor could lead to wallets being used extensively throughout Europe. The concept of a digital identity wallet (wallet) is often presented in connection with self-sovereign identity (SSI) [PAZ22]. This is a new approach to identity management based on decentralized organization [Eh21]. ...
A more User-Friendly Digital Wallet? User Scenarios of a Future Wallet
Conference Paper
Full-text available
  • Jun 2023
Identity wallets enable the management and use of digital identities and verification documents stored in one app. Users manage their data independently and decide for themselves which data they want to disclose for identification purposes. Recent research shows that current digital wallets face many usability problems, which makes it difficult for users to grasp their concept and how to use them. This paper presents an enhanced concept of a wallet, where its functionality is presented with user scenarios that have a user centric approach. The user scenarios illustrate a variety of possible uses of the wallet. For example, the new wallet concept envisions, how data can be transferred from one wallet to another person's wallet, how data can be managed by different people in one wallet, or how only individual pieces of information from credentials can be shared to maintain greater privacy for users.
View
... To reap the above-mentioned benefits of SSI it is necessary to provide a functional technical infrastructure supporting the exchange of VCs [LKA21]. While some research has been carried out on the properties of mobile wallet applications for private persons [PAZ22;Sa22], we focus in this research paper on the role of organizations in the SSI paradigm. Previous research shows that a fundamental challenge in developing SSI systems is a lack of understanding of the core aspects of the paradigm and how they relate to existing organizational practices [LKA21;Se21]. ...
Lifting the Veil of Credential Usage in Organizations: A Taxonomy
Conference Paper
Full-text available
  • Jun 2023
With the emergence of self-sovereign identity (SSI) as a paradigm for digital identity management the handling of verifiable credentials (VCs) has become an important topic in organizations. Organizations process a wide variety of documents which can be considered credentials. Previous research shows that a challenge in developing SSI systems is a lack of understanding of the core aspects of the paradigm and their relation to existing organizational practices. Our research focuses on the different characteristics of credentials in organizations and maps the characteristics of VCs to physical credentials. Our findings indicate that credentials in organizations can be classified by ten dimensions. Additionally, VCs have many possible characteristics of physical credentials, although implementation and support for certain features may be vendor-specific. Finally, we provide insights and suggestions for SSI researchers and developers.
View
... For our experiment, we have selected five major tasks (Table 1) based on the core functions of an SSI wallet specified in the literature [24,21,23]. To make it easy for evaluators, we focus on a scenario where a user (Alice) will receive a college diploma and will prove to her new employer she graduated college to get a job. ...
Usability Evaluation of SSI Digital Wallets
Chapter
Full-text available
  • Jun 2023
Self-sovereign identity (SSI) is a new decentralized ecosystem for secure and private identity management. In contrast to most previous identity management systems where the service provider was at the center of the identity model, SSI is user-centric and eliminates the need for a central authority. It allows the user to own their identity and carry it around in a form of digital identity wallet, for example, on their mobile device or through a cloud service. The digital wallet supports mechanisms for key generation, backup, credential issuance and validation, as well as selective disclosure that protects the user from unintended sharing of user’s personal data. In this article we evaluate the usability of existing SSI digital wallets: Trinsic, Connect.me, Esatus and Jolocom Smartwallet. We study how these early experiments with SSI address the usability challenges. We aim to identify the potential obstacles and usability issues, which might hinder wide-scale adoption of these wallets. Applying the analytical cognitive walkthrough usability inspection method, we analyse common usability issues with these mobile-based wallets. Our results reveal that wallets lack good usability in performing some fundamental tasks which can be improved significantly. We summarize our findings and point out the aspects where the issues exist so that improving those areas can result in better user experience and adoption.Keywordsself-sovereign identitydigital walletusability study
View
... All of these are based on software applications and an encrypted database where users (identity holders/controllers) store identifiers, cryptographic material (private keys), digital credentials, and other sensitive, private data. In addition to storage, such wallets usually support data acquisition, verification, management, and sharing [9], while recovery and backup represent a desired functionality. Various companies and governments endeavour to develop SSI wallets, and many are already available, e.g., VIDwallet, Trinsic Wallet, esatus Wallet, Connect.Me, Gataca, Lissi Wallet [10], SSI Snap [11], etc. ...
Towards a Catalogue of Self-Sovereign Identity Design Patterns
Article
Full-text available
  • Apr 2023
Self-sovereign identity (SSI) is a user-centric, decentralised identity approach that provides a means for identification, authentication, and authorisation without the involvement of external entities, responsible for identity provisioning and management in current centralised and federated approaches. In general, the basic building blocks of an SSI system include decentralised identifiers, verifiable credentials, identity wallets, a verifiable data registry, and three main actors: issuer, identity holder, and verifier. Even though the SSI field is dominated by proposals, SSI systems can be implemented in different ways, which is reflected in the absence of a well-defined architecture. Thus, the best implementation is still a matter of research, the requirements of the individual system, and its field of application. However, well-designed and implemented systems are crucial to avoiding failures, speeding up the development process, ensuring high quality, and the broader adoption of SSI solutions. Hence, the main objective of this study was to identify design patterns and good practices of the SSI ecosystems by reviewing and analysing the literature, technical documentation, and existing SSI implementations. Therefore, the study is built on existing knowledge, and presents a comprehensive catalogue of thirty-five SSI design patterns that can serve as a starting point for a possible SSI system design.
View
Privacy, Safety, and Security in Extended Reality: User Experience Challenges for Neurodiverse Users
Chapter
Full-text available
  • Jul 2023
Neurodevelopmental disorders are a group of disorders that affect the development of the nervous system, leading to abnormal brain function, which may affect emotion, learning ability, self-control, and memory. Such disorders include Attention Deficit Hyperactivity Disorder (ADHD), Autism Spectrum Disorder, specific learning disorders such as dyslexia, traumatic brain injury, and others. The effects of neurodiversity tend to last for a person’s lifetime. Neurodiversity (ND) has recently become a serious topic in cybersecurity because the perceived skills shortage has opened the door for ND candidates. However, ND introduces some cybersecurity challenges. For instance, in the educational domain, a minor manipulation of an online quiz design can have significant implications on the ability of students with ADHD to answer correctly. This type of manipulation can become a major vulnerability that can be exploited by skilled attackers and lead to a serious human-targeted Cyber-Physical System attack. Although the research community has dedicated significant research towards accessibility in the XR realm, there is still not a fair and adequate amount of research concerning potential immersive threats affecting neurodiverse users in XR. We need to shed light on a need for a revision in our collective understanding of risks brought on by XR technology.KeywordsAccessibilityCybersecurityExtended RealityNeurodiverse Users
View
Designing and Evaluating a Resident-Centric Digital Wallet Experience
Chapter
  • Jul 2023
This paper focuses on the results of usability testing of a self-sovereign digital identity (SSI) wallet prototype designed by the Ontario Digital Service User Experience team. The prototype was tested with 47 Ontario residents (with 29 participants cited in this research), and analyzed through moderated semi-structured interviews and short usability test tasks. The main themes from the sessions were related to security and recovery, scanning quick response (QR) codes, and connecting with service providers. Users had some preconceived notions about digital wallets, were apprehensive about the privacy and security of their personal information, and had a desire for a recovery protocol. The biometric authentication protocol raised concerns about inaccessibility to the wallet in case of device issues, and the QR code scanning process was not aligned with users’ mental model and posed accessibility challenges. The concept of connections with service providers was also unclear. Based on these findings, we discuss recommendations around user-centric security and recovery framework and alternative accessible patterns for digital wallet experiences to support resident-level adoption.KeywordsSSIDigital WalletUsability
View
Ist das die Wallet der Zukunft?
Article
Full-text available
  • Mar 2023
Zusammenfassung Heutzutage werden digitale Identitäten oft unsicher umgesetzt und sind mit der Erstellung von vielen unterschiedlichen Accounts durch Nutzende verbunden. Das soll langfristig durch die Nutzung sogenannter Digital Identity Wallets verbessert werden. Diese Wallets ermöglichen die Verwaltung und Nutzung von digitalen Identitäten sowie Nachweisdokumenten. Dazu gehören unter anderem Nachweise wie der Führerschein, der Bibliotheksausweis oder auch Flugtickets. Alle diese Daten können gemeinsam in einer Wallet-App auf den Endgeräten der Nutzenden gespeichert werden. Die Nutzenden verwalten ihre Daten eigenständig und entscheiden selbst darüber, welche und wie viele Daten sie über sich preisgeben wollen. Aktuelle Forschungen zeigen allerdings, dass die bisher entwickelten Wallets Usability-Probleme aufweisen, sodass Nutzende nur schwer das Konzept dieser Wallets greifen können. Zudem weisen heutige digitale Dienstleistungen zahlreiche Hürden auf, welche den Einsatz von digitalen Identitäten erschweren. In diesem Beitrag wird basierend auf einer Wallet-Analyse und User-Experience-Anforderungen ein Konzeptvorschlag für eine nutzungsfreundlichere Wallet vorgestellt, bei der die Nutzenden im Mittelpunkt stehen. So sieht dieses Konzept einen umfangreicheren Funktionsumfang im Vergleich zu aktuellen Wallet Umsetzungen vor, mit dem Ziel die Wallet stärker den Bedürfnissen der Nutzenden anzupassen. Darunter fallen Funktionen wie die Kommunikation zwischen Wallet und Dienstanbieter ohne die Notwendigkeit des Teilens von Kontaktdaten, die Option der Dauervollmachten zur Freigabe von Daten, die Möglichkeit der Verwaltung von Daten in Vertretung anderer Personen sowie die Organisation der eigenen Daten.
View
Designing a Framework for Digital KYC Processes Built on Blockchain-Based Self-Sovereign Identity
Article
Full-text available
Know your customer (KYC) processes place a great burden on banks, because they are costly, inefficient, and inconvenient for customers. While blockchain technology is often mentioned as a potential solution, it is not clear how to use the technology’s advantages without violating data protection regulations and customer privacy. We demonstrate how blockchain-based self-sovereign identity (SSI) can solve the challenges of KYC. We follow a rigorous design science research approach to create a framework that utilizes SSI in the KYC process, deriving nascent design principles that theorize on blockchain’s role for SSI.
View
View
View
View
A blockchain empowered and privacy preserving digital contact tracing platform
Article
Full-text available
The spread of the COVID-19 virus continues to increase fatality rates and exhaust the capacity of healthcare providers. Efforts to prevent transmission of the virus among humans remains a high priority. The current efforts to quarantine involve social distancing, monitoring and tracking the infected patients. However, the spread of the virus is too rapid to be contained only by manual and inefficient human contact tracing activities. To address this challenge, we have developed Connect, a blockchain empowered digital contact tracing platform that can leverage information on positive cases and notify people in their immediate proximity which would thereby reduce the rate at which the infection could spread. This would particularly be effective if sufficient people use the platform and benefit from the targeted recommendations. The recommendations would be made in a privacy-preserving fashion and contain the spread of the virus without the need for an extended period of potential lockdown. Connect is an identity wallet platform which will keep user digital identities and user activity trace data on a blockchain platform using Self-Sovereign Identity(SSI) proofs. User activities include the places he/she has travelled, the country of origin he/she came from, travel and dispatch updates from the airport etc. With these activity trace records, Connect platform can easily identify suspected patients who may be infected with the COVID-19 virus and take precautions before spreading it. By storing digital identities and activity trace records on blockchain-based SSI platform, Connect addresses the common issues in centralized cloud-based storage platforms (e.g. lack of data immutability, lack of traceability).
View
Connect - Blockchain and Self-Sovereign Identity Empowered Contact Tracing Platform
Chapter
Full-text available
  • Feb 2021
The COVID-19 pandemic in 2020 has resulted in increased fatality rates across the world and has stretched the resources in healthcare facilities. There have been several proposed efforts to contain the spread of the virus among humans. Some of these efforts involve appropriate social distancing in public places, monitoring and tracking temperature at the point of access, etc. In order for us to get back to the “new normal", there is a need for automated and efficient human contact tracing that would be non-intrusive and effective in containing the spread of the virus. In this paper, we have developed “Connect", a Blockchain and Self-Sovereign Identity (SSI) based digital contact tracing platform. “Connect" will provide an automated mechanism to notify people in their immediate proximity of an occurrence of a positive case and would reduce the rate at which the infection could spread. The platform’s self-sovereign identity capability will ensure no attribution to a user and the user will be empowered to share information. The ability to notify in a privacy-preserving fashion would provide businesses to put in place dynamic and localized data-driven mitigation response. “Connect’s" SSI based identity wallet platform encodes user’s digital identities and activity trace data on a permissioned blockchain platform and verified using SSI proofs. The user activities will provide information, such as places travelled, travel and dispatch updates from the airport etc. The activity trace records can be leveraged to identify suspected patients and notify the local community in real-time. Simulation results demonstrate transaction scalability and demonstrate the effectiveness of “Connect" in realizing data immutability and traceability.
View
A Security Analysis of Blockchain-based DID Services
Article
Full-text available
  • Jan 2021
Decentralized identifiers (DID) has shown great potential for sharing user identities across different domains and services without compromising user privacy. DID is designed to enable the minimum disclosure of the proof from a user’s credentials on a need-to-know basis with a contextualized delegation. At first glance, DID appears to be well-suited for this purpose. However, the overall security of DID has not been thoroughly examined. In this paper, we systemically explore key components of DID systems and analyze their possible vulnerabilities when deployed. First, we analyze the data flow between DID system components and analyze possible security threats. Next, we carefully identify potential security threats over seven different DID functional domains, ranging from user wallet to universal resolver. Lastly, we discuss the possible countermeasures against the security threats we identified.
View
View
SSI Strong Authentication using a Mobile-Phone based Identity Wallet reaching a High Level of Assurance
Conference Paper
  • Jul 2021
Assurance in digital authentication means represents a fundamental requirement in the authentication process of digital identities. Different level-of-assurance (LoA) describe the trustworthiness of the authentication specified by various standards. Some traditional governmental identity systems achieve a high LoA. Nevertheless, the recent self-sovereign identity (SSI) model, which utilizes identity wallets to ensure that the identity data control remains with the related user, still lacks a high LoA, detaining the full potential of SSI such as using it for sensitive use-cases like for eGovernment or public administration services. This work tackles this problem by starting with assessing related LoA standards. Based on this assessment are requirements defined to achieve an LoA high. These requirements are utilized in the process of defining and evaluating our proposed concept. Our generic serves as the foundation for other developers, aiming to elevate the LoA in their SSI systems. The implementation of a proof-of-concept showcases the feasibility and practicability of our concept. In the evaluation, we identify measures provided by our concept, used to meet the defined requirements, and discuss the design decisions.
View
Revocable and Offline-Verifiable Self-Sovereign Identities
Conference Paper
  • Dec 2020
Identity management systems enable users (i.e., provers) to authenticate and provide attributes to verifiers by using certified credentials obtained from an authority. To accept such a credential, verifiers require information on whether the presented credentials are still valid or if they have been revoked. Up-to-date revocation information can be obtained from a revocation database; however, this requires that the verifier or prover is online. The problem becomes more interesting in the offline case when the prover (e.g., citizen) and verifier (e.g., police officer) do not have an Internet connection to query the revocation status of the presented credential (e.g., digital driver's license). In this paper, we extend the Self-Sovereign Identity (SSI) model to support both revocation as well as offline-verification. Our concept introduces attestations of validity for a point in time, which are issued by the SSI network for credentials that have not been revoked, i.e., added by authorized entities to a revocation list. The concept aims to be generic so that it can be used for various use cases, e.g., by giving users the control over the frequency of re-attestation. To show our concept's feasibility and practicality, we developed and evaluated an implementation that includes an efficient and privacy-preserving showing of credentials using non-interactive zero-knowledge proofs, all while being offline.
View