Guiding Principles for Digital Wallets
State of Digital Wallets – Part 5/16
This post, “Guiding Principles for Digital Wallets,” is an excerpt from a report entitled The Current and Future State of Digital Wallets, which is being shared here as a 16-part series. Download a copy of the report. Read a complete summary.
***********************
A few high-level guiding principles should be kept in mind for those designing, building, and using Digital Wallets to create user experiences.
Consent-Driven
In 2018, we saw a significant shift in consumer behaviour, with people becoming increasingly aware of social media and the surveillance economy. Until the beginning of the Digital Wallet era, there weren’t many alternatives. Doc Searls envisioned a new way of sharing information, where a “fourth party” helps ensure our data is treated well and shared with our consent. These “fourth party” players are analogous to Agents discussed in this report.
Digital Wallets play a role in creating the “intention economy,” and thus consent becomes a two-way process as opposed to the one-sided process it is now. A Digital Wallet will need to be able to provide the intentions – and give consent to those willing to play by the rules that our Agents enforce for us.
Consent-driven approaches to sharing information don’t need to be complex, but we need tools to simplify it. Constantly being asked to consent to something that you want to do is annoying. The Agents in our Digital Wallets can help maintain a balance between convenience and consent.
Privacy by Design
A person owns a Digital Wallet; the software and the collection of stuff in it is a personal asset and will also likely contain private information. Keeping the 7 Foundational Principles of Privacy by Design top of mind is vital when creating a Digital Wallet. These principles, created by Dr. Ann Cavoukian, provide high-level guidance that can help guide efforts in designing Digital Wallets.
The aspirations of the Privacy by Design principles often leave technical people looking for more profound guidance. Daniel Hardman and Jason Law of the Sovrin Foundation (and Evernym) provide excellent advice in “Self-Sovereign Privacy By Design.”
Security by Design
Digital wallets should adhere to a “Security by Design” approach. Although Security by Design is still emerging, it is essential for ensuring the privacy and security of users’ identity. The Sovrin Governance Framework is the best source of information on this topic, as it focuses on self-sovereign aspects that empower individuals and organizations to control their identity documents.
The Framework covers the following principles (excerpted from the Sovrin Governance Framework):
- System Diversity
- Secure Defaults
- Least Privilege
- Anti-Impersonation
- Auditability
- Secure Failure
- Pervasive Mediation
Portable and Open by Default
While previous digital wallet initiatives have not been entirely successful, the most common issue has been that they function as closed systems. Closed systems have several inherent weaknesses, the two most significant of which are:
- that people are locked in and unable to move to other platforms, and
- Vendors not part of the company or consortium are excluded and have no incentive to participate.
The second factor has caused failures of Wallets since Microsoft released Passport two decades ago. Though it continues to exist, it has devolved into an authentication capability used exclusively by Microsoft. Current Wallets like Apple Pay and Google Pay are more open but still require participating organizations to adhere to rules they set alone.
The lock-in effect is more difficult to understand impact-wise. When there is no ability to carry your information, there is a natural resistance to investing too heavily – with our efforts and information.
Ensuring the portability of the information contained in a Digital Wallet removes both factors that have caused failures. Multiple solid examples of standards-based, portable systems have created massive industries. The best example is the web browser industry which has enabled a multi-trillion dollar industry – based on common standards and portable information.
***********************
This post, “Guiding Principles for Digital Wallets,” is an excerpt from a report entitled The Current and Future State of Digital Wallets, which is being shared here as a 16-part series. Download a copy of the report. Read a complete summary.
Visit our blog, follow us on social media, and subscribe to our newsletter to stay up to date and learn more!