What is a Digital Wallet?
State of Digital Wallets – Part 2/16
This post, “What is a Digital Wallet?,” is an excerpt from a report entitled The Current and Future State of Digital Wallets, which is being shared here as a 16-part series. Download a copy of the report. Read a complete summary.
*****************************************
The general idea of a Digital Wallet is pretty simple – it’s a thing that holds our stuff. The hard part comes in identifying what is that thing and what stuff do we put into it? What does it mean to put stuff in it? What about getting our stuff out? Updating our stuff?
A wallet’s real-world parallel is only helpful to a certain extent. Different people have different ideas of what to keep in their wallets. For some, it might just be cash, a credit card, and a driver’s licence, and others might have multiple currencies, credit cards, loyalty cards, identity documents, receipts, photos, tickets, etc.
In any event, we call it all a wallet.
Digital wallets come with a wide range of capabilities. Cryptocurrency wallets typically only store the keys and addresses of wallets on each cryptocurrency’s blockchain. Other digital wallets ( such as Pillar, Connect.Me, Digi.me, and Minerva) focus on more specific areas of the digital wallet space.
Broad Digital Wallet Space
The Digital Wallet space is broad – and the purpose of this report is multifold:
- Explain the overall capabilities that define a Digital Wallet – both on a Personal and Enterprise basis (yes, they are different).
- State an opinion of where each capability sits – is it real and lives in the world yet, or is it purely aspirational or somewhere in between?
- Provide some recommendations and plans for approaching the Digital Wallet space. The space is enormous – and the efforts will exceed the resources of all but the world’s largest companies.
Firstly, it is essential to establish some key terms. More terms will be defined as this report progresses, but these three terms are integral to understanding the perspective of this report.
As an introductory concept, this wallet, Minerva from Lab10, provides the ability to manage multiple personas. You can see the personas that split out an individual citizen, work, and judo lives on the right image.
Let’s Clear up Some Terms
There is not enough agreement on terms yet in the digital wallet space. So, you and I need to agree on some definitions to prevent confusion. Keep in mind that these terms may change in the future. As of the end of 2018, this is the best I can do for you.
OK – the key terms that we’ll use throughout this report are:
- Wallet Storage refers to the encrypted database of keys, credentials, and other information put into the wallet. It’s the thing that holds your stuff.
- Agent – the software service(s) that manages things on your behalf. Agents put stuff into your wallet, take stuff out, create stuff sometimes, and keep you connected.
These two building blocks lead us to a Digital Wallet. Wallet Storage and Agent(s) combined to create an application that will shake the foundations of the internet and more. It is, in some ways, our digital twin – holding various aspects of our Digital Identity, relationships, and more.
| WARNING | The Sovrin developers use a precise definition of Wallet Storage and call it a Wallet – which is potentially misleading for the non-developer type. “A software module, and optionally an associated hardware module, for securely storing and accessing Private Keys, Link Secrets, other sensitive cryptographic key material, and other Private Data used by an Entity. An Agent accesses a Wallet [Wallet Storage]. In Sovrin infrastructure, Wallets [Wallet Storage] implement the emerging DKMS standards for interoperable decentralized cryptographic key management.” |
We will delve deeper into each of the issues above, but this should provide a sufficient foundation for the discussion. I am eager to see better terms arise. For now, the debate about names and what is holding us back.
What Aren’t We Covering
Payments
This report does not warrant further exploration of payment methods, traditional or crypto. Payment rails are well supported in Canada and globally, following standards set by many parties. Adding identity to existing payment rails is relevant but out of scope for this document. In time, digital wallets and payment rails will need to connect and support each other, which is beyond the scope.
There is some casual mention of payments and transactions made throughout; they are considered generic.
Personal Data Stores
| Personal Data Store | A personal data store (PDS), vault or data locker is a service to let an individual store, manage and deploy their key personal data in a highly secure and structured way. It enables you to keep your own data and acquire and reuse proofs of claims or relationships and qualifications (such as bank account, verified address, driving licence or passport). |
| MyDex |
A Digital Wallet is not a Personal Data Store (PDS). We are not here to talk about where we store all the digital information we gather over our lives – although the delineation of what a wallet is as opposed to a Personal Data Store is not clean. We may have immense information in our PDS – movies and music, health and financial records, emails and messages, and much more. The PDS industry is well suited to the bulk management of personal data, but it will also have Digital Wallet needs.
As we go through this report, we will discuss many topics related to PDS. We’ll keep them in mind but focus on the Digital Wallet aspects.
Crypto Wallets
The cryptocurrency world has hundreds of Wallet applications that support various cryptocurrencies. These Wallet applications tend to keep only one cryptocurrency, or they can handle multiple currencies. Regardless, Wallet applications manage the keys that control a Wallet address (or addresses) on a particular blockchain. Crypto wallets hold send and receive transactions, essentially all they do.
There is much debate surrounding the user experience of crypto wallets. Those who discuss crypto wallets with maximalists may believe these wallets are perfect for everyone. However, they are, in fact, complex and dangerous if keys are lost or stored incorrectly. Unfortunately, the crypto world does not welcome such discussion.
One key point about Crypto Wallets is that over time, their obscure usage will likely end up being something that Digital Wallets “just do.”
Hardware Wallets
Related to Crypto Wallets are the early-stage Hardware Wallet Systems that provide “cold storage” for cryptocurrency. At the time of writing, there are no Hardware Wallets that provide full Digital Wallet capabilities; these wallets are laser-focused on managing keys for cryptocurrency usage. In time, Hardware Wallets may provide self-managed “vault” capabilities, but the industry is not close enough to that level to warrant further discussion.
The Long History of Digital Wallets
Wallets have a long and storied history, with many failed attempts at innovation over the last few decades. Microsoft’s Passport initiative was one such attempt, devolving into a federated sign-on capability over time. However, many small innovations in this area will come to fruition as the digital wallet becomes more prevalent.
Mainly speaking, the historical wallet approaches have failed for some or all of the following:
- they were closed systems created to serve particular players, and they locked in their users
- they were too ambitious – you can’t eat the elephant in one bite no matter how big you are
But that’s not the point of this report. This report is about a Digital Wallet, what is needed to create one, and the business behind it.
What Can’t a Wallet Do?
If we take the technical/developer view of a Wallet or look at our physical wallets, we realize that a Wallet is just a dumb storage device. It cannot store or remove anything on its own and cannot organize information or take data from one credential and match it with information from another. A wallet is simply an object to hold items.
So how do we use a Wallet? In the physical world, we use our hands, eyes, and brains to utilize the stuff we have in what we call a Wallet.
But in the Digital Wallet world, we need software to do this for us – to act on our behalf. We need to control them and ensure that they work on our behalf – not somebody else’s control unless we are OK with the idea of somebody else having that control.
That’s where Agents come in.
What is an Agent?
Simply put, an Agent is a piece of software that acts on behalf of an Identity Owner – a Person, an Organization, or a Thing. It does a few things at a minimum to keep you connected and secure:
- it routes messages
- it encrypts and decrypts information to keep your information private
- it signs digital documents on your behalf
- it manages information in your Digital Wallet
- hopefully, it backs up our Stuff and allows us to restore
We’ll dive deeper into what else Agents can do in Agents – Deeper Detail.
The Most Basic Digital Wallet
This short section will discuss the most basic of Agents and Wallet Storage – the guts of a wallet. We will go deeper into the following two significant areas of the report.
A Digital Wallet consists of an Agent and Wallet Storage. The Agent’s role is, at minimum, the following:
- It sends and receives messages – to ask for and add credentials at a minimum.
- It may route messages to another Agent.
- It should provide an ability to back up the contents of a Wallet.
The Wallet must be secure enough to protect the Stuff it contains:
- Keys
- Various items stored in Encrypted Storage – such as Credentials
The following figure shows the essential components of a Digital Wallet.
How Do You Use A Digital Wallet?
Currently, there are several apps available that offer some of the same features as a digital wallet. Examples include Apple Wallet and Google Pay, which store payment information and tickets, and Google Authenticator, which provides additional security measures. Although it is possible to take pictures of important documents, such as a driver’s license, few authorities recognize these as legitimate. You can store receipts in various places, including photo albums, email inboxes, and apps like Dropbox. In some parts of the world, paying for goods and services using QR codes is possible, though this technology has not yet gained widespread popularity in North America.
We have a lot of pieces of a wallet, but they are like using a paperclip to hold cash – they do one thing (maybe) reasonably well, but they don’t work together.
Several limitations to current applications make them unsuitable replacements for physical wallets. For one, these apps cannot automatically detect what information is requested or needed in response. Additionally, there are no current standards for how these apps communicate requests and data between one another, meaning that entrusting sensitive information to them is not advisable.
A Family Trip Today and Tomorrow |
We often gather information from various sources when embarking on a family trip. Recently, I took a journey with three family members and, at multiple locations, different people collected data.
|
Natural Linkage
The check-in process at each location was quick and easy as we were well-organized, and the bookings were primarily at small facilities with limited business. Still, the interactions were far from seamless. Finishing up the rental car work required destroying the carbon that held the credit card information (in case of additional expense) and paying cash for missing fuel, all conducted in a sweltering parking lot while the remainder of the family waited elsewhere.
In the Story (we’ll have a few of these Stories throughout the report), we note that throughout the whole engagement, there were no natural linkages between things, e.g. was the insurance on the rental car, as provided by the credit card, sufficient? There was no linkage between the handwritten receipt from the hotel and the combination of cash and PayPal payment used to pay for services. The rental car company had no proof that the driver could handle any excess payments had any been required. The driver’s licence presented was authentic but could easily have been a fake.
Gaps Create Friction
Digital wallets can help reduce the friction we experience in our day-to-day lives. By using digital wallets, we can streamline our lives and make everyday tasks simpler. Particularly the linkages – but that raises a significant concern: privacy. Let’s take the car rental – and consider that this was all in a developing country that doesn’t have the same privacy protections as Canada. We want to maintain our privacy when renting a car in another country, and we don’t want the agency to know our credit card limit or insurance boundaries. All they need to know is that you will meet their needs, including trusting the information presented to them. We need our Digital wallets to provide information to others without revealing too much—section 4.3.20. Selective Disclosure, we discuss how such mechanisms can work.
*****************************************
This post, “What is a Digital Wallet?” is an excerpt from a report entitled The Current and Future State of Digital Wallets, which is being shared here as a 16-part series. Download a copy of the report. Read a complete summary.
Visit our blog, follow us on social media, and subscribe to our newsletter to stay up to date and learn more!
