Tom,

Great questions. I think the ISO 18013-5 standard addresses 1 and 3 very clearly in the standard use.

1. Who wants to know? mDL transactions are only conducted after the exchange of engagement data. This step can only be initiated by the mDL holder and is done using NFC or QR. There is not a method to engage the mDL at a distance in the Day 1 standard.

3. What data is requested? It is a functional requirement of the standard that the mDL and mDL reader support selective disclosure of data. In most prototypes I have seen this is accomplished by presenting the Holder with a list of data elements that have been requested in the transaction and allows the Holder to consent to the release of each data element individually.

What the Relying Party then does with the information received is outside the scope of standard's requirements so it's back to best practices. This is an area where policy and laws will have to accomplish the necessary privacy controls.

Best,

Christopher

On Sun, Jan 17, 2021, 4:25 PM Tom Jones <thomasclinganjones@gmail.com> wrote:

I am trying to see what the user of a smartphone would know before releasing data to the reader. While that seems not to be covered in the ISO document. It does seem to be important to the report from this DG.

Here is what I would expect myself to see.
1. Who wants to know - i would hope this would be a trustworthy statement of the reader's owner. (That seems to be missing from the std.)
2. What will they do with the information?
3. What data is requested. Most interesting is the picture and ID #.

My guess is that in the NFC case the assumption is that the user can see who is asking. But consider the case of a line waiting to get into a bar. Some big burly guy walks down the line asking to "see" proof of age. He harvests all the data and then just walks away.

Peace ..tom
_______________________________________________
Dg-mdl mailing list
Dg-mdl@kantarainitiative.org
https://kantarainitiative.org/mailman/listinfo/dg-mdl