Product update: December 2023

In this update:

• Announcing the latest entry in the MATTR Credential Profiles suite - MATTR Mobile Credentials

• New capabilities for ecosystem operators to configure and publish ecosystem policies

• Self-service enhancements enabling configuration of claims sources and authentication providers

• Improved integration of claims sources and interaction hooks with OpenID Credential Issuance

• Experience enhancements for customers on the MATTR VII and MATTR Pi platforms

Mobile Credentials launches with end-to-end support

We’re pleased to announce the launch of MATTR Mobile Credentials, the latest addition to MATTR’s Credential Profile line up.

Based on the ISO/IEC 18013 standards series and 23220 technical specification, MATTR Mobile Credentials are digital identity documents designed to be stored in a digital wallet on the holder’s mobile device. They work by packaging the credential data together with the security and authentication mechanisms needed to complete a secure credentials verification interaction directly between parties through their mobile devices, typically over a Bluetooth connection.

MATTR’s Mobile Credentials offering supports a variety of advanced security features to authenticate the issuer, the device, and the holder, making them an ideal choice for use cases requiring higher-assurance identity credentials, such as driving licenses or national IDs.

As they are designed to be stored in a digital wallet on a mobile device, Mobile Credentials allow for a more secure binding between the mobile device and the credential, as well as a tighter native integration with iOS and Android. This means credential presentation methods can use close-proximity technologies such as Bluetooth Low Energy (BLE) making them well suited to in-person use cases such as proving disability statuses, commercial licenses, or vehicle registrations to patrol or ticketing officers.

Launch of Mobile Credentials with end-to-end support means that MATTR platforms now enable:

• Managing Issuing Authority Certificate Authorities (IACAs) and Document Signer Certificates (DSCs) in MATTR VII.

• Mobile Credential Issuance via the OpenID4VCI provisioning flow in MATTR VII with all the same richness in the current MATTR issuance capabilities, such as introducing authentication and claims from your existing source systems.

• Ability to bind, hold and share credentials in a wallet application built with the MATTR Pi Mobile Credential Wallet SDK.

• Verification of Mobile Credentials using MATTR Pi Mobile Credential Proximity Verifier SDK or other interoperable implementations.

Mobile Credentials joins Web Credentials and Compact Credentials to extend MATTR’s Credential Profile suite. With a range of architectural choices based on distinct types of data, levels of assurance, customer journeys and channels, MATTR’s Credential Profile suite now offers even greater levels of flexibility to support your digital trust use cases and applications.

Powerful and flexible capabilities for ecosystem operators

We’re also announcing the release of MATTR’s Ecosystem Operations capabilities, a brand-new set of APIs which allow ecosystem operators to configure and publish ecosystem policies through the MATTR VII platform.

These APIs give ecosystem operators the tools to:

• Create and manage ecosystems related to their tenant

• Configure permissions for ecosystem participants to control who can engage in an ecosystem, and in what role

• Create and publish credential lists to control which credentials are allowed in an ecosystem

• Publish roles and policies to manage trusted issuers, including which credentials each entity can issue

• Publish roles and policies to manage trusted verifiers

From the start, MATTR has been focused on solving problems related to enabling digital trust. Our primary method of addressing these challenges has been to use a new set of technologies that allow for information to be digitally signed and verified by people and organisations.

These capabilities enable a type of “cryptographic trust” which relies on the use of digital signatures produced by public/private keypairs to verify trust system elements such proofs, claims, issuer authenticity, credential statuses and validity periods.

As we’ve worked with customers on real-world use cases and production deployments, the importance of addressing other components of trust beyond these core elements has become clearer. Often, it is not enough to know that something was signed by a certain key but to know who that key belongs to, or who else trusts that key. Further, we need ways to discover new or expired keys as they are updated or as entities move across contexts and domains.

Solving these issues is at the heart of establishing the “ecosystem trust” layer, ensuring a human level of trust across communities and economies. Beyond the roles of issuers, verifiers, and holders, another distinct role shows up in ecosystems – that of the “ecosystem operator”.

Operating at the infrastructure or public goods layer, the ecosystem operator plays the key role of facilitating and maintaining the broader trust network, by publishing and managing ecosystem policies such as accredited lists of wallets, credentials, issuers, and verifiers.

Our Ecosystem Operations tools are designed to support this critical role in the trust fabric and are now available for you to use. We’re continuing to invest and build further capabilities into this toolset and welcome your inputs and feedback.

Next investments include onboarding tooling, policy synchronization across tenants, verification integration, policy enforcement, and more. For more on ecosystems, check out our Ecosystems tutorials on MATTR Learn and contact us to discuss your priorities and requirements.

New features in our self-service toolkit to ease issuer onboarding

As digital trust ecosystems grow and become more complex and dynamic, ecosystem operators need better tools to help them manage their ecosystem lifecycles efficiently and effectively.

In our September product release, we announced the launch of a new web portal for self-service which offers capabilities for tenant management, events monitoring and analytics, management of DIDs, and more.

This release, we’re announcing the addition of new self-service features designed to make the process of credential issuance easier than ever, using our OpenID Credential Issuance capabilities.

These new features improve your ability to manage key platform elements:

• Authentication providers – configure your existing identity provider and authenticate end-users before issuing credentials to them.

• Claims sources – connect and integrate your existing data sources, making it seamless to fetch the claims you need for credential issuance.

As with our other self-service capabilities, these features are fully embedded in our APIs, and can also be used through your own platform management tooling and interfaces.

We are committed to empowering and supporting ecosystem operators with the tools they need to manage ecosystem lifecycles, resources, and participants more effectively. Look out for more self-service portal features coming soon, including capabilities for credential configuration and OpenID provider configuration.

Contact us if you’re interested in using self-service capabilities today, or check out our latest tutorials covering the self-service portal, management API, and analytics API.

Improved integration with claims sources and interaction hooks using OpenID Credential Issuance

Since introducing OpenID Credential Issuance to MATTR VII, we’ve been working hard to extend and improve the experience of using OpenID Credential Issuance across our products. This is in line with our standards-based approach underpinning development across all MATTR platforms and products, and our support for the evolution of a strong globally connected digital trust ecosystem.

With a focus on new features that simplify real-world integrations and implementations, our September 2023 release introduced interaction hooks and support for multi-credential issuance in a single flow, enabling support for different credential profiles.

With this update we’re announcing additional features that make OpenID Credential Issuance even easier to use. These enhancements add the ability to:

• Configure the maximum validity period for an interaction hook.

• Authenticate claims sources using your preferred method, including support for OAuth Client Credentials in addition to API keys.

• Query claims source data using your preferred method, with support for POST requests in addition to GET requests.

• Query your claims source using credential configuration in your request. This allows you to request only the user claims needed for your configuration.

Want to get started? Check out the claims source and interaction hooks pages on MATTR Learn for more. If you have feedback or want to learn more about what’s coming next, please contact us.

Platform enhancements for performance, usability, and reliability

Ensuring our platforms and products continue to be class-leading in enabling your digital trust use cases and applications, is a relentless focus for us here at MATTR. Based on your feedback, we have included a raft of experience improvements for you and your partners in this update.

For MATTR VII and MATTR Pi platform customers:

• We have added further details to your MATTR VII tenant metadata, so you can more easily interact with your tenant.

• As part of improving the verification process, we’ve simplified the structure of the callback payload to make it easier to consume and understand.

• To that same end, we’ve shortened the Presentation request QR code, making it easier to read and process.

• We have improved SDK error handling, giving you more information to help address any challenges you may encounter.

• When a credential is removed from a Credential Registry, we will now automatically revoke that credential as well, creating a simpler one-click experience for registry maintainers.

For developers using the MATTR Showcase Wallet to test their solutions and our MATTR GO Wallet customers we have continued to invest in new feature updates, which now include:

• For better navigation and discovery, users can now sort and filter their list of credentials by collection or expiry status as well as stay on the Wallet tab when a credential is deleted.

• We have also added the ability for users to instantly accept incoming credential offers to reduce friction and require fewer clicks to maintain.

• Wallet activity details are now auto refreshed so you can always stay up to date with what’s going on in your wallet.

Take the next step

To discover more about MATTR products and platforms, visit us at MATTR Learn.

If you’re interested in using MATTR Platforms to address your digital trust imperatives, get started with our MATTR Platforms overview or review our up-to-date documentation.

Working through our step-by-step Tutorials? Sign up for a free trial of MATTR VII and try things out for yourself!