Introduction
The arrival of OID4VP 1.0, the first official version of OpenID for Verifiable Presentations, marks a major milestone for digital identity. Put simply, OID4VP standardizes how digital wallets can present verifiable credentials (VCs) to websites and services in a secure, privacy-respecting and user-controlled way.
In this post, we explore what OID4VP enables, the problems it solves, and how it’s laying the foundation for scalable, trusted digital interactions.
Why this matters now
Verifiable credentials have long held promise. But until now, presenting them in practice has required custom integrations, fragmented approaches, or trade-offs on privacy and usability.
OID4VP 1.0 changes that. It provides a standardized and interoperable way for credentials to be shared and verified across ecosystems, making real-world use cases not just possible but practical.
For users, this means the ability to:
Present a digital ID to access public services or open a bank account.
Prove age or qualifications without oversharing personal data.
Approve sensitive transactions or sign documents directly from a digital wallet.
For organizations and network operators, OID4VP offers:
- A standardized protocol for requesting and presenting verifiable credentials.
- Interoperability across wallet types, credential formats and trust frameworks.
- Compatibility with existing OpenID Connect (OIDC) and OAuth infrastructure, reducing implementation cost and complexity as demonstrated by the NCCOE mobile Driving License (mDL) project involving MATTR.
These capabilities are no longer theoretical. Backed by conformance tooling, interoperability tests and growing ecosystem adoption, OID4VP powers EUDI Wallet pilots, cross-border digital ID systems and real-world deployments like the California DMV’s mDL login service.
How it works
At its core, OID4VP enables a simple but powerful flow: A holder uses a digital wallet to present credentials to a verifier (such as a government, financial service, or any other relying party) based on mutual trust frameworks.
Key benefits include:
- Interoperability across ecosystems and credential types: A traveller can present a government-issued digital ID (in ISO mDL format) alongside a health certificate (in W3C VC format) from the same wallet to check into a hotel abroad, regardless of the verifier’s system or trust framework.
- Privacy through selective disclosure and explicit user consent: A user buying age-restricted goods online can prove they are over 18 without revealing their exact birthdate, address, or full ID, sharing only what’s necessary with full control over each data point.
- Security grounded in battle-tested OAuth flows and the Digital Credentials API: When sharing credentials, signing a legal document or authorizing a sensitive transaction, the verifier uses hardened security flows familiar from online banking and healthcare apps, reducing phishing risk and ensuring the credential came from the right device and person.
The result: open standards powering real-world, user-controlled digital identity.
Solving the presentation problem
In the early days of verifiable credentials, there was no standard way for users to present their credentials to verifiers. Solutions often required proprietary integrations, were specific to certain credential formats or standards, or sacrificed privacy and user control.
OpenID for Verifiable Presentations (OID4VP) emerged to solve this. Built on top of widely adopted technologies like OAuth 2.0, it leverages a security model that is already trusted by most identity systems. By reusing OAuth's well-tested flows, OID4VP offers a solid foundation for secure and privacy-preserving credential presentation.
OID4VP was designed with a clear set of priorities:
OID4VP complements other specifications in the OpenID ecosystem:
- OID4VCI (OpenID for Credential Issuance), which defines how credentials are issued.
- SIOPv2 (Self-Issued OpenID Provider), which supports authentication using self-issued identities.
These specifications share common design goals - openness, interoperability, and privacy by design - aligned with the OpenID Foundation's broader vision. For high-assurance ecosystems, the High Assurance Identity Profile (HAIP) provides consistent implementation guidance across these separate specifications.
The road to 1.0
It took almost four years from the first commit to the official release of OID4VP 1.0. Over that time, the specification evolved through close collaboration among standards bodies, implementers, and open communities, addressing a wide range of technical requirements and real-world use cases:
Proven in practice
OID4VP 1.0 is the result of input from a wide range of contributors, including OpenID Foundation (OIDF), ISO, W3C, IETF, DIF, ETSI, the EUDI Wallet community, NIST, MOSIP, and other public and private-sector organizations. Feedback from real-world implementers and ongoing interoperability testing as well as security analysis ensured the specification is practical, secure, and implementation-ready.
In parallel, the OIDF's conformance test suite was developed to validate implementations against the specification. This tooling played a critical role in identifying inconsistencies early and driving alignment across diverse participants.
Most notably, the recent OIDF interoperability test demonstrated near-perfect success rates across wallet and verifier implementations, and credential formats, confirming OID4VP's readiness for production-scale deployment.
What’s next: Making it real at scale
With OID4VP 1.0 finalized, the focus now shifts from specification to ecosystem adoption. The protocol is stable and implementation-ready, but realizing its full potential requires continued collaboration across relying parties, issuers, policy makers, and product vendors.
Areas of active adoption and refinement:
- UI/UX patterns: Making credential presentation flows intuitive for users across web, native apps, and cross-device scenarios.
- Credential ecosystem maturity: Continued progress on standardizing credential types, establishing trusted issuer and relying party registries
- Policy and trust framework alignment: OID4VP is already being integrated into frameworks like eIDAS 2.0 and referenced in assurance models like NIST 800-63. Continued alignment with data protection, liability, identity verification and electronic signature requirements will support broader adoption across sectors and jurisdictions, especially in public sector and high-assurance use cases.
MATTR is actively supporting this next phase by:
- Building interoperable product capabilities based on OID4VP 1.0 and OID4VCI.
- Participating in and leading standardization efforts on verifiable credentials across standards bodies.
- Supporting public and private sector partners in real-world pilots and production deployments.
A Milestone toward trusted digital interactions
The publication of OID4VP 1.0 marks a significant step forward for open, privacy-respecting digital identity. For the first time there is a standardized, interoperable, and implementation-ready protocol for presenting verifiable credentials online, built on technologies already trusted across the web.
This milestone is the result of years of collaborative work across communities, organizations, and implementers. It shows what's possible when we align around open standards, shared goals, and a commitment to user control, privacy and security.
At MATTR, we're proud to contribute to this journey, and we're excited to help bring OID4VP to life in products, pilots, and real-world services.
OID4VP 1.0 is live, and the best way to understand its power is to try it for yourself. Watch demos, try live tools, build with APIs, and learn how to implement.
Whether you're a product builder, policymaker, or tech lead, we’ve got everything you need to start building trusted, user-controlled digital experiences. Join us in building the future of digital trust, today.
