As technology standards continue to evolve, government regulators, industry groups and early customers are starting to take positions around the credential formats appropriate for their applications, use cases and implementations.
There is a lot to keep up with: from ongoing developments in North America and around the world to the draft release of the European Union Digital Identity Architectural Review Framework (EUDI ARF), published last month. At MATTR, we’re here to help you navigate this changing world and we’re constantly investing in our products to help you unlock possibilities for public and private sector applications. Read our series on demystifying the EUDI ARF.
Find out what exciting updates are here, and coming soon, in our April product releases. These latest enhancements are focused on helping you:
- Extend issuance journeys to implement custom business logic – leveraging our interaction hooks to add additional steps to the journey. Importantly, this enables you to execute ‘off-platform’ business logic available in existing workflows and systems like additional biometric checks, identity assurance flows or information linking.
- Leverage different Credential Profiles and set up the foundations for multi-format issuance in the same flow. This is especially useful if you want to serve up more than one version/format of your credentials but don’t want to have separate or redundant provisioning flows. Our new version of OpenID Credential Provisioning allows this by supporting a ‘format’ parameter out of the box.
- Support the latest version of the emerging OpenID4VCI protocol bundled inside our OpenID Credential Provisioning flows.
- Create flexibility for credential configuration using source data from external systems using a standard integration via REST APIs.
- Create and manage tenants using an API with the introduction of MATTR Platform Management capabilities.
- Host DID Web documents on the MATTR VII platform for ease of onboarding – especially in an ecosystem operator context when onboarding participants (issuers).
Our customers are working on practical applications – some experimenting in our sandbox environments, others moving into production with single use cases. Others still are building out pilots for scaled ecosystems with an industry body, government or private sector organisation playing the role of “ecosystem operator” and managing the onboarding of multiple issuers and verifiers in a common trust architecture.
We are continuing to invest thoughtfully, with the needs of our customers in mind. Our focus is on providing the most versatile and flexible set of capabilities and market-leading platforms to enable your applications.
Sign up for a free trial of MATTR VII to see these features in action or read on for a breakdown of the new features and updates.
Step into the next generation of credential issuance with MATTR OpenID Credential Provisioning (OpenID4VCI)
MATTR works alongside other technology experts in contributing to and adopting open standards to ensure our products will always work with a wide range of systems and networks. As part of this, we’re levelling up our credential creation and offering capabilities with the all-new OpenID Credential Provisioning flow, which utilises the OpenID for Verifiable Credential Issuance (OpenID4VCI) protocol. Read about the OpenID4VCI draft standard.
This new method of provisioning credentials is the evolution of our existing OIDC Bridge extension. It represents a new, simplified experience for credential issuers and holders alike and has been the result of insights gained from:
- the foundational OIDC Credential Provider specification we authored in 2020, which has played a key part in what has become the OpenID4VCI protocol today.
- feedback from our customers and the broader market around our OIDC Bridge feature and the MATTR VII platform, and
- engagement with standards communities.
OpenID Credential Provisioning makes it easy to issue credentials into any digital wallet that supports the protocol, which is currently poised to be a key feature of the EUDI ARF.
In addition to greatly simplifying the process of setting up, configuring and issuing credentials, our OpenID Credential Provisioning flow enables a range of new benefits for credential issuers:
- Use interaction hooks to integrate additional steps to the credential-claiming journey such as additional biometric checks, identity assurance flows, or informational screens.
- Issue multiple credentials to a wallet holder within a single journey or flow.
- Connect multiple data sources to provide claims needed to issue credentials (more on this below).
More benefits as part of this evolution are coming very soon!
OpenID Credential Provisioning represents an upgraded experience for both credential issuers and end users, and it is the preferred method for credential issuance on MATTR VII. For current customers, we will continue to support the OIDC Bridge for issuance through the end of 2023 to allow you to transition to the new protocol and feature set.
Read the new technical documentation and tutorials on MATTR Learn to get started with OpenID Credential Provisioning and reach out to the MATTR Labs team on our external Slack channel with any questions.
Configure credentials with ease with new data source integration and extensibility tools
We’re excited to introduce one of the extended benefits of our new OpenID Credential Provisioning flow, which enables issuers to pull data from different sources to issue credentials.
Previously, customers leveraging the OIDC Bridge had to set up their authentication provider or identity provider (IDP) to contain all the claims needed to issue credentials to a holder. With the new flow, customers can retrieve claims from the databases and sources where they already exist. This provides a greater level of flexibility for credential issuers and allows for easier integration into existing systems.
While customers can use one claims source per configured credential, they can supplement this information with additional data from tenant-managed user claims as well as claims sourced from an authentication provider or IDP.
New tools for ecosystem operators: Easily build your ecosystem with self-service tenant management APIs
Inside a trust ecosystem, there is often a network of entities wanting to issue, hold and/or verify information. If you are playing the role of ecosystem operator around this network, then our investment in ecosystem management tools is likely to be of interest to you. Ecosystem operators can be public or private sector entities that want to develop a trust architecture to support multiple issuing and verifying parties.
What we’ve heard from these kinds of customers is that they want more flexibility to create an ecosystem that works for their unique needs, and they want tools to make managing that ecosystem simple and efficient. So, we’re making it easy to create and manage tenants in both our public and private cloud environments with a new set of APIs that will enable you to create and delete tenants and enable easier setup for advanced ecosystems. You’ll also be able to integrate the APIs with existing systems and build custom portals and user experiences for your ecosystem administrators.
We are continuing to actively invest in this area over the next year with advanced ecosystem support capabilities such as trusted issuer and verifier lists, schema management tools, platform operations APIs, events management APIs, operational dashboards, audit tools, and more.
Note: The self-service tenant management API will be available to selected cloud environments. Contact us if you’re interested in accessing these features or learning more.
MATTR VII now includes DID Web hosting
To help customers get started with using verifiable credentials quickly and easily, we now support DID Web hosting on the MATTR VII platform.
Decentralised identifiers, or DIDs, are a key component for all users within the platform environment. For customers who are keen to get started quickly, we can enable DID Web hosting to simplify the onboarding process. Check out the MATTR Learn tutorials on setting up and using DIDs for more information.
New major changes to our API
Continuing our theme of simplicity and ease of use, we will be releasing a new major version of our API, which includes a new set of endpoints that simplifies the ability to utilise MATTR’s Credential Profiles.
Credential Profiles combine data about people, organizations or things with unique digital signatures. We use different types of Credential Profiles depending on the type of information a customer wants to convey and how they want to convey it. The MATTR VII platform currently supports two distinct Credential Profiles:
- Web Credentials: digital-first credentials that can include rich data beyond text, such as images. They can be bound to a subject to provide identity assurance and can include context with the data to allow for portability across institutions and jurisdictions. They can also be presented remotely in a digital channel.
- Compact Credentials: share authentic information embedded in a QR code. Compact Credentials work well when you want to be sure the information is authentic, but don’t need high identity assurance. They are also very important to support digital inclusion and can be printed on existing documents in a paper-based form.
Throughout 2023 we are working on adding support for a third credential profile, Mobile Credentials, based on the ISO 18013-5 standard. Mobile Credentials are high-assurance credentials that are well-suited for person-to-person presentations. Find out more about Credential Profiles and contact us if you are interested in hearing more about our Credential Profiles investment roadmap.
We recommend that all MATTR VII users use the V2 API reference for best results. Check out the API reference on MATTR Learn..
Watch this space
We are continuing to invest in our product roadmap with many new powerful capabilities and extensions of the features you’ve read about here coming very soon.
Sign up to our newsletter to be the first to know when these features are available, and to keep up to date with the MATTR universe.