It is currently difficult to transmit banking account information, proof of age, education qualifications, healthcare data, and other sorts of verified personal information via the Web. These sorts of data are often referred to as verifiable claims. The mission of the Verifiable Claims Working Group is to make expressing, exchanging, and verifying claims easier and more secure on the Web.
In existing attribute exchange architectures (like SAML, OpenID Connect, Login with SuperProviderX, etc.) users, and their verifiable claims, do not independently exist from service providers. This leads to vendor lock-in, fragmentation of identity across different services, reduced competition in the marketplace, and reduced privacy for all stakeholders. There is no interoperable standard capable of expressing and transmitting verifiable claims that works the same across industries (e.g., finance, retail, education, and healthcare). This leads to fragmented industry-specific solutions that are costly and inefficient.
The Credentials Community Group and the Verifiable Claims Task Force of the Web Payments Interest Group have extensively researched the problem and proposed an architecture and specification to enable the interoperable expression, exchange, and verification of claims. The narrow scope of work in the draft Verifiable Claims Working Group Charter proposes that the first step toward broad interoperability is standardizing a data model and syntaxes for the expression and verification of verifiable claims.
Specifically, the Verifiable Claims Working Group will Recommend:
The Working Group will NOT define a new protocol for attribute exchange or JavaScript browser APIs. These work items may be proposed at a future date if there is support for them, but are not necessary to successfully achieve the first step of interoperability.
Yes. The work on this proposal has been incubated in multiple W3C Community Groups for several years and has benefited from wide review during that time period. There are commercial pilot projects underway that utilize the technology.
Yes. The groups that have put forward the proposal went to great lengths to reduce the scope as much as possible to a clearly achievable first step.
Yes. A recent survey of 56 organizations from diverse industries show strong support for the problem statement, goals, scope of work, and use cases.
Cross-industry interoperability. Proprietary industry-specific solutions for verifiable claims exist but due to their narrow nature they often fail to scale outside of a particular industry. A number of survey respondents observed that the W3C tends to offer more robust solutions that work across industries. In addition, the Verifiable Claims specification is built on top of technologies standardized at W3C. For these reasons the majority of survey respondents believe that W3C is the right place to do this work.
Yes. A survey of organizations involved with verifiable claims was performed last year and received 38 supportive responses. The most recent survey garnered 52 supportive responses, some from multiple multi-billion dollar corporations and government bodies, showing significant and increasing support for the work. After changes to the charter, a few large organizations changed their position from not supporting or ambivalence to moderate or strong support.
Supporting documentation for the proposal can be found here: http://w3c.github.io/webpayments-ig/VCTF/.
The following documents provide summaries of different aspects of the proposal, listed in order of importance: