By Pradeep KP
An oft-cited use case for digital wallets and credentials includes a student who, upon graduation, is looking for scholarship opportunities to fund their post-graduate education. The student reaches out to many organizations that offer scholarships. Upon being asked to furnish details such as certificates, transcripts and financial information, the student can select and package all of that into a dynamic payload for verification. Since the required datasets are signed and encrypted, the provenance and data integrity are verifiable, as is the content. These speeds up the process, and the student can receive a decision more quickly than possible.
The predominant design pattern of Web 3.0 is that the data principal has autonomy and agency over their information. They can consent to purpose-specific data exchange where security is critical. This pivot from the existing well-understood model creates the need to consider accountability and explainability regarding data acquisition, storage, sharing and exchange. Far too often, the “digital wallet” becomes the central point of a discussion. The more prevalent metaphor of a “wallet” falls way short of describing the potential offered by a digital wallet. It is necessary to reexamine digital wallets not as a data store but as a function of user agency and empowerment.
The inherent flaw in using the “physical wallet” metaphor is that it over-emphasizes the passive nature of a transaction. Today, a physical wallet is a location which can hold currency, cards, bills, and tickets and is only required when an event trigger is invoked. We put ourselves in a situation where we need to complete a transaction, and then we reach out for the wallet to select the means to close the transaction. This is passive and well-aligned with the legacy approach to physical wallets. However, an essential failure of this metaphor is that it does not elevate the critical capabilities of a wallet when seen as a digital wallet. The wallet’s operational security is the holder’s responsibility – the producer of the wallet has nothing much to offer.
The active engagement offered by a digital wallet can be thought of as being driven by “personal software agents” which reside in the wallet and function to respond to and fulfil the requirements of each party in a transaction. Thinking in terms of software agents offers the opportunity to build in the methods of control and governance that a data principal requires over the wallet. In this approach, the wallet transcends from a mere data store to a participant in a dynamic data economy built using a “network of networks” approach. The digital wallet can thus be both a transmitter and receiver of data requests, enabling more powerful avenues to discover authentic data streams and enquire about available services by broadcasting intents.
As digital wallets are readily available for consumer-grade adoption, it is essential to focus on how they enable trusted engagements through accountability between parties involved in a transaction. There is a need for digital wallets to demonstrate a higher degree of user-centricity in terms of data security, data safety (backup and recovery), and security audits. Unlike physical wallets, digital wallets will be the central element in trust networks, where technical and regulatory (governance) requirements will influence the design patterns. Digital wallet-centric transactions will bring about the need for robust failure detection, grievance redressal workflows, and legally enforceable dispute resolution mechanisms. It is not unusual to foresee regulatory requirements on digital wallets which focus on transaction and network security certifications.
The vanilla metaphor of physical wallets will fail to meet the complex requirements of wallets in the digital realm. Stakeholders must understand the need to design for user-centricity that blends secure transactions with trust and reputational engagements where the software agent model of the digital wallet works as an extension of the desires and requirements of the data subject and can thus interact with other services decisively, transparently and responsibly.
The author is co-founder and CEO, Dhiway
