A significant leap in digital identity technology is underway with the testing of a new Digital Credentials API. This innovation allows users to authenticate their identity on websites using digital credentials stored in their mobile wallets, such as driver’s licenses and national IDs. Google’s developer advocate, Eiji Kitamura, recently discussed how this API will soon be integrated with Google Accounts to verify users’ dates of birth.
The Digital Credentials API is designed to simplify and secure online identity verification. Starting with Chrome 128, this tool enables websites to request and verify user information through digital wallets. By leveraging credentials like mobile driver’s licenses, the API aims to make identity verification smoother and more reliable.
Real-World Implementation
Digital identity is gaining momentum as both public and private sectors begin issuing digital credentials. In the U.S., states like Arizona, California, Colorado, Georgia, and Maryland have introduced mobile driver’s licenses and IDs that can be stored in digital wallets like Google Wallet. This move aligns with emerging regulations, such as eIDAS 2.0, which set standards for the use of digital credentials in online verification.
Functionality of the API
The API is designed to be flexible and protocol-agnostic. When a website requests credentials, the browser communicates with the mobile operating system to find a matching credential in the user’s digital wallet. Once a match is identified, the operating system prompts the user to select the credential and forwards the request to the chosen wallet. After local authentication, the wallet provides the requested data, secured through cryptographic signatures.
Support and Future Developments
Initially, Chrome will support the Digital Credentials API on Android devices, allowing requests for credentials from wallet apps on the same device. Future updates will extend this capability to Chrome on desktops, enabling cross-device credential requests. At launch, Google Wallet will integrate with the API, allowing select organizations to request and verify user IDs online through Chrome on Android.
Integration with Google Accounts
In the near future, Google Accounts will use the API to verify users’ dates of birth without accessing other personal details. Users in supported U.S. states can use their digital IDs or driver’s licenses from Google Wallet to prove their age while keeping other personal information private. This ensures that users meet account-related age requirements without exposing unnecessary details.
Organizations interested in accepting digital IDs via Google Wallet can express their interest by filling out a designated form. For users wanting to test the API, the following steps and requirements are needed:
Requirements:
– Google Play services version 23.40 or later
– Chrome version 128 or later
– Enable the flag at chrome://flags#web-identity-digital-credentials
Testing Steps:
1. Download and install the demo wallet application on an Android device using the command `adb install -t <path-to-apk>`.
2. Open the IC Wallet app and set up a demo mobile driver’s license (mDL).
3. In the app menu, select “Add Self Signed Document.”
4. Visit https://digital-credentials.dev with Chrome 128 or later.
5. Click “Request Credentials (OpenID4VP)” to complete the process.