How Does Digital ID Help Us in Our Daily Lives on AnyShop App?

Objective

Learn how to utilize MasterCard ID Service with Samsung to provide specific authorized user data from Digital ID. The aim of this exercise is to define list of authentication parameters necessary in the purchase process of age-restricted products on AnyShop app.

Overview

Introduction to Digital ID

What makes a person to be one who they claim to be? Every person is surrounded by a unique group of attributes such as face, fingerprint, ID number, birthdate, address, and knowledge. We can say we identify people correctly if we collect personal attributes from trust authorities in a secure manner.

Digital ID makes a person easily prove their identity and share their attributes to service providers who require a person’s verified data for their services. To achieve this, we need multiple roles in an ID echo system where each role provides secure storages and channels and do the responsibilities.

In our echo system, we have the following roles:

Digital Identity Service Provider

MasterCard ID Service provides the technology platform and operational service to allow the secure storage and transmission of Digital Identity data from the user to the Relying Party having been verified to a required level of assurance by an Identity Verifier Provider. MasterCard also defines the commercial model and liability frameworks (the operating rules) allowing participants in the system to trust the data.

Trust Provider

A Trust Provider manages the user relationship, and is responsible for acquiring new users. They provide the tools (via a MasterCard-developed SDK) to enable the users to manage their Digital Identity. Samsung is a core trust provider in this case. The echo system is on top of the state-of-the-art technologies of Samsung which are resilient biometrics authentications, security mechanisms backed by Knox, and more.

Identity Verification Provider

An Identity Verification Provider verifies data asserted by the Trust Provider and the user using data mastered by the Identity Verifier (i.e. not aggregated from other data sources).

Relying Party

A Relying Party provides products and services to users, relying on the data available in user’s account. This data has been verified by one or more Identity Verification Providers to a level of assurance required by the Relying Party to meet regulatory, legislative, or operational needs.

Users

Users are defined as the citizens of the service who are making an identity assertion.

Code Lab Activity

AnyShop is an application simulates the online purchase process of age-restricted products. Age verification is carried out using Digital ID. The following application flow depicts this specific use case:

  1. 1.

    Select type of age-restricted product to order

  2. 2.

    Add items to cart

  3. 3.

    Quantify the amount of product

  4. 4.

    Confirm the identity

  5. 5.

    Select ‘Continue with ID’ option

  6. 6.

    Provide application code

  7. 7.

    Confirm the identity

  8. 8.

    Share required information

  9. 9.

    Final age verification screen