Skip to content

Standardization

This document describes the technical standards and protocols used in My Data Activation (MDA).

Data Model

MDA employs the W3C Verifiable Credentials (VC) Data Model 2.0 as the foundation for structuring credentials. This standard provides a flexible and interoperable framework for representing claims issued by trusted entities. It ensures that credentials can be securely shared and verified without direct interaction with the issuer.

Proof Mechanism

MDA utilizes Selective Disclosure JSON Web Token ( SD-JWT) for cryptographic proofs. SD-JWT allows selective disclosure of credential attributes while maintaining integrity and confidentiality. This means that a holder can disclose only a subset of the claims contained in a credential - while keeping the rest confidential.

Credential Issuance

Credential issuance follows the OpenID for Verifiable Credential Issuance (OID4VCI) standard. Issuers must establish cryptographic binding with holders to ensure that credentials are issued to the rightful recipient and cannot be misused. This binding is optional and relies on secure cryptographic methods for holder verification.

Credential Negotiation

For credential negotiation and discovery, MDA integrates the Decentralized Identity Foundation's (DIF) Presentation Exchange standard. This standard defines a protocol for holders to present credentials matching the requirements specified by verifiers.

Credential Presentation Protocol

The OpenID for Verifiable Presentations (OID4VP) is used for remote presentation flows. This protocol facilitates secure, online interactions between holders and verifiers.

Trust Infrastructure

MDA supports two identity infrastructure models:

  • Partisia's DIDs: Register tamper-proof, on-chain DIDs for issuers, holders and verifiers to leverage a transparent, blockchain-based registry.

  • Bring-Your-Own OAuth 2.0 Server: Point MDA at your identity provider using our “pre-authorize” flow extension - trade a pre-authorized code at the standard token endpoint - so you retain control over authentication and session policies while issuing and verifying VCs.