Societal adoption of digital wallets can revolutionize the global economy by transforming how customers pay for goods and services, making transactions faster and more convenient. They allow users to store payment information securely and make purchases with a few taps on their smartphones. The potential for digital wallets to transform transactions goes beyond payments. Digital wallets also can revolutionize how people, businesses and governments prove their identity or data-minimized verified information about their identity, like proof of age of consent or confirmation of professional certification.
While digital wallets are exciting, they also come with risks, particularly around governance, risk, and compliance. Clients, citizens, and partners need tools to help them adopt digital wallets securely in a complicated ecosystem. These tools should be easy to use, accessible, and provide the necessary information to make informed decisions.
This article will discuss measuring trust in digital wallets, the assurance outcomes that digital wallets must meet to verify trustworthiness, and the tools available to help clients, citizens, and partners adopt digital wallets safely.
Measuring trust in digital wallets is essential to ensure users can rely on them for convenient, secure and privacy-enhancing transactions. Several factors, such as authentication, authorization, and fraud detection, contribute to measuring trust in digital wallets. Authentication verifies that the user is whom they claim to be, while authorization determines what actions they can perform within the digital wallet. Fraud detection detects any suspicious activity that could compromise the security of the digital wallet. Measuring trust in digital wallets should also consider the business and sustainability model of the wallet provider. For example, sustainability models may have different implications related to security and privacy practices.
Verifying assurance outcomes is essential for digital wallet users and credential issuers to build the public trust needed to accelerate adoption. For users, assurance outcomes include convenience, security, and privacy. Users need assurance that their digital wallets are secure and protect sensitive information. For credential issuers, assurance outcomes include trustworthiness, interoperability, and compliance. They need assurance that their credentials are trustworthy, work with other systems, and comply with regulations.
In Canada, the Pan-Canadian Trust Framework (PCTF) [https://diacc.ca/trust-framework/] offers one tool to measure the assurance outcomes of digital wallets. The PCTF provides a framework for establishing trust among digital wallet users, credential issuers, and relying parties. The framework includes a set of verifiable processes, policies, and procedures that promote trust and interoperability among digital wallets. The PCTF ultimately represents a governance, risk and compliance framework that defines the duty of care the clients, businesses, and governments expect when interacting with a solution or service.
Service and solution PCTF compliance will help users trust that their digital wallets are secure, and credential issuers can trust that their credentials are trustworthy. Alternatively, services and solutions that verify PCTF compliance mitigate a degree of liability by demonstrating their investment in adopting and implementing a well-vetted and reasonably expected duty of care.
The PCTF benefits from an inclusive, collaborative process convened by the Digital ID & Authentication Council of Canada (DIACC) [https://diacc.ca/], leveraging feedback and input from the public and private sectors and the general public. The DIACC is a Canadian-based non-profit organization comprising public and private sector members working together to accelerate the adoption of trustworthy and privacy-enhancing digital verification solutions and services by providing verifiable governance, risk, and compliance tools like the PCTF.
DIACC’s Voilà Verified [https://diacc.ca/voila-verified/], a third-party conformity assessment program, awards PCTF certification to services and solutions that provide evidence to validate prescribed requirements and outcomes. The Voilà Verified trustmark program helps users identify digital wallets and credential issuers that meet assurance outcomes and comply with the PCTF.
Digital wallets are exciting but have governance, risk, and compliance challenges. Measuring trust in digital wallets is essential to ensure users can rely on them for secure and privacy-enhancing transactions. A solution or service that meets verifiable assurance outcomes will help ensure digital wallets meet user and credential issuer needs. The PCTF offers a tool to measure assurance outcomes of digital wallets, while the DIACC provides tools, research and education to help clients, citizens, and partners adopt digital wallets safely. DIACC’s research indicates that the Canadians’ use of digital wallets continues to grow and increases the urgency to ensure digital wallets are secure, trustworthy, and compliant to mitigate risks and meet governance requirements. Governance, risk and compliance professionals should pay attention to developments in this ecosystem that will influence digital transformation.