This page is a collection of potentially interesting use cases for using a smartwallet irrespective of the platform (e.g. mobile phone or desktop) it is running on.
- Alice: the smartwallet holder
- Bob: another smartwallet holder that Alice knows
These use cases could be supported natively by the smartwallet app and its associated browser extension.
Login & Account Creation
We called this section “login” yet the use cases here support a one click interaction that simultaneously creates a new account (if it doesn’t already exist) and logs the person in. So it should be called something like signin/up.
#1: Connect-with-Mee (SIOPv2)
Allows the person to signin/up to websites and apps that support the OpenID Connect SIOPv2 protocol standard. The person can signin/up without requiring a password, and without being tracked by third-parties (e.g. Google, Apple, Facebook, etc.).
Single device scenario: The person has an iOS device and is using a Mee-compatible app (or a Mee-compatible website within a mobile brower. The “Connect with Mee” button on the relying party site/app has a universal (deep) link to the smartwallet app. If the person doesn’t have a smartwallet installed, they are automatically redirected to the App Store.
Cross-device scenario: The person is using a desktop computer and in their browser clicks on a Mee-compatible website. When the person clicks on Connect-with-Mee they are brought to a QR code that they can scan. This code contains the same deep link mentioned above.
This use case is implemented in v1 of the smartwallet.
#2: OpenID prompt for account creation
There is a need, in some circumstances, for the client to explicitly signal to the OpenID Provider that the person desires to create a new account rather than authenticate an existing identity. See the Initiating person Registration specification.
Description: Alice wishes to chat with a friend Bob. Precondition: Both Alice and her friend Bob have chat client apps. Alice and Bob are also able to communicate out of band. Out of band Bob shares via a QR code with Alice of the DID of one of the contexts his smartwallet manages. Stakeholders: n/a How it works: Alice opens her chat client app and scans the DID Bob shared ith her and adds Bob as a new contact in the chat app. Alice types “Hi Bob” into the chat client. This message data is stored in Alice’s context store for this connection with Bob as well as transmitted to Bob’s smartwallet. This message appears in Bob’s client and is stored in Bob’s context storage associated with his connection with Alice. Advantages: This respects Alice’s and Bob’s privacy by eliminating the need for them to trust a service, app or site provided by an intermediary entity. The message content is end-to-end encrypted and never stored by an intermediary (e.g. a social networking site like Twitter, Facebook, etc.) and although it may pass through relay servers it does so only transiently.
Global Privacy Control
Allows the smartwallet holder to automatically signal their intent that websites should not sell their data to third-parties using the GPC standard.
Third-party Cookie Deletion
Allows the person to choose to automatically delete third-party cookies from the person’s browser. Requires Mee Browser Extension (MBX).
Looks at the person’s browser settings (e.g. Google location tracking, history), makes recommendations on settings changes to enhance privacy, and applies these changes.
Digital ID Cards
Use case #1
- A business entity (issuer) in Japan that today makes plastic employer-issued id cards would like to become digital and issue them as VCs into a wallet
- The employer business entity (verifier) wants to allow the employee to login to enterprise systems using this VC
- A newspaper entity (another verifier) wishes to rely on this same employee id VC to authorize access to certain pages of a newspaper site with news related to the employer entity OR if there is a corporate subscription, in which case all the pages will be available
To implement this the smartwallet could support:
SD-JWT-based VC issuance, according to OpenID VC Issuance spec.
SD-JWT-based VC presentation according to OpenID VC presentation spec.
Ability to store VCs and select etc. with a friendly UI
Digital Car and Room Keys
Allows the person to:
- Create and manage strong passwords
- Autofill passwords on any browser
- Sync passwords across their devices
- Grant/delegate access to other smartwallet holders to some/all passwords
- Remembers and highlights the last login method used on a given site.
Allows the person to automatically fill in forms in browsers using data managed by the smartwallet across the person’s devices.
Customer Defined Audience (CDA) Generation
Operating in the background, the smartwallet collects data about the person from first-party apps/sites and uses it to continuously synthesize and update the person’s Customer Defined Audience (CDA) advertising profile. The person can view it and delete fields not of interest.
This CDA profile can be shared with compatible websites to enable them to earn revenues from advertising while increasing the person’s privacy compared to existing solutions that rely on third-party cookies and other forms of tracking and that rely on massive databases of person advertising profiles assemble and managed by third-party adtech firms.
Allows the person’s web browsing history (outside of Incognito mode) to be collected in the smartwallet. Requires MBX.
Allows the person’s search history (outside of Incognito mode) to be collected in the smartwallet. Requres MBX.
Extrinsic - Existing apps/sites
These use cases can be offered by apps/sites that integrate with the smartwallet via Connect-with-Mee.
Login & Account Creation
person can login or create an account with one tap (after smartwallet install). person is not tracked by identity provider (e.g. Google, Facebook, Apple, etc.). This can enhance the app/site’s brand reputation for respecting person privacy
Reduced Form Filling
If the app/site needs attributes about a person, they request it directly from the smartwallet. If the smartwallet has received this same request from another app/site, it asks the person’s consent to return the same value.
Privacy-respecting personal data management
Allows the person to exercise their data rights promised in privacy regulations: the right to access, correction and deletion. Note: further person data protections are provided by the HIL that the app/site provider must agree to.
The app/site can query the smartwallet for data and if the person consents to share it, they gain access to person-curated “zero-party” data.
Higher ad revenues
The app/site can request the person’s Customer Defined Audience data and use its to increase revenues from advertising.
Extrinsic - New apps/sites
These are hypothetical use cases that could be developed by new Mee-compatible apps/sites.
Allows the person to stay in contact with friends, family and colleagues by everyone always having up-to-date contact information. Allows the person to:
- Populates their own contact info (either directly, or through integration with the person’s existing contact management app/service (see below))
- Publish their contact information as part of a connection to an other person’s smartwallet
- Subscribe to the contact info of another person
- Integrates with existing contact management apps and services, allowing the person to continue using them, with the syncing happending in the background. For example the person could continue to use Apple’s Contacts app on their Macbook or iPhone - contact info of other’s that the person is subscribing to are automatically updated and any change made to the person’s contact information is automatically propagated to subscribers.
Delete My Data
Allows the person to exercise their rights and request that their data be deleted by digital service providers. Implementation requires a third-party organization to contact sites on your behalf. Similar to Permission Slip this app would store the results in the person’s smartwallet.
Meta Identity Management
These “meta” use cases manage the person’s identity across two or more external apps, sites or systems using a variety of protocols.
Allows the person to analyze how they are connected to others across social networks with a main goal of suggesting missing links. For example if noticed that the person has contact information for a person but isn’t linked to them on LinkedIn, it suggests (and could automate) adding a LinkedIn connection.
Allows the person to syncronize and update the information that sites/apps have about them. The smartwallet UI would allow the person to create personas to group together connections with apps/sites/others to which the person wishes to expose a relatively consistent set of information. The smartwallet would review what information was stored in the contexts of these connections and personas. It would allow the person to see inconsistencies and, if desired, to correct them. For example there could be a typo in the person’s email address at a particular site, or an old physical address that the person hadn’t updated.
Use case #1
Allows the person to syncronize information that sites/apps have about them using app/site-specific APIs:
- Google Account - Google-specific API
- Facebook Graph API - Facebook-specific API
- Twitter Accounts and persons - Twitter-specific API to manage an account’s profile and settings
Use case #2
Allows the person to syncronize information that sites/apps have about them using MeeTalk.
Integrate the person’s calendars on multiple systems. Allow others to create appointments according to your availability. Similar to Calendly.
Leverage APIs like the UK Open Banking API to manage the person’s banking data.
Use cases involving (uni-directional) the person importing of their personal data into their smartwallet.
Allows the person to download their purchase history.
Allows the person to download their profile, posts, and images.
Allows the person to download various data sets. Examples include:
- Arts & Culture - Favorites and galleries you’ve created on Google Arts & Culture
- Google Photos
- YouTube and YouTube Music - Watch and search history, videos, comments and other content you’ve created on YouTube and YouTube Music
Download connections and personal profile.
Allows the person to download their Twitter followers. Similar to Rolodex except the data would be imported directly into their smartwallet.
Allows the person to download medical records. E.g. BlueButton
Allows the person to collect their GPS location over time.