[OpenID-Specs-eKYC-IDA] Issue #1250: Schema doesn't let you express more granular detail about the verification process (openid/ekyc-ida)

Julian White issues-reply at bitbucket.org
Wed Jul 28 03:12:05 UTC 2021


New issue 1250: Schema doesn't let you express more granular detail about the verification process
https://bitbucket.org/openid/ekyc-ida/issues/1250/schema-doesnt-let-you-express-more

Julian White:

The specification doesn’t support granular detail about the identity checks that were done.

It would be useful for the RP to know which identity checking process you followed for trust frameworks that support more than one identity verification standard/policy. This would need to sit alongside the identity\_assurance\_level element in the verification section. Some policies themselves might have sub-processes so it would be useful to make it an object with values for both; for example:

```json
"id_verification_procedure": {
   "policy": "GPG45",
   "procedure": "M1B"
}
```

‌

Similarly both validation\_methods and verification\_methods could do with further detail on what exactly happened, and they themselves might follow a specific standard or policy. For example:

‌

```json
"validation_method": {
    "type": "vpip",
    "policy": "GPG45",
    "procedure": "score_2"
},
"verification_method": {
    "type": "pvp",
    "policy": "GPG45",
    "procedure": "score_3"
},
```

‌

Lastly the specification doesn’t enable the OP to express checks they may have done outside of checking the evidence, such as PEPs, mortality and other such things. These tend to be checks that happen outside of the interaction or input from the user. This is outside of the scope of the evidence itself but within the scope of eKYC, so would need to sit at the same level as evidence. 

‌



More information about the Openid-specs-ekyc-ida mailing list