The U.S. Department of Homeland Security’s Science and Technology Directorate (S&T) has partnered with U.S. Citizenship and Immigration Services (USCIS) to develop and implement digital credentials based on open Internet standards. This collaboration aims to enhance the security and convenience of immigration documents, making them accessible via smartphones.
USCIS’s Office of Intake and Document Production (OIDP) is responsible for designing and managing the production of all immigration-related documents. Jared Goodwin, Chief of OIDP’s Document Division, emphasized that transitioning to digital credentials, such as a smartphone-compatible green card, would significantly improve ease of use, security, and online support. This digital shift would also eliminate the need for in-person visits for tasks like renewing or modifying immigration status.
S&T has been focused on advancing the security of identity credentials and documents, and this partnership with USCIS aligns with its ongoing efforts. The collaboration was initiated after Goodwin learned about S&T’s Silicon Valley Innovation Program (SVIP), which was exploring similar digital solutions to prevent forgery and counterfeiting of certificates and licenses.
Together, USCIS and S&T decided to leverage two globally recognized open standards: the Verifiable Credentials Data Model (VCDM) and Decentralized Identifiers (DID). These standards, developed by the World Wide Web Consortium (W3C), are designed to support a secure, privacy-respecting digital credentialing process.
One of the key advantages of these W3C standards is the ability to share only the necessary data for a given transaction. For example, a digital Permanent Resident Card on a smartphone could be used to verify a person’s age at a store without revealing any additional information, such as a date of birth. This feature is a significant step toward enhancing individual privacy.
The DHS Privacy Office, which ensures privacy protections and transparency across DHS activities, is actively involved in reviewing the W3C VCDM/DID framework to identify and address any potential privacy concerns.
Melissa Oh, Managing Director of SVIP, highlighted that the W3C standards undergo extensive review processes to ensure they incorporate security, privacy, accessibility, and internationalization. By adopting these standards, S&T and its partners aim to create technologies that make digital transactions more secure and privacy-focused.
Looking ahead, the government’s goal is to empower individuals with control over their digital interactions. As Goodwin explained, the intent is to allow users to own their identity and decide when to share it, without needing to rely on agency verification for every interaction.
DIDs serve as unique identifiers for organizations, devices, or individuals. Unlike social security numbers, DIDs are purely identifiers and are not used for verification, which is handled separately using public key cryptography. Meanwhile, the VCDM standard ensures that credentials are cryptographically secure, privacy-respecting, and machine verifiable, while also enabling selective disclosure of personal data.
Selective disclosure allows digital credentials to contain multiple pieces of information, but users can choose to share only the specific details required for a particular transaction, whether with government or non-government entities.
S&T believes that due to the efforts of SVIP, USCIS, and other stakeholders, digital credentials using W3C VCDM and W3C DID standards will become increasingly common in the near future. These advancements are expected to play a crucial role in preventing identity theft and forgery, while also giving individuals greater control over their personal information and privacy, particularly in online environments.
Comments