Looking at Google Wallet through SSI Glasses
August 25, 2023•1,107 words
TL;DR: This article explores Google Wallet's offline-focused approach to digitizing physical wallets, contrasting it with the decentralized nature of Self-Sovereign Identity (SSI) wallets, delving into developer experiences, user interfaces, and potential future trends.
In a rapidly evolving digital landscape, the concept of wallets has transcended the physical realm, finding a new home within the digital confines of our smartphones. One prominent player in this realm is Google Wallet, an app designed to digitize the contents of our physical wallets and streamline various aspects of our lives. In this article, we delve into the intricacies of Google Wallet, examining its features and capabilities, while also drawing comparisons to the emerging domain of Self-Sovereign Identity (SSI) wallets.
Important Note: To fully benefit from this article, it's recommended to have a solid understanding of key terms such as issuer, holder, verifier, wallet, identifier, and credential as they are employed in the realm of Self-Sovereign Identity. If you're seeking an introduction, consider referring to https://www.identity.com/self-sovereign-identity/ for a comprehensive primer.
Unveiling Google Wallet
At its core, Google Wallet (1) is a smartphone application with the purpose of digitizing the assortment of cards, documents, and credentials traditionally found in our physical wallets. Formerly known as Google Pay, the app was initially focused on facilitating digital payments by storing credit card information for seamless point-of-sale transactions. Over time, Google Wallet has expanded its scope, offering organizations the opportunity to digitize membership cards, event tickets, loyalty programs, and even government-issued documents such as COVID certificates and driver's licenses.
The Essence of Google Wallet's Utility
Google Wallet distinguishes itself by centering its efforts on a singular use case: the digitization of physical wallet contents for offline interactions. Credentials within Google Wallet can be collected through both online and offline means. For instance, purchasing a plane ticket online allows the digital ticket to be stored in the wallet, while registering an existing card in the wallet follows an offline route. Once stored, credentials within Google Wallet are equipped with QR codes, enabling third parties to effortlessly scan and verify them. For example, a ticket's QR code can be scanned at the entrance of an event, expediting the verification process.
However, a notable distinction arises in the online realm. Presenting a credential from Google Wallet in online scenarios - such as displaying a membership card during the checkout process for an online store discount - currently lacks a straightforward mechanism. This differs from SSI wallets, which primarily concentrate on the secure sharing of credentials with third-party services online.
It's worth acknowledging a particular disparity between Google Wallet and SSI wallets. While Google Wallet facilitates offline sharing of credentials through QR codes, SSI wallets generally do not support this mechanism, potentially due to limitations in QR code data capacity (2). This difference in approach reflects the varying priorities between the two technologies.
A Glimpse into the Developer Experience
Google Wallet's developer experience unfolds in a unique manner. A service provider initiates the process by registering a generic class, essentially a credential schema (3). Subsequently, a generic object - the actual credential - is issued in JWT format. Unlike SSI wallets, where the issuer directly interacts with the user's wallet, Google Wallet intermediates this interaction. The issued credential is transmitted through the user's browser to Google, which stores the credential and manages the synchronization to the user's wallet app. Updates to credentials can be seamlessly administered by the service provider without involving the user's browser or a user interaction, ensuring accurate representation of loyalty card points after a completed transaction, for instance.
A stark contrast emerges in the developer experience realm when compared to SSI wallets. The need for user interaction when updating credentials highlights a distinction between the two. However, the advent of Decentralized Web Nodes (DWNs) could potentially alleviate this limitation by granting service providers the ability to update specific credentials directly within the user-controlled node. This avenue presents an intriguing direction for future exploration.
Noteworthy Observations
Google Wallet's design philosophy underscores a strong focus on user interface. The intertwining of claims data with presentation instructions within the class and object (credential) data models sets it apart from the Verifiable Credentials data model, which predominantly emphasizes claims and metadata. Additionally, the Wallet Pass Editor (4) provided by Google reinforces the credential's role in presenting information effectively.
The issuance of credentials through Google Wallet adheres to a decentralized approach, with service providers utilizing their controlled keys. However, the storage of credentials takes place within Google's centralized servers. The role of service providers is endorsed by Google, and while the authenticity of credentials can only be verified by the issuer who knows what data was issued, e.g. which ticket numbers were handed out, this validation is not readily achievable for third parties.
Conclusion and Outlook
In conclusion, Google Wallet's focal point lies in facilitating offline interactions, a deviation from SSI wallets' emphasis on online interactions. While Google Wallet thrives on centralized design, SSI wallets align with a Self-Sovereign Identity stack comprising Decentralized Identifiers and Verifiable Credentials, promoting decentralization and user empowerment. Google Wallet's credentials prioritize visual representation and user-issuer ease, although they lack cryptographic verifiability by third parties, unlike Verifiable Credentials. Google Wallet's success stems from its expanding scope and user-centric approach, sparking intrigue about integrating these attributes into SSI wallets.
As we contemplate the future, an intriguing question arises: Could Google Wallet eventually incorporate decentralized technologies like Decentralized Identifiers and Verifiable Credentials? While the analysis within this article suggests complexity for Google Wallet's current use cases, the adoption of such technologies might become inevitable, particularly as countries such as the EU adopt them for crucial documents. The balance between centralization and legal compliance will undoubtedly shape Google Wallet's journey ahead.
Update
While writing this article the following news hit my inbox: OpenWallet Foundation Announces Google as a Premier Member. I'm pleased to see the direction that Google is taking as it has the potential to bring SSI-enabled wallets and use cases into the hands of users who are already familiar with the wallet app.