PingOne

Scenario: Presenting and verifying a user credential

In this scenario, John Smith (the user) wants to reserve a car from BX Rental Cars (the credential verification service) for his vacation next month. Before he can complete the reservation, BX Rental Cars requires that John provide proof that he has a car insurance policy that will be valid throughout the rental period.

Scenario participants

The following parties are involved in this scenario:

Credential issuer

BX Insurance

User

John Smith

Provider of a service

BX Rental Cars

Verifier service

The service BX Insurance contracts with for credential verification

Assumptions

BX Insurance (the credential issuer) meets the following requirements:

  • PingOne Credentials and PingOne MFA are available in the BX Insurance PingOne environment.

  • They created a credential type for the user data required to issue the credential. The credential type includes a connection to a digital wallet app that users can install and use to store their personal credentials.

    For more information about creating a credentials template, see Creating a credential.

  • BX Insurance customized the following credentials-related notification templates to inform users about the ongoing status of their credentials:

    • Digital Wallet Pairing

    • Credential Issued

    • Credential Revoked

    • Credential Updated

    For more information about notification templates, see Notification templates.

Additionally, John Smith has previously received his credential from BX Insurance, and it is stored in a compatible digital wallet app on his phone. For more information, see Scenario: Creating and receiving a credential.

Scenario

Presenting and verifying credential flow
  1. John visits the Reservations page of the BX Rental Cars website from his computer and starts a reservation request.

  2. An API call is made from the website to the verifier service BX Rental Cars uses. This creates a new verification session and provides a QR code that BX Rental Cars displays on the screen for John to scan.

  3. Using the wallet app on his phone, John scans the QR code.

  4. Depending on how the wallet app is configured, John is authenticated by the app.

  5. John sees that BX Rental Cars requires the following attributes from his BX Insurance credential:

    • First and last name

    • Date of birth

    • Car insurance policy ID number

    • Policy expiration date

  6. Using the app, John agrees to share this data with BX Rental Cars.

  7. The verifier service receives the credential, and checks the validity of the data using the public key that BX Insurance uploaded to the Verifiable Data Registry in PingOne Credentials.

  8. After the data is verified, the data is delivered to the BX Rental Cars reservation site, and, meeting all of the requirements, John is permitted to complete his rental car reservation.