Skip to content

Google is testing identity verification in Chrome on Android

  • by
  • 3 min read

Photo: In Green / Shutterstock.com

Google is exploring a new feature for Chrome on Android, dubbed the ‘Digital Credential API,’ which aims to enhance how websites request and verify user identity information stored in mobile wallets.

The Digital Credential API integrates with Android’s identity management system to offer secure storage and handling of digital documents, such as official identification cards and travel documents.

This technology lets websites directly access a user’s verified identity information stored in their smartphone’s digital wallet, eliminating the need to update physical documents manually.

When a website needs to verify a user’s identity, it sends a request through Chrome on Android. The user then receives a prompt to approve the request. If the user consents, Android securely transmits the required information from the mobile wallet to the website, sharing only the necessary details. This process ensures data protection and gives users control over what information is disclosed.

The IdentityCredential system is destined to support multiple credential formats, including ISO mDoc and W3C verifiable credentials, and is compatible with various wallet apps. Google is also working on mechanisms to mitigate the risk of widespread abuse of real-world identity information.

“We firmly believe that relying on a browser API and the mobile platform is the most reliable approach for identity digital credentials to be shared securely online,” explained Google.

Current methods for websites to obtain credentials from mobile wallet apps include custom URL handlers and QR code scanning, but the new API aims to streamline and secure this process further.

While Google is still experimenting with the Digital Credential API, the company has not yet announced a release date. As the testing phase progresses, more details are expected to be shared.

This feature promises a more seamless and secure experience when sharing identity information online. By reducing the need for manual uploads and minimising the risk of data breaches, the Digital Credential API could become a cornerstone of digital identity management.

“We not only strive for ease of use but also exercise utmost caution to uphold high standards of security and privacy. This is essential to safeguard users from potential identity theft and ensure they are fully informed about the implications of online identity sharing before providing their consent.”

In the News: Julian Assange freed; reaches plea deal to avoid US imprisonment

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

>