Trusted Verifier Authentication #1720
Description
Description of feature / user story
When VC-AuthN requests credentials containing sensitive information (PII, unique identifiers, health records, etc.), holders have no mechanism to verify that the verifier is legitimate and authorized to receive this information. This creates:
- Security Risk: Malicious verifiers can request sensitive data without accountability
- Privacy Concern: Users cannot validate who is collecting their personal information
- Compliance Gap: Regulated industries may require verifier authentication for sensitive data
User Story
As a wallet holder
I want to verify that a verifier is authorized to request my sensitive credentials
So that I can trust that my personal information is being collected by legitimate, authorized entities
Acceptance Criteria
- Credentials can store protected claims
- Credentials can store verifier credentials to request when claims are challenged
- Wallet supports sending and handling proof requests and presentations
- Wallet will challenge verifiers before responding to proof requests with protected claims
Wireframes or relevant image assets / links
Design Document
VC-Authn Issue
