View Source

Attendees

Savita Farooqi (Symsoft Solutions)
Daniel Bachenheimer (Accenture)
Drummond Reed (Evernym)
DHY SIA (Singapore Airlines)
Xiang Wang (Singapore Airlines)
Brian Behlendorf
Jacques Bikoundou (Blockchain technologist)
Kaliya Young
Stacey-Ann Pearson (Affinidi)
Rebecca Distler (ID2020)

Agenda Items

Time	Item	Who
2 min	Welcome & Antitrust Policy Notice	Chair
15 min	Group Introductions	All
15 min	Discussion of blueprint outline / user experience challenge area	All
15 min	Good UX experience in air travel	Xiang Wang
15 min	Mapping & next steps	All

Presentations -

(PDFs posted)

Recording - Link

Notes

1. Welcome and Linux Foundation antitrust policy

2. Group Introductions

3. Discussion of Blueprint Outline / UX Challenge Area

This group has the most cross-dependencies with the other groups; needs strong ties to paper-based credentials and identity binding group
UX name based on Kim Cameron laws of identity (won’t get to safe and trusted infrastructure unless people instinctively know what to do when they get the solution). If you don’t have consistent user experience, can be really challenging (or dangerous from a security/privacy standpoint)
Need something more generic - across the industry, multiple players might pitch a different user flow
We need to be able to show different user flows, and talk about requirements / pros and cons of user flows
- Tease out buckets; where do we want to start user flow from?
  - Ensure that we all understand the user flows out there

4. Good user experience in travel

Use of QR or barcode is extensive; all boarding passes have code that can be scanned on boarding
- Discussion that QR code may not be right terminology (vs. PDF417)
Health credential (test result, vaccine) used at airport - check in with staff, officers, or use it at a kiosk for travel
Home check-in will be a major use case (how do we get back to pre-COVID at-home check-in experience)
- Most airlines have turned off online check-in for COVID-19 but really want to resume this; so you need to use a laptop to do an online check-in or mobile app
- Questions of how do I present the health credential digitally (via a computer) - have to make sure laptop camera is working; health credential might be within mobile app itself
People don’t always use the right name (hard to do identity binding)
- Not unique - VCs are based on information from a passport; scans passport once and VC has core identity data
- Now you get a health credential in identity wallet - through wallet, agents are bound to that holder
- IATA is doing self-registration - scan visual inspection zone of passport to read chip, do a selfie, and match face to chip face - that is “good enough”
When I share that information through selective disclosure, I could share certain information at check-in time to airline, and different information at departure and exit control and different information at destination country
- Won’t translate because you need infrastructure for it - people have to have smartphones and we know from this exercise that we need a paper-based alternative
- “subset” and “superset” is helpful mental model - would call them “core” and “variant” UX components
In general, airlines want a yes / no pass, but don’t want to touch health data
- IATA TravelPass - 2 credentials (1 ok to fly, when you present to airline for privacy (airlines don’t want to know PHI, they just want some assurance you’re ok to fly); but in your destination country, you may be asked to present all of your information
Once you optimize the user/traveler experience, optimize that traveler experience with the verifiers in mind - then you will take care of the holder as well as the verifier (e.g., the airline)

5. Mapping and next steps

Separate out validation, verification, checking presented credential against set of requirements (adding Zone 4 - verification
Need to determine if, when we're talking about user, are we only talking about the customer? Or are we only talking about the airlines?
- If we do it based on zones, can cover different users (users, airlines, etc.); verifiers and issuers have to do the right thing too
DVF = desirability, viability, feasibility - https://medium.com/innovation-sweet-spot/desirability-feasibility-viability-the-sweet-spot-for-innovation-d7946de2183c
How is consent being managed; regardless of the flows, there are certain things that if you are trying to be GHP-compliant, you need to fit this in

Action Items

Group to create standard user flows for 2-4 different flows that already exist (rather than trying to create one general user flow); provide comments in advance of next meeting
Follow up on question if test suites and/or certification programs will be an outcome of GHPC?