Digital Wallet Bill of Rights

Written by Bruce Barnett

June 2004

When considering authentication and privacy, here is a list of several principles I feel is important to protect one's privacy when using digital wallets (or eWallet) or anything containing personal identity.

  1. I own the wallet.
  2. I control contents of the wallet.
  3. I control the software my wallet uses.
  4. I may have more than one wallet.
  5. I may have multiple identities stored in my wallet.
  6. I decide where I want to use my wallet.
  7. I can securely create a backup of the information in my wallet.
  8. I can recover the backup and place it in a new wallet.
  9. I can use my wallet to securely log onto a system without typing a username/password.
  10. I want to be able to use my wallet as a Credit Card.
  11. I want to be able to use my wallet as a debit card.
  12. I want to be able to use my wallet to access my bank accounts.
  13. I want the store some or all of my account information in my wallet, including passwords, etc.
  14. I want to be able to use the wallet to authenticate myself to remote sites using a borrowed computer.
  15. I want to use my wallet to authenticate a remote site before I reveal any personal information to that site.
  16. I want to be able to authenticate myself with multiple mechanisms (weak to strong) depending on what I access. I am going to protect my bank account more than my Instant Message/Facebook/Linkedin account.
  17. I want to be able to use it to buy things using it as conveniently as possible.
  18. I want to be able to decide upon the convenience and security that suits my needs. I want to decide upon the balance of security and convenience.
  19. If someone steals my wallet, they can be limited in what they do with it, based upon my personal security/convenience trade-offs that I have specified.
  20. I want to store confidential information in my wallet. If the size of the information is too big to store, I want to be able to store the information securely elsewhere, with the decryption key to this data in my wallet .
  21. I may choose to have an escrow service that can unlock some or all parts of my wallet in the event of my death.
  22. I want to be able to act as a go-between between two organizations who wish to share information about me. I want the option to decide what information about me they have access to.
  23. I want to be able to conveniently fill out financial forms using my wallet using one of the profiles in my wallet. That is, I can select a profile with specific name, address, and account information that specifies what information i wish to share with third parties.