Trust and security considerations
Holding credentials securely means managing which verifiers and issuers your app trusts, authenticating the holder, and keeping credential status current. This page covers each of those considerations.
Trust and security considerations
Trusted verifier management
The Holder SDK supports configurable trust lists for verifier certificates. You can adapt your app's behavior based on trust level:
- Block requests from untrusted verifiers entirely.
- Show warnings or reduced information for unrecognized verifiers.
- For remote presentations, verifier authentication is mandatory. The SDK validates the verifier's identity before proceeding.
Trusted issuer management
The SDK maintains a local list of trusted issuer certificates. Only credentials from issuers whose signing certificates are in your trust list will pass validation. Configure this list based on the jurisdictions and credential types your app supports.
Holder authentication
The SDK leverages platform-level security to ensure credentials are only presented by their rightful holder:
- Biometric authentication: require Face ID, Touch ID, or fingerprint before credential access.
- Device unlock: ensure the device has a passcode/PIN set.
- Key binding: credential keys are bound to the device's secure element or keystore.
- Per-credential policies: issuers can define security policies per credential type.
Balance security with inclusion: some users may lack or have disabled biometrics. The SDK supports OS-level alternatives (PIN, passcode, pattern) as fallbacks.
See the Device Key Authentication guide for detailed configuration.
Status list management
Credentials can be revoked after issuance. The SDK handles status list retrieval and caching based on
the issuer's configured ttl and exp parameters:
ttl: recommended duration for using a cached status list before fetching an update.exp: hard deadline after which a cached status list must not be used.
Apps can rely on cached statuses between ttl and exp to maintain offline usability. Consider how
your app communicates credential status changes to the user (e.g., badge indicators, notifications).
See credential revocation for background on status lists.
Next steps
Next, review the operational tooling available for your integration.
How would you rate this page?
Last updated on