The eKYC and Identity Assurance (eKYC & IDA) working group is developing extensions to OpenID Connect that standardize the communication of assured identity information, i.e., verified claims along with trust framework and assurance level as well as information about how and when the verification was done. The core of that work has become OpenID Connect for Identity Assurance (OIDC4IDA).
With its first interoperability event, the working group has taken an important step on the journey towards a final specification. Interoperability of implementations is paramount and with the support of the GAIN proof-of-concept participants, where this specification is an important technical building block, several organizations have been able to test their implementations.
At the core of the event was the beta eKYC & IDA conformance test plan developed by the OpenID Foundation. The test plan will ensure that implementations of the OIDC4IDA specification adhere to the rules described in the current implementers draft, and thereby assure technical interoperability across identity providers and relying parties.
In the last week of November, four early implementers of the OIDC4IDA specification (BankID Sweden, eKYC Hub Open Source Framework, DIZME, and yes.com), all in the role of identity providers, came together to run the tests and to present their results in a special session of the OAuth Security Workshop 2021. All four Identity Providers ran the tests successfully, detecting only minor deviations from the standard.
These existing implementations will be also available in the sandbox being set up by the upcoming GAIN proof-of-concept community group for interested RPs to test with.
The eKYC & Identity Assurance working group plans to organize another interoperability testing event, together with relying parties, in the near future.