NEW
Report & API Now Live! Data insights report and open data API endpoints live as of September 23, 2025

OpenID4VC High Assurance Interoperability Profile

type
Standard
Documentation

Description

Description
Source

The OpenID4VC High Assurance Interoperability Profile is a specialized framework that defines requirements for secure and private credential issuance and verification. It combines multiple standards including OpenID for Verifiable Credential Issuance, OpenID for Verifiable Presentations, and Self-Issued OpenID Provider v2, along with credential formats like SD-JWT VC and ISO mdoc.

This profile is designed for implementations requiring high security and privacy, such as government-issued credentials and regulated identity documents. It's particularly relevant for:

  • Digital identity frameworks like eIDAS 2.0
  • Government agencies like the California Department of Motor Vehicles
  • Identity initiatives like the Open Wallet Foundation and IDunion

Key features include:

  • Secure credential issuance and presentation protocols
  • Strong wallet attestation requirements
  • Cryptographic holder binding
  • Privacy-preserving selective disclosure
  • Support for both in-person and remote verification

Technical Specifications:

  1. Purpose and Scope
  • Enables interoperable credential issuance and presentation
  • Supports both SD-JWT VC and ISO mdoc formats
  • Includes wallet attestation and authentication mechanisms
  • Covers both online and in-person verification scenarios
  1. Key Technical Requirements
  • Uses authorization_code flow for credential issuance
  • Implements PAR (Pushed Authorization Requests)
  • Requires DPoP for token binding
  • Supports haip:// URL scheme for wallet invocation
  • Mandates P-256 curves with ES256 algorithm for signatures
  1. Implementation Requirements
  • Wallets must support attestation using JWT format
  • Verifiers must implement Web-based key resolution
  • All parties must support specific crypto suites
  • Mandatory support for selective disclosure
  • Required implementation of status management
  1. Security Considerations
  • Enforces cryptographic holder binding
  • Requires encrypted responses for credential presentation
  • Implements strict issuer identification mechanisms
  • Mandates secure key resolution protocols
  • Supports credential status verification
  1. Interoperability Features
  • Standard credential format support
  • Common protocol implementations
  • Unified crypto requirements
  • Consistent metadata handling
  • Cross-platform wallet invocation
  1. Current Adoption

    Being implemented by:

    • eIDAS 2.0 framework
    • California DMV
    • Japanese Government's Trusted Web project
    • Various private sector organizations

The profile represents a significant step toward standardizing high-assurance digital credential implementations while maintaining strong security and privacy guarantees.

Statistics

Projects Following
Source
2

Under Management at

Project
Website
Source

Projects Following or working on this Standard

Project
Website
Source

If you are featured in the Web of Trust Map and wish to exercise your GDPR rights, including the right to be forgotten, visit the privacy policy page