Verifying information about the user by checking data held by another service. Sharing is limited to only what’s necessary. For example, a user can prove they are over 18 without sharing their date of birth.
- Removes the burden on individuals to continually prove the same things
- Removes the need for the user to share more than they would like to with each service
- Minimises data sharing between organisations
- Reduces the need to duplicate sensitive data
- Users cannot always revoke access
- Additional infrastructure required to validate data
- Data sharing can happen in the background without users knowing
Was this pattern useful?