How Affinidi Vault Works

Use Affinidi Vault to discover, collect, store, share, and monetise your data across different applications while controlling your data. Applications that wish to request data from you must get the user’s consent before being able to extract the data from the Vault through Verifiable Presentation (VP).

Affinidi Vault stores your data securely on the local storage of your device (edge).

Presentation Exchange (PEX) Query

The Presentation Exchange protocol implemented by Affinidi Vault enables data interoperability and uses PEX query to request user data. Applications can assess the trustworthiness of the data by describing the required data that the user must satisfy using the presentation definition.

See the sample PEX query that requests the email address of the user from the Vault:

{
  "id": "email_vc_data",
  "name": "Email VC data",
  "purpose": "Check if data contains necessary fields",
  "constraints": {
    "fields": [
      {
        "path": [
          "$.credentialSubject.email"
        ],
        "purpose": "Email address",
        "filter": {
          "type": "string"
        }
      }
    ]
  }
}

The above definition is part of the default presentation definition of Affinidi Login to authenticate users using their verified email address as their identity.

Profile Completeness Check

The profile page of Affinidi Vault provides an overview to the user about the completeness of their profile and how many data points still need to be completed.

Liveness Check

To provide an additional layer of authenticity, security, and a better user experience when onboarding the users to the application. Affinidi Vault can verify if the user is real by doing a Liveness check. Liveness check is a technique that securely detects whether the source of a biometric sample is a real person or a fake representation by taking a live photo of the user.

The Affinidi Vault generates a Verifiable Credentials called HITLivenessCheck that represents the result of the Liveness check, whether it is passed or failed.

Currently available on the Chrome Extension version only.

Consent Page

Data collected by the users from different authoritative or trusted sources are stored and managed within the Affinidi Vault. Applications or websites can implement a flow or call to action that allows them to request data from the user if the user wishes to participate, and at the core of this flow, they ask the user for consent to share their data stored in the Vault. Whether through the Affinidi Login or requesting data directly from the Vault by initiating a PEX request.

The consent page displays the data or Verifiable Credentials (VCs) requested by the application, and the user must share it from their Vault to proceed.

Additionally, the user has the option to remember the consent they have selected for the application so that next time, the user will not be asked for consent anymore.

History

Inside the Vault, users can see all the sites where they have given their consent, including the date/time they have provided their consent and if they have allowed automatic consent.

Currently available on the Chrome Extension version only.

Backup and Recovery

Affinidi Vault enables users to back up their Vault data and restore it upon installation of the extension. The backup is encrypted and can only be restored with the user’s Vault passphrase.

Additionally, user can delete their Affinidi Vault data securely stored on their device if they wish. Ensure you have generated a backup to restore the previous data before deleting your Vault data.

In summary, the core components of Affinidi Vault empower users to secure, manage, and decide whether to share their data through consent using Verifiable Presentation (VP) and for developers to be able to request data using a standard PEX query.

Learn more about the available data and how to request user data from the Affinidi Vault.