This document demonstrates how the enhanced Contactless Travel API could integrate OpenID4VP (OpenID for Verifiable Presentations) to enable seamless credential verification at travel touchpoints.
This proposal improves UX by requiring only a single up-front consent for an embedded wallet, after which the wallet automatically performs sequential OpenID4VP presentations for all journey touchpoints.
sequenceDiagram
participant P as Passenger
participant W as Wallet
participant A as Airline
participant CTD as CT Directory
participant AM as Touchpoint<br/>Verifier
A->>CTD: Query CTD
CTD->>A: Output touchpoints<br/>+ verifier protocols endpoints
A->>A: Consolidate into array
A->>W: Share array of<br/>touchpoints and deeplinks
W->>P: request consent<br/>from user
P->>W: review and<br/>accept request
rect rgba(255, 200, 150, 0.4)
note over W, AM: To be repeated for every touchpoint/endpoint sent by the Directory
W->>AM: share requested info/ VCs
AM-->>W: confirms info's been received correctly
end
POST /v1/public/discovery
Content-Type: application/json{
"transactionId": "tx123456789",
"itineraryDetails": {
"segments": [
{
"departure": {
"airport": "MAD",
"dateTime": "2024-06-01T08:00:00Z"
},
"arrival": {
"airport": "JFK",
"dateTime": "2024-06-01T16:00:00Z"
},
"operatingCarrier": "AA"
},
{
"departure": {
"airport": "JFK",
"dateTime": "2024-06-01T20:00:00Z"
},
"arrival": {
"airport": "CDG",
"dateTime": "2024-06-02T10:00:00Z"
},
"operatingCarrier": "AF"
}
]
}
}The CT Directory returns all registered touchpoints for the requested journey segments:
{
"transactionId": "tx123456789",
"contactlessTravelServices": [
{
"segmentIndex": 0,
"departure": { "airport": "MAD", "dateTime": "2024-06-01T08:00:00Z" },
"arrival": { "airport": "JFK", "dateTime": "2024-06-01T16:00:00Z" },
"stage": "origin",
"contactlessTravelServicesAvailable": true,
"contactlessServicesByPartner": {
"AIRPORT": true,
"AIRLINE": true,
"BORDER_AUTHORITY": false
},
"verifierEndpoints": {
"AIRPORT": {
"openid4vp_request_uri": "https://verifier.example/request_uri?tx=tx123456789&seg=0&partner=AIRPORT",
"openid4vp_dc_api": "https://verifier.example/dc_api?tx=tx123456789&seg=0&partner=AIRPORT",
"iso18013-7_engagement": "https://reader.example/engage?tx=tx123456789&seg=0&partner=AIRPORT"
},
"AIRLINE": {
"openid4vp_request_uri": "https://verifier.example/request_uri?tx=tx123456789&seg=0&partner=AIRLINE",
"openid4vp_dc_api": "https://verifier.example/dc_api?tx=tx123456789&seg=0&partner=AIRLINE",
"iso18013-7_engagement": "https://reader.example/engage?tx=tx123456789&seg=0&partner=AIRLINE"
},
"BORDER_AUTHORITY": {}
}
},
{
"segmentIndex": 1,
"departure": { "airport": "JFK", "dateTime": "2024-06-01T20:00:00Z" },
"arrival": { "airport": "CDG", "dateTime": "2024-06-02T10:00:00Z" },
"stage": "transit",
"contactlessTravelServicesAvailable": true,
"contactlessServicesByPartner": {
"AIRPORT": true,
"AIRLINE": true,
"BORDER_AUTHORITY": false
},
"verifierEndpoints": {
"AIRPORT": {
"openid4vp_request_uri": "https://verifier.example/request_uri?tx=tx123456789&seg=1&partner=AIRPORT",
"openid4vp_dc_api": "https://verifier.example/dc_api?tx=tx123456789&seg=1&partner=AIRPORT",
"iso18013-7_engagement": "https://reader.example/engage?tx=tx123456789&seg=1&partner=AIRPORT"
},
"AIRLINE": {
"openid4vp_request_uri": "https://verifier.example/request_uri?tx=tx123456789&seg=1&partner=AIRLINE",
"openid4vp_dc_api": "https://verifier.example/dc_api?tx=tx123456789&seg=1&partner=AIRLINE",
"iso18013-7_engagement": "https://reader.example/engage?tx=tx123456789&seg=1&partner=AIRLINE"
},
"BORDER_AUTHORITY": {}
}
}
]
}Airline receives touchpoints from CTD and sends a structured array of aggregated VP request links to wallet.
Proposed payload:
{
"transactionId": "tx123456789",
"journeyId": "journey_mad_jfk_cdg_20240601",
"itineraryReferenceNumber": "PNR-ABC123",
"touchpoints": [
{
"sequence": 1,
"id": "mad-checkin-terminal4s",
"type": "CHECK_IN",
"name": "American Airlines Check-in Madrid",
"airport": "MAD",
"segment": 1,
"operatingCarrier": "AA",
"verifierEndpoints": {
"openid4vp_request_url": "https://broker.aa.com/openid4vp/req_checkin_mad_123",
"openid4vp_dc_api": "https://broker.aa.com/openid4vp/dc_api_checkin_mad_123",
"iso18013-7_engagement": "https://reader.aena.es/engage/checkin_mad_123"
}
},
{
"sequence": 2,
"id": "mad-security-checkpoint-a",
"type": "SECURITY",
"name": "AENA Security Checkpoint A",
"airport": "MAD",
"segment": 1,
"verifierEndpoints": {
"openid4vp_request_url": "https://broker.aa.com/openid4vp/req_security_mad_456",
"openid4vp_dc_api": "https://broker.aa.com/openid4vp/dc_api_security_mad_456",
"iso18013-7_engagement": "https://reader.aena.es/engage/security_mad_456"
}
},
{
"sequence": 3,
"id": "mad-boarding-gate-b12",
"type": "BOARDING",
"name": "American Airlines Boarding Gate B12",
"airport": "MAD",
"segment": 1,
"operatingCarrier": "AA",
"verifierEndpoints": {
"openid4vp_request_url": "https://broker.aa.com/openid4vp/req_boarding_mad_789",
"openid4vp_dc_api": "https://broker.aa.com/openid4vp/dc_api_boarding_mad_789",
"iso18013-7_engagement": "https://reader.aa.com/engage/boarding_mad_789"
}
}
]
}After receiving the vp link array, the Wallet displays a consent screen.
The wallet handles credential presentation at each touchpoint under the single consent.
- Where to move this document to?
- Overall Flow revision and validation
- Payloads exhanged during flow, specifically CTD output and VP Links array to Wallet.
- Consent management and legal aspects.
- Backup Flow for standard wallets.
- Handle failures and resume presentation flow.