Gail Hodges, Executive Director OpenID Foundation

Today the OIDF is proud to announce that the OpenID for Verifiable Credential Issuance (OpenID4VCI) specification has proven interoperability through the pairwise testing of seven issuers and five wallets providers from around the world.  

The clear evidence of interoperability is a meaningful and timely result as this specification moves through a 60 day public review period. At the end of this period, the OpenID Foundation membership will cast their votes to elect this specification as a “Final” specification in line with the OpenID Foundation Process Document.

OpenID4VCI Interoperability Objectives 

This OpenID4VCI interoperability project had five objectives: 

1. Prove out the OpenID4VCI specification before the vote to name it a Final specification
2. Provide interoperability results and implementer feedback to the Digital Credentials Protocols WG
3. To provide results on interoperability to standards body partners (e.g. ISO/IEC , W3C, and ETSI)
4. Brief government partners on progress in the standards they have selected to support their ecosystems and projects  (e.g. European Commission EUDI Wallet project, NIST NCCoE mDL project, and the Japan Digital Agency pilot project) 
5. Provide accurate, proven, open source tests to the global community of issuers, wallets, and vendors for them to prove out their own implementations that use these specifications.

To prove out the technical interoperability objectives, the specifications tested included:

• OpenID for Verifiable Credential Issuance  v16
• The OpenID Foundation’s OpenID for Verifiable Credentials High Assurance Interoperability Profile Implementer’s Draft 2.0
• ISO/IEC IS 18013-5:2021 Mobile Driving License (mDL) and “mdoc” specification
• ISO/IEC TS 18013-7:2024  
• IETF’s SD-JWT draft 17 

Pairwise Testing

The invitation to participate in the Interop event was made available to contributors to the DCP WG, those that have signed a DCP WG Contribution Agreement, to ensure any interoperability feedback could be used to inform the OpenID4VCI specs and tests. 

The pairwise interop demonstration was conducted July 16, as the third in a series of interop events from May to July to mature implementations in line with the specifications. In the third OpenID4VCI interop event on July 16th, the participants took part in a 90 minute, remote interop meeting followed by an 8 day window to remediate any bugs asynchronously.   During this time, out of the 59 possible issuer/ wallet pairs that could be tested, 47 pairwise tests were conducted. Of those 47 pairs:

• 87% passed successfully
• 11% failed with resolvable issues   
• 2% failed without an immediately obvious issue.

Overall, the implementers and the DCP WG determined that these results did not include any material concerns with the OpenID4VCI v16 of the specification, or the OIDF open source tests on OpenID4VCI. For noting, the results were consistent across a range of scenarios supported by the specification, with implementers demonstrating one or multiple configurations of OpenID4VCI: 

• OpenID4VCI with SD-JWT, Custom URI initiated and client authentication using wallet attestation-based client authentication with x5c header (designated as “HAIP mode”)
• OpenID4VCI with SD-JWT, Custom URI initiated and client authentication using client assertion with private_key_jwt  
• OpenID4VCI with SD-JWT, Custom URI initiated, no client authentication  
• OpenID4VCI with mdoc, Custom URI initiated, no client authentication  

Global Expert Participants

Leading implementers from around the world included (7 Issuers and 5 wallets). They included: 

• Bundesdruckerei GmbH
• Fikua 
• MATTR 
• Open Wallet Foundation (Android “Multipaz”)
• Lissi GmbH
• Meeco
• MyMahi Wallet
• OpenID Foundation (open source tests)

A big thanks to all of our interop participation teams!

Why This Demonstration Mattered

Over the past 18 months, digital credentials have moved from promising prototypes to production pilots in finance, healthcare, transportation, and government services. In the California DMV and OIDF hackathons in October and November 2024, we saw a wide range of use cases demonstrated, and in Europe, we have seen 11 key use cases progressed as part of the European Digital Identity Wallet’s Large Scale Pilots. Earlier this year we conducted a  May 5th Interop event for OpenID for Verifiable Presentation, with pairwise and multi-wallet tests conducted in partnership with the NIST NCCoE Mobile Driver’s License (mDL) project.   In other recent declarations, the UK.Gov, the Swiss Confederation, and Japan Digital Agency selection the OpenID for Verifiable Credentials in their digital identity projects. Other jurisdictions are poised to follow suit and adopt a similar reference architecture centered on the use of OpenID4VP and OpenID4VCI. This interop event on OpenID4VCI served as the vital pressing testing of interoperability enabled by the specifications. By meeting the specification and interoperability targets, the specs are on track to scale in line with the European Digital Identity Wallet and other jurisdictions in the months ahead. To get to this point, there were three key components:

1. Liaisons and Partnerships: The Foundation has long-term liaisons and partnerships with peer standards bodies such as W3C, ISO, IETF, and ETSI. These liaisons and ongoing technical conversations have underpinned the development of interoperable standards demonstrated on July 16th, alongside the large number of leading-edge implementers ready to prove out the specifications together. The results of this interoperability event will be shared via a liaison statement with  ISO/IEC 18013-7 WG10 to inform this Work Group’s due diligence on online presentation specifications, and W3C’s work on the Digital Credentials API and ETSIs work on TS 119 472TS 119 472  which relate to the EUDIW.
2. Conformance Testing: OIDF developed open-source tests aligned to the specifications for use before and during the interop event. The implementers could prove their implementations against the tests before testing against their peers and provide critical feedback on the tests for the benefit of future implementers. Once the specs and open-source tests are finalized, implementers will be able to self-certify their implementations. Self-certification and other conformance requirements are often vital components of ecosystem governance to ensure all participants in an ecosystem have met the same high bar for security and interoperability.  
3. Remote Interop for Global Participation: Finally, this event was hosted in a remote format, with implementers located in several European countries, New Zealand, San Francisco, and beyond. Even for some implementers not taking part in the live interop event, teams were able to connect across time zones over the following week to triage issues and close gaps.

Implementer Feedback 

The feedback from the implementers on the benefits of the July 16th interop is positive and encouraging that we are at an inflection point:  

Oliver Terbu from MATTR stated:

"We're proud to have contributed to OpenID4VCI Interop #3 and see the protocol maturing towards real-world deployments. OpenID4VCI's focus on simplicity and interoperability across diverse ecosystems makes it a cornerstone for scalable and interoperable digital credential issuance."

Stefan Charsley of MyMahi stated: 

“MyMahi worked with a variety of issuer teams to test interoperability for the MyMahi Wallet, demonstrating OpenID's OpenID4VCI standardization efforts have been applied practically to achieve interoperability at both regional and global levels. We look forward to working with more teams utilizing OpenID standards.” 

Jan Vereecken, of Meeco said: 

“For Meeco, the interop was a valuable opportunity to test our implementation alongside other participants. It validated the work we’ve done to stay aligned with the evolving OpenID4VCI standard and reinforced our commitment to advancing secure and interoperable digital credential infrastructure. I think events like this are essential to move the whole ecosystem forward. We’re proud to be contributing to that momentum as the DCP WG is finalising the 1.0 version of this specification and practical implementor feedback is crucial to the whole process.”

Micha Kraus of Bundesdruckerei GmbH, a German federal technology company, that prints German passports, identity cards and credentials and protects identities and data with solutions “made in Germany, stated:

“This Interop event was an important step toward standardized, harmonized solutions in the ID Wallet domain. As active promoters of standardization, we are proud of the progress in collaboration with our international partners. Our goal is to shape secure, privacy- and user-friendly solutions that users will be happy to adopt in the future. The experience we have gained at the Bundesdruckerei in this project is widening our broad expertise in this field and can be applied to the implementation of the German national EUDIW.”

Oriol Canadés from Fikua stated:

“Participating in the OpenID4VCI Interop #2 and #3 was a valuable milestone for Fikua. It allowed us to validate our Issuer implementations across diverse client authentication mechanisms and credential formats. This kind of hands-on collaboration is key to maturing the standard and ensuring real-world readiness. We're proud to contribute to an ecosystem that prioritizes interoperability, security, and user-centric design.”

Voices from the DCP WG and Foundation Leadership 

Torsten Lodderstedt, the specification editor and co-chair of the Digital Credentials Protocol Working Group, expressed gratitude for the live feedback from implementers:

“Validating these features in real-world scenarios is crucial as we head toward final publication,” he said, inviting new contributors to help the working group evolve the specification beyond its first edition.

Gail Hodges, Executive Director of the OpenID Foundation said:

“This interop event proved that verifiable credential issuance using OpenID for Verifiable Credential Issuance works across platforms, across devices, and for different credential types. The participants, WG members and cochairs are confident that the underlying specification and test suite are on a solid trajectory to achieve recognition as a Final specification and to support implementers in the months ahead. The timing could not be better as over 30 jurisdictions have selected and are deploying OpenID4VCI to support their digital identity credential issuance to digital identity wallets.”  

Next Steps Toward Global Adoption

The OpenID4VP specifications are on track for final publication mid September 2025, and are currently in the 60 day public review period until August 28, 2025, with the voting to be held August 29th to Friday, September 12, 2025. 

OpenID Foundation’s open source tests are already available for free and open use on OIDF servers or on an implementer’s own server:  

• How to run conformance tests for OpenID for Verifiable Presentations
• How to run conformance tests for OpenID for Verifiable Credential Issuance

In the weeks ahead, the OpenID4VCI tests will have mdoc credential types added, and other negative and positive tests will be added for completeness. They currently cover the core components required for interoperability and security such as OpenID4VP and OpenID4VCI with DC API, HAIP, for SD-JWT and mdoc, and a range of DCQL queries. By the end of September, the OpenID Foundation intends to open up self-certification for OpenID4VP and OpenID4VCI. Similar to OpenID Connect and FAPI 1.0 and FAPI 2.0, implementers will have the option (but not the obligation) to submit the results of their implementations against the test suite, and the OIDF will review those results and publish them online for a modest fee.  The OpenID foundation is also working closely with ecosystem partners to ensure their certification and conformance programs benefit from the OIDF tests and, as appropriate, partner on development and delivery of their ecosystem’s conformance program. 

In parallel, collaboration with OIDF’s peer standards bodies will continue, such as with W3C, ISO/IEC, ETSI, FIDO, EMVCo and others. In addition, support for key projects will also continue as the  NIST NCCoE Mobile Driving License (mDL) project transitions from “opening a bank account” to the government services use cases, and transit in Japan moves through the pilot process.  

“This OpenID4VCI interoperability demonstration is a pivotal milestone in a long journey to finalize these critical wallet specifications,” Gail concluded. “Thank you to every implementer, observer and standards body partner for this interop project a success. Together, we are building a truly global digital identity ecosystem, one that empowers users, protects privacy and delivers real-world value.”

About the OpenID Foundation

The OpenID Foundation (OIDF) is a global open standards body committed to helping people assert their identity wherever they choose. Founded in 2007, we are a community of technical experts leading the creation of open identity standards that are secure, interoperable, and privacy preserving. The Foundation’s OpenID Connect standard is now used by billions of people across millions of applications. In the last five years, FAPI has become the standard of choice for Open Banking and Open Data implementations, allowing people to access and share data across entities. Today, the OpenID Foundation’s standards are the connective tissue to enable people to assert their identity and access their data at scale, the scale of the internet, enabling ‘networks of networks’ to interoperate globally. Individuals, companies, governments and non-profits are encouraged to join or participate. Find out more at openid.net.