.svg)
.svg)
When we lose our wallets, we usually know what to do: keep calm and block all debit and credit cards. However, the smartphone also serves as a digital wallet purse and contains important documents worth protecting. What should users do if their mobile phone is lost, stolen, or breaks down? Dr. Paul Muntean at Swisscom Trust Services reveals what steps users should take and how to recover a digital wallet.
The loss of a wallet is always annoying: If a lost wallet does not reappear, the laborious process of going to the authorities, banks, health insurance companies, and universities to reapply for all cards and IDs follows. This costs an enormous amount of time and energy.
However, approaches and concepts are currently being developed to digitize identification and to have necessary (ID) documents, such as the ID card, available on the smartphone via the ID Wallet app of the federal government. In the future, the smartphone will become increasingly crucial for proving our identity. With the help of a so-called Self-Sovereign Identity (SSI) - or self-determined identity - users can deposit their digital proof of identity in a wallet and use it online via PC or smartphone and thus access various digital services and providers. As a rule, information in such a wallet is even more secure than in a physical wallet, as it cannot be accessed without the appropriate key.
But what should users do if they lose their smartphones? Fortunately, in contrast to the physical wallet, users can restore the wallet entirely on their own with the following preliminary measures and thus save themselves the trouble of going to the authorities.
Set up an automated encrypted backup.
Some digital wallets have a built-in function to create encrypted backups automatically. During the initial set-up, users receive a so-called recovery key, which they need to decrypt the backup. The wallet software (agent) then automatically and continuously generates a copy of the wallet and its contents. Users can decide where to store the data: A cloud storage service, such as Google Drive or Dropbox, or an encrypted backup service provided directly by the wallet provider. The backup is then restored with the self-created recovery key - as if the wallet had never been lost.
Wallet recovery: the choice of key storage
Unlike the example of the lost wallet, digitally encrypted wallets - including their backup copies - do not have an emergency number to call if users misplace their password. If the recovery key for the wallet backup is lost, there is no other way to access the wallet's contents.
Therefore, users must store the recovery key to always find it again in an emergency. Furthermore, the storage location of the key should be protected from external influences such as destruction, weathering, or theft. There are three types of storage and recovery:
Offline recovery
Storing the recovery key in an "offline location" initially seems obvious. This can be done, for example, in the form of a file on a USB stick or as a printed QR code in a physical folder. However, this entails some difficulties: it must be a secure depository that only the user - and any trusted persons - know about and to which they still have access years or even decades later. In addition, the user must ensure that the recovery key remains "ready for use" for a long time - in other words, USB sticks can suffer a hardware defect after a certain period. Printouts or transcripts fade over time or may end up in the trash, crumpled, torn, or burnt. Some users punch their recovery key into the fireproof metal to get around this.
Social Recovery
For this form of storage, the user names one or more trusted persons or institutions (trustees). The agent divides the recovery key into several fragments; the selected trustees receive an encrypted puzzle piece. In recovery, several elements must be combined to carry out the process (for example, two out of three). The advantages: The exchange can be done online without depending on offline or analog repositories. Similarly, trustees can be exchanged when needed. However, in doing so, the owner gives up part of the control. Trustees must be available to hand over their fragments even after a long time.
Multi-device recovery
This more straightforward form of recovery works similarly to social recovery, except it does not require many trustees to assemble individual key fragments. The essential requirement is to install the digital wallet on multiple devices. Each device then receives a part of the recovery key. If one of the devices is lost or no longer functions, the fragments of the others are shared with a new device.
Conclusion
In principle, a digital wallet can simplify the management of important documents, especially from the point of view that, unlike a wallet, it is possible to prepare for loss actively. However, some precautions must also be taken here so that users can act quickly in the event of failure. At the same time, however, the user is more independent of authorities and institutions that issue documents and can take all precautions independently.
