A case study of the MEUSec method to enhance user experience and information security of digital identity wallets

Abstract

Digital identity wallets enable the storage and management of digital identities and verifiable credentials in one place on end users' devices. This includes discount vouchers or customer cards, and security-critical data such as ID cards or driving licences. However, digital identity wallets face significant challenges due to weaknesses in user experience and information security. Users often find it difficult to understand the concept of digital identity wallets, resulting in personal information being inadvertently shared with untrusted parties. Additionally, user experience and information security can influence each other, so that both aspects must be evaluated and improved together. To this end, the Method for Enhancing User Experience and Information Security (MEUSec) can be used. This article reports on an experimental application of the MEUSec method to the wallet "Hidy"with two research goals: First, to evaluate the MEUSec method and the quality of its results against a set of criteria, and second, to collect suggestions for improving the user experience and information security of the Hidy wallet. In total, 41 weaknesses and 7 strengths of user experience and information security, 32 heuristics and 26 improvement suggestions for the Hidy wallet could be identified.