To set up a mobile identity document credential profile:

1. From the Configuration category, select Credential Profiles.

   You can also launch this workflow from the Credential Configuration section of the More category in the MyID Operator Client. See the Using Credential Configuration workflows section in the MyID Operator Client guide for details.

2. Click New.

3. Type a Name and optional Description for the credential profile.

4. In Card Encoding, select Mobile Identity Document.

   

5. Click the Issuance Settings section.

   The issuance settings you can use for mobile identity documents is restricted. You can use the following:

   • Validate Issuance

   • Validate Cancellation

   • Lifetime

   • Credential Group

   • Exclusive Group

   • Block Multiple Requests for Credential Group

   • Cancel Previously Issued Device

   • Enforce Photo at Issuance

   • Notification Scheme – select one of the following:

     • Default – MyID sends the collection URL as an email, the authentication code as a separate email, and the authentication code as an SMS.

     • None – MyID does not send any notifications. You must use the Request Mobile (View Auth Code) option in the MyID Operator Client to display the collection URL and authentication code on screen.

     • Mobile Only – Auth Code Via Email – MyID sends the collection URL as an email, and the authentication code as a separate email.

     • Mobile Only – Auth Code Via SMS – MyID sends the collection URL as an email, and the authentication code as an SMS.

     Note: Notification schemes are relevant only for mobile devices requested through the MyID Operator Client or the MyID Core API. They do not affect the notifications sent when you request mobile devices through MyID Desktop or the Credential Web Service API.

     See section 3.4.1, Configuring SMS and email notifications for the MyID Operator Client.

     The complexity of the authentication codes is determined by the Certificate Recovery Password Complexity configuration option (on the Certificates page of the Operation Settings workflow). See section 3.2.2, Setting the authentication code complexity for details.

   • Require user data to be approved

   • Generate Code on Request

   See the Issuance Settings section of the Administration Guide for details of these options.

   Note: The Mail Documents section is available in the credential profile, but is not currently supported for mobile identity documents.

6. Click the Device Profiles section.

   You must select a Document Format that defines the content of the mobile identity document.

   

   This release provides the following document format file:

   • Partial-ISO-18013-5.xml – a partial implementation of the ISO-18013-5 standard, and allows you to use a third-party verifier app to carry out verification on a mobile identity document provisioned to the MyID Wallet app.

   For information on customizing the document format or adding your own document format, contact Intercede customer support quoting reference SUP-381.

7. Click the Requisite User Data section.

   This section contains a list of user attributes that must be present for this credential profile to be issued.

   See the Requisite User Data section of the Administration Guide for details.

8. Click Next.

9. On the Select Roles screen, select the roles you want to be able to issue and receive mobile identity documents using this credential profile.

   • The Can Receive option determines which roles can receive mobile identity documents issued using this credential profile.

   • The Can Request option determines which roles can request mobile identity documents using this credential profile; for example, using Request ID for operator requests or Request My ID for self-service requests.

   • The Can Validate option determines which roles can validate requests for mobile identity documents using this credential profile using the Validate Request workflow.

   • The Can Collect option determines which roles can collect mobile identity documents using this credential profile; any user who is to receive a mobile identity document must have both the Can Receive and the Can Collect options.

   Note: Not all options may be available, depending on your system configuration. See the Working with credential profiles section in the Administration Guide for details.

   Note: Any role you want to receive mobile identity documents must have the Issue Device option selected in the Cards category within the Edit Roles workflow.

10. Click Next.

11. Select the card layouts you want to make available to the mobile device.

    Badges based on these layouts will be transferred to the mobile device as part of the mobile identity document. When you select a card layout, its associated reverse layout (the _back layout, if preset) will also be available on the mobile device.

    Note: If you include card layouts, there must be a default layout; also, you must ensure that there is no more than one associated reverse layout. Otherwise, an error similar to the following occurs:

    PS81: "Layout selection invalid. Either no default front layout, or multiple back layouts present"

    You can include user photographs, organization logos, text information from the person's user account in MyID, and barcodes (both 1D and 2D) on these card layouts. For information on using the Card Layout Editor to design layouts to use in your mobile identity documents, see the Designing card layouts section in the Administration Guide for details.

12. Click Next.
13. Type your Comments and click Next to complete the workflow.