Latest articles

At IdentityPlane, we don't treat AI as a futuristic replacement for developers; we use it as a powerful co-pilot to write high-quality, cloud-native security software faster. Our focus is simple: leverage AI to improve our code quality and enjoy the speed benefits that come with it.

A technical walkthrough on Swiss E-ID credential issuance. This guide details setting up the swiyu-issuer service, issuing a custom VC via OID4VCI, and testing a verifier security flaw by spoofing a betaid-sdjwt credential.

In this post we explore how the verification process of the Swiss E-ID works with the swiyu wallet and break down the OID4VP (OpenID) request codes used to check credentials. Step-by-step we go through the steps for developers to build their own local proof-of-concept (PoC) verifier using Docker, including how to register a DID in the SWIYU system. Finally, we analyze the communication flow and discuss a potential security weakness found during testing.