I had an interesting (!) disagreement on reddit about the utility of googles wallet and its ISO conformance, which is being disregarded by Queensland Government developing its own standalone digital drivers licence app.
I think the reasoning was specious. Google may get some flak but the basic coding around things like the keystore, secure regions, secured storage, partial record release, API, and their "we need to understand you, to agree to let you use this" is not actually too bad.
I wouldn't be surprised if both Apple and Google are in fact "best of breed" for secure credentials management. I don't know they are, I just doubt its axiomatic they aren't.
I think the reasoning was specious. Google may get some flak but the basic coding around things like the keystore, secure regions, secured storage, partial record release, API, and their "we need to understand you, to agree to let you use this" is not actually too bad.
I wouldn't be surprised if both Apple and Google are in fact "best of breed" for secure credentials management. I don't know they are, I just doubt its axiomatic they aren't.