User authentication framework

Techniques related to authenticating a user using a mobile device are disclosed. In some implementations, a computing device stores a first signed validation indicating an ability of the computing device to securely perform user authentication. The computing device receives a request to store credential information for an identity recognition document issued by an issuer to a user for establishing an identity of the user. In response to the request, the computing device sends a request to the issuer to store the credential information, the sent request including the first signed validation to indicate an ability to perform user authentication prior to allowing access to the credential information. In response to approval of the sent request based on the first signed validation, the computing device stores the credential information in a secure element of the computing device. 本发明公开了涉及使用移动设备认证用户的技术。在一些实施方案中，计算设备存储指示该计算设备安全执行用户认证的能力的第一已签名证实。该计算设备接收存储由签发机关签发给用户的用于建立该用户的身份的身份识别文档的凭证信息的请求。响应于该请求，该计算设备向该签发机关发送存储该凭证