Starting in Chrome 151, Chrome will begin deprecating support for unspecified presentation and issuance protocols in the **Digital Credentials API**, with final removal scheduled for Chrome 160. The Digital Credentials API was originally designed to be an opaque pipeline for arbitrary exchange protocols. In November 2025, the [FedID WG resolved](https://github.com/w3c-fedid/digital-credentials/issues/396) to change this so that the spec normatively referenced only a specific set of exchange protocols. The removal of support for arbitrary, opaque pipelines ensures that only verified protocols are used, enabling a more robust privacy and security threat model for identity verification. This change aligns Chromium with updated industry specifications that normatively reference only a specific set of exchange protocols.
When arbitrary protocols were supported in the spec it made security and privacy analyses less precise since there was more ambiguity about how the API could be used in practice. In order to get more broad browser industry alignment on the privacy and security properties of the API, the specification was changed to normatively reference specific exchange protocols (which themselves have privacy and security threat models associated with them). Chromium is updating to reflect this specification change because of the reduction in potential for confusion and compatibility issues by matching other browser engines, and because (contrary to original expectations) this extra flexibility was not actually being used by anyone in production.
Explainers: https://github.com/w3c-fedid/digital-credentials/issues/396