Digital Credentials
explained
Discover the Power of Digital Credentials:
Assurance, Efficiency, Privacy
Digital credential solutions establish trust between parties: individuals, authorities, businesses, systems, devices, and AI-agents.
Digital credentials enable them to automatically verify the authenticity of data and documents and confidently exchange them and work together more effectively.
In essence, Digital Credentials are digitally signed data files that can be automatically processed and verified for provenance, integrity, and authorization.
How do Verifiable Credentials work
Verifiable Credentials allow individuals and organizations to share only the necessary information while maintaining control over their personal data.
1. The Holder — the person, organization, or subject — requests certain data that prove something about them, like f.i. a drivers license, address or permit, from some authority, like the DMV or local municipality.
2. The Issuer — the authority, authentic source, or other data-producer — issues this data as a Verifiable Credential and offers this to the Holder, who stores it in their personal credential wallet.
3. At a later time, another party, the Verifier — like an authority, company, or other data-processor — can request proof or certain data from the Holder. In our example f.i. that they have a permit to hold a street-fair.
4. The Holder shares the proof or data as a Verifiable Presentation with the requesting party, who can immediately verify that the data is authentic, valid and has not been tampered with.
5. The Verifier can query a Trust Registry to check the authenticity and authorization of the Issuer: are they indeed the party they claim to be and are they authorized to issue the data that was shared.
Some Basic Terms and Concepts:
- Credential
A piece of information that shows someone’s qualification, achievement, or attribute. It can be anything from a driver’s license or diploma to a salary statement or event-ticket. - Subject
The entity that the information is about: an individual, organization, device, system, or even an AI-Agent. - Verifiable Credential
A Verifiable Credential is a cryptographically protected data object with claims about a subject, issued and signed by a single issuer. The signature enables an audit trail and puts responsibility for the statement on the signer. - Verifiable Presentation
Recipients can request information from a holder of that information through a so-called Presentation Request. Selected fields from different credentials can be combined into one package, the Verifiable Presentation.
Recipients can now cryptographically verify integrity the shared data and issuer identity. - Status & Revocation
The issuer can mark a credential as no longer valid, temporarily (suspended) or permanently (revoked).
Recipients check this status during verification in a privacy-preserving way that doesn’t reveal who holds the credential, just if it is valid or not. - Trust Registry
A trust registry (or federation trust chain) lets recipients look up and verify whether the signer is recognized and authorized for the type of credential they issued. - Credential Wallet
A Credential Wallet is an application that enable a user or organization to receive, manage, and share Digital Credentials. Typically a mobile app or a web application. - Privacy Preserving
Verifiable Credentials are privacy preserving. The holder of a verifiable credential has complete control over it and can decide whether to share it with others or not. - Selective Disclosure
Some Verifiable Credential formats support Selective Disclosure which enables the holder to share and prove specific qualifications or attributes without revealing any unnecessary personal information.
Organizational credentials
Organizations have lots of credentials that they have to share regularly with other parties:
- Purchase Orders and Invoices
- Chamber of Commerce certificate
- Ultimate Beneficial Owner (UBO) attestations
- Export and supply chain data and documents
- Digital Product Passports
- Tax or VAT code and compliance with tax obligations
- Accountant statements
- Bank account information
- Certifications, permits and licenses
- Legal Entity Identifier and DUNS numbers
- etc
Examples of personal data credentials
People have lots of credentials that they have to share regularly with other parties:
- Identities
- Drivers license
- Professional certifications and licenses
- College and university degrees
- Academic transcripts
- Employment records
- Employer’s declarations
- Permits and licenses
- Medical records and prescriptions
- Credit reports
- Insurance policies
- Property deeds
- Financial statements
- Travel and immigration documents
- Background checks
- Drug test results
- Security clearances and access rights
- Event tickets
- etc.
Download the Sphereon Wallet for free and try it yourself:
Sphereon Wallet Demo 🔗
More information
If you want to know more about this technology, there are a growing amount of sources:
- W3C Verifiable Credential specification
- W3C Verifiable Credentials Working Group
- EU EBSI Verifiable Credentials Explained
- UNECE White Paper on eDATA Verifiable Credentials for Cross Border Trade
- John Savill’s Technical Training ‘Understanding and Using Verifiable Credentials’
Awesome detailed technical deep-dive. 1h32m, but then you know more than most.
or just contact us!