Verifiable Credentials
explained
A Credential is a qualification, achievement, quality, or piece of information about something or someone, like an identity, driver license, address, salary statement, ticket, permit, or diploma.
A Verifiable Credential is a tamper-evident data-object that contains a specific Claim and that is cryptographically secure, privacy respecting, and machine-verifiable.
That claim in a credential can be about something or someone. Anything really: a person, an organization, a device, basically any entity or object.
The trust is derived from the fact that the Verifiable Credential is signed by one or multiple parties (Issuers) that you are willing to trust and can independently verify.
The owner of the credential (Holder) has full control over it: they can decide whether to share the credential with another parties (Verifiers). Or not.
- The subject — the person or organization — requests certain data that proofs something about them, like f.i. a drivers license or permit, from some authority, like the DMV or local municipality.
- That authority issues this data as a Verifiable Credential and offers this to the subject, a.k.a. the Holder, who stores it in their personal credential wallet.
- At a later time, another party, like an official, request proof from the subject. In our example f.i. that they have a permit to hold a street-fair.
- The subject shares the proof as a Verifiable Presentation with the official who can immediately verify that the permit is authentic, valid and has not been tampered with.
Examples of personal data credentials
- Identities
- Drivers license
- Professional certifications and licenses
- College and university degrees
- Academic transcripts
- Employment records
- Employer’s declarations
- Permits and licenses
- Medical records and prescriptions
- Credit reports
- Insurance policies
- Property deeds
- Financial statements
- Travel and immigration documents
- Background checks
- Drug test results
- Security clearances and access rights
- etc.
Organizational credentials
Organizations also have lots of credentials that they have to share regularly with other parties:
- Chamber of Commerce certificate
- Ultimate Beneficial Owner (UBO)
- Tax or VAT code
- Compliance with tax obligations
- Accountant statements
- Bank account information
- Certifications
- Permits and licenses
- Legal Entity Identifier
- DUNS number
- etc
More information
If you want to know more about this technology, there are a growing amount of sources:
- W3C Verifiable Credential specification
- W3C Verifiable Credentials Working Group
- EU EBSI Verifiable Credentials Explained
- UNECE White Paper on eDATA Verifiable Credentials for Cross Border Trade
- John Savill’s Technical Training ‘Understanding and Using Verifiable Credentials’
Awesome detailed technical deep-dive. 1h32m, but then you know more than most.
or just contact us!