Sphereon VDX Verifiable Data Exchange
Sphereon VDX, our Verifiable Data Exchange platform, enables you to quickly deploy solutions to share data.
- Securely: data and documents are digitally signed by the issuer.
- Privacy-preserving: data is held and controlled by the owner.
- Thrustworthy: data is automatically validated by the recipient.
- Interoperable: based on W3C and ISO open standards.
Sphereon VDX, the Verifiable Data Exchange platform
Based on open W3C standards and specifications for Decentralized Identifiers (DID) and Verifiable Credentials (VC), our data exchange solutions are globally interoperable and connect seamlessly with existing IAM and Business Applications using common OpenID Connect integrations, trustless self-issued OpenID Connect (SIOP), OpenID Connect for Verifiable Credential Issuance (OIDC4VCI), and OpenID Connect for Verifiable Presentations (OIDC4VP).
- Quickly build and deploy solutions to share data and documents.
- Guarantee that everything you share remains authentic. By digitally signing data and documents at the source.
- Verify the authenticity of data and documents you receive.
- Ingest and process them automatically into your backend systems.
- Provide independent verification to others, with no need to provide access to your systems.
- Protect the privacy of the subjects of the data: the people or organizations the data or documents are about:
- By giving them the control over sharing them with others. Or not.
- By allowing them to selectively share data with others.
The Sphereon VDX platform enables you to quickly deploy solutions to share data and documents in public administration, healthcare, finance, services, mobility, education and other industries.
Technical specifications:
- Available as SaaS, self-hosted, or combination
- Multi-tenant with authorization levels at group/department/user level
- Key management at group and user level, with key usage bound to users/groups
Signing
- Supports signing and verification of Verifiable Credentials
- Simple X.509 signing (local, non-HSM)
- Non-Cades/Jades signatures
- Ed25519Signature2018
- EcdsaSecp256k1Signature2019
- EcdsaSecp256k1RecoverySignature2020
- JsonWebSignature2020
- RsaSignature2018
- BBS+ BbsBlsSignature2020
- eIDAS-bridge for eIDAS-compliant QTSP (DigiCert) for AES and QES signatures
- Next to signing Verifiable Credential, VDX supports
- Generic signing of any digital file or object
- Signing of PDF using Adobe AATL certificates (blue bar)
Hardware security
- Support for Hardware Security Modules (HSM)
- Cloud-based, e.g. Microsoft Azure KeyVault, DigiCert
- HSM FIPS 140-2 Level 2 or 3, Common Criteria CP5
Integration
- Passwordless logins
- Gaia-X portals
- SSI wallet with support for OID4VC
- Craft CMS
- DIF VC-JWT Interop profile
- The Dutch Decentralized Identity Profile (DDIP)
- OpenID Connect integration for authentication federation to existing systems
- Keycloak
- SURF Research Access Management (SRAM)
- DIF Presentation Exchange integration, bridging existing IT-systems with SSI-wallets
- OpenID Connect for Verifiable Credential Issuance (OIDC4VCI)
- OpenID Connect for Verifiable Presentations (OIDC4VP)
- Support for SIOPv2 and DIDcomm
- Microsoft Entra (Azure Active Directory)
Other
- Event streaming
- Audit trial
- Scalability/failover features