Credential Verification Guide Using Dock Certs and Dock Wallet
This step by step guide will show you how to create and send a verification request to a user.
In the verification process, there are three main parties:
1) Issuer: Party that creates and issues a Verifiable Credential to a holder (individual or organization)
2) Holder: Person or organization that holds the credential (e.g. degree, professional certificate, or identity document)
3) Verifier: Party that checks that the credential is valid and authentic
This guide will outline the steps: for the issuer, holder, and verifier to:
1) Check a credential sent on the web
2) Wallet-to-wallet verification in person
To outline these steps, we’ll use an example where Ash Seto wants to apply for a job with a tech company that is looking for a designer. The job requires a bachelor’s degree in design.
The parties involved:
a) Issuer: Successo University
b) Holder: Ash Seto
c) Verifier: Tech company
1. Steps for the Verifier
Note: Verification request templates can only be created in Dock Certs, not the wallet. These templates can be important into the wallet from Dock Certs for wallet-to-wallet verification.
1. Click on Verification in the left menu and select Create verification template
2. First type in the template title and template purpose, which the holder will be able to see.
3. On the template, the verifier can choose which credential details the holder is required to send in order for the credential to be accepted such as name, degree, certificate license number and so on. The verifier can choose credential filters such as only accepting credentials issued by a specific DID and/or with a credential name. If the holder sends invalid information, the credential won’t be accepted.
Each attribute will show a description with more detail about the information that can be requested.
- Credential ID: The ID of the issued credential
- Credential Name: The name/title of the credential
- Issue Date: Date the credential was issued
- Expiry Date: Date the credential is due to expire on
- Subject ID: A unique identifier of the recipient. Example: DID, Email Address, National ID Number, Employee ID, Student ID etc.
- Subject Name: Typically the name of the credential holder
- Subject Email: If known, the email of the credential holder
- Issuer Name: Name of the party that issued the credential such as a driver’s licensing organization, university, training provider, and so on
- Issuer ID: A unique identifier of a credential issuer, typically a DID
- Credential Title: Title of the credential
- Degree Name: The full degree name and field
- Degree Type: The type of degree earned
- Earned Degree Date: The date that the degree was earned
- Date of Birth: The person’s date of birth
4. The tech company sends the verification request to shortlisted job applicants that asks them to verify their name, email, and university degree.
To do this, they select these options in the following fields:
- Requested Attributes: Subject Name, Subject Email
- Credential Name Must Equal: design
Then select Create on the top right.
5. Go to your template and click Request, which will generate a QR code. Every time a new request is made, it generates a new QR code.
6. Send the recipient (credential holder) the QR code or copy the URL. Each QR Code can only be scanned once. If the holder tries to scan the credential request a second time, it will fail because the credential request was already used.
7. This is what the credential request URL looks like on a browser:
2. Next Steps for the Holder
8. Select the credential(s) that contain the information the verifier is requesting.
In this case, Ash’s university degree and driver’s license credentials have his name, personal email, and degree name. So he selects these two credentials.
In the next step, he will then only choose the requested information within these credentials rather than the whole credential to share with the tech company.
Selecting specific attributes inside a credential is only possible if the credentials were issued using the Use Dock BBS+ option. This innovative cryptographic signature enables privacy enhancing features such as Selective Disclosure and, coming soon, Zero-Knowledge Proofs. Zero-Knowledge Proofs is a way for someone to prove something, without actually revealing what that information is, such as proving to a verifier that you are over 18 years old without telling them the exact date of birth.
This is what the issuer selects when issuing a credential with BBS+:
9. The holder chooses which details on the credentials to share with the verifier. Ash selects his degree name and full name from the Successo University credential.
Ash scrolls down to his driver’s license credential to choose his personal email address to send to the verifier. Once he has chosen all of the information, he selects Continue.
10. The holder would choose the identity to present. Ash chooses the DID he created called Tech job applications and selects Next.
11. Credentials are valid and the verification is successful, this is what the holder will see.
If the credentials are not valid, the verification will fail and this is what the holder will see:
12. To see a log of all your verification requests, go to Verification>History
13. When the credentials are valid it will show up as “Verified” under Status. The verifier won’t get a notification if the credential is invalid because Dock’s tools won’t let the holder submit invalid credentials.
3. Wallet-to-Wallet Verification
For this process, we’ll use an example of Fate Home Construction needing to hire many construction workers quickly. But to ensure safety, they want to ensure all workers have Work at Height training and they only accept training certificates issued by ABC Training.
Fate Home Construction speeds up their hiring process by verifying training credentials with Dock Certs’ verification tool. They set up some dates for workers to come to their office to apply in person and as a first step in the screening process, applicants scan Fate Home Construction’s QR code to verify their Work at Height training certificate.
1) Issuer: ABC Training
2) Holder: Riku Atsuko
3) Verifier: Fate Home Construction
1. Fate Home Construction uses Dock Certs to create a Verification request template to verify if job applicants have Work at Height training issued by ABC Training as a first step in the application process.
2. Riku arrives at the company’s office and a staff member shows the verification request QR code, in his/her Dock Wallet app, for Riku to scan by selecting Share.
A Fate Home Construction staff member shows the QR code for Riku to scan:
3. Riku scans this QR code with his Dock Wallet, gets a presentation request message, selects his credential, and selects Accept.
4. Riku selects his Work at Height credential and selects Next.
5. Riku selects the Work at Height Training certificate number to show the construction company staff and selects Continue.
6. Riku choses a DID he created that he uses just for job applications (called Construction Job Applications) and selects Continue.
7. If the credential is valid, it would say Verification Successful for the holder. This is what Riku would see.
8. This is what the verifier sees on their wallet if the credential is valid:
The verifier will not receive any credential if the verification is not valid. If the credential is not valid, the holder would see this Verification Failed message:
9. With a successful verification, in Dock Certs, the verifier will see the Verified status in History.