OAuth 2.0 is the industry-standard open-source protocol for authorization that makes it easier for people to access applications and APIs without needing to share login details. A protocol is a set of rules that determine how data is transmitted between devices. OAuth 2.0 ensures the security of user data by acting as an intermediary between two parties for the safe exchange of information.
To use an analogy, OAuth 2.0 is like a digital bouncer at a club. When you want to use an app or a website, it asks this bouncer if you're allowed in. Instead of giving out your password to everyone, OAuth 2.0 lets the app ask the bouncer for permission. If the bouncer says it's okay, you get in without sharing your secrets.
Dock’s Web3 ID, a passwordless login and authentication system that verifies user data while preserving their privacy, is OAuth 2.0 compliant.
The process of anchoring is used when an issuer wants to prove the existence of a verifiable credential while keeping the content private.
Anchoring works by converting the credential data into a cryptographic hash, which is a string of numbers and letters that is not understandable by a human so no private details on the document can be shared. The hash is like a digital stamp that is recorded on the blockchain that can’t be changed or removed.
What someone needs to prove that the digital document is real, the document itself isn’t shared. Instead the “digital stamp” on the blockchain is checked and the verifier can trust that the document is real without ever seeing the private information on it.
A blockchain is a tamper-resistant digital ledger (a digital record book) that records transactions. Unlike a traditional ledger that’s maintained by a central authority, a blockchain is distributed across a network of computers. Everyone can see what's written, and once something goes in, it can't be easily altered or deleted, making it very safe. People can exchange things directly with each other without a middleman like a bank.
This decentralization makes blockchains highly secure because it would be very difficult for someone to hack into the system and change the record. Because blockchains create a permanent, unchangeable and auditable record of every transaction, they can reduce fraud. Since every detail is stored across many computers in a network, and everyone can see these details, it's extremely difficult for someone to alter any information without detection. This transparency and security make it much harder for fraudulent activities to go unnoticed or unverified.
How Blockchain Works
Each transaction is verified by the network of computers that make up the blockchain and once it is verified, it is added to the chain as a block. The block is then time stamped and linked to the previous block, creating a permanent record of all the transactions that have ever taken place. This makes it incredibly difficult for anyone to tamper with the data as they would need to change the entire chain in order to do so.
How a Blockchain Is Used In Decentralized Identity Management
With Dock’s platform, no verifiable credential or personally identifiable information is ever stored on the blockchain. Only decentralized identifiers (DIDs) can be stored on the blockchain to authenticate individuals, organizations, products, or devices.
Verifiable credentials are only stored on users devices’ where the information is securely encrypted. The blockchain maintains a registry of DIDs. Compared to centralized identifiers like usernames, emails, and phone numbers, the DIDs are managed by the blockchain.
Benefits of putting DIDs on the blockchain:
- Individuals gain complete control over their digital identities and can choose when and who they want to share their details with
- Provides enhanced privacy and security
- Users don’t need intermediaries to verify or manage their identities
- Public vs. Private Blockchains: Which Is Better?
- Blockchain Identity Management: Complete Guide 2023
- Blockchain Food Traceability: Enhancing Transparency and Safety
- Blockchain and Health Care: BurstIQ Use Cases That Leverage Verifiable Credentials
Centralized Identity Management System
A centralized identity management system is a system where all of a user's digital identities are managed in one place. This can include everything from social media accounts, login credentials, contact information, and financial information.
Main downsides with centralized identity management:
- Creates a single point of failure. If a hacker is able to gain access to the central server, they can potentially gain access to many users’ information.
- Users don’t have much control over their data.
- Users often do not own their data.
- Providers can remove people’s access and delete their accounts anytime.
Cryptography is an area of computer science that focuses on transforming data so that it can’t be accessed by unauthorized users. It is what makes blockchain and verifiable credential technology secure.
Cryptography is a technique used to protect information from being accessed by unauthorized people. It involves transforming readable data into an unreadable format with a process called encryption. Encryption is performed using an algorithm, which is a set of mathematical rules, and a key, which is a piece of information that is used to encrypt and decrypt the data. Only the intended recipient can use their key to decrypt and access the data.
Custodial Digital Wallet
A digital wallet works a lot like your physical wallet but in a secure, electronic form where you can store digital versions of your ID, documents, or assets.
“Custodial” basically means that someone else is responsible for your stuff. For example, think of a safety deposit box in a bank where the bank is responsible for keeping your valuables safe.
A custodial service in the digital world takes responsibility for safeguarding your digital assets. A "custodial digital wallet" is a type of digital wallet where users' private keys are managed by a third-party entity, such as a wallet service. Private keys are like digital keys used to access and manage digital assets like verifiable credentials or digital identity.
Decentralized Identifiers (DIDs)
A decentralized identifier, or DID, is a way to identify yourself online without relying on a central authority, such as a company or government. Instead, you control your own identifier using blockchain technology.
A centralized identifier, like a username, is controlled by a central authority, such as a website or company. For example, your username on Facebook or Twitter is controlled by those companies and is used to identify you on their platform. With a DID, you are in control of your own identifier and can use it across multiple platforms without the need for a central party to verify your identity.
A DID is a globally unique identifier made up of a string of letters and numbers. Here is an example of a Dock DID:
DIDs offer a more secure and private way to manage your online identity by giving you more control over your personal data as you can choose which pieces of information to share and with whom.
People can make as many DIDs as they want for different purposes. For example someone can have:
- DID 1: For online shopping
- DID 2: To manage professional credentials like certificates and a university degree
- DID 3: To log into investment and trading platforms
DIDs can be stored on the blockchain. It’s important to note that with Dock, even though verifiable credentials are associated with DIDs, the credential data is securely encrypted on users’ digital wallets and never stored on the blockchain.
Public-Private Key Pairs
Whenever a DID is created, it comes with a public and private key pair. DIDs can have multiple key pairs. A key is made up of a string of letters and numbers and acts like a code.
Here is an example of an employer DID that comes with a public key and private key.
Benefit of Having Multiple Key Pairs
An organization could have multiple roles such as issuing credentials, authenticating with different applications, engaging in secure communications, or managing credentials. Instead of having one DID to do all of these functions, it’s better to have distinct keys for each role. This way, if one key is compromised or lost, it doesn't affect its other roles. Also, the organization might want separate, more secure keys for tasks like adding or removing keys associated with its DID.
Benefits of Decentralized Identifiers
- Decentralized Identifiers (DIDs): The Ultimate Beginner's Guide
- Dock DIDs Support Multiple Key Pairs
Decentralized Identity Management
Decentralized Identity Management is a system that empowers individuals to have control over their digital identities without relying on a central authority or intermediary. Users create and manage their digital identities through cryptographic techniques, ensuring privacy, security, and user autonomy.
These digital identities can be used for various online activities, such as authentication, accessing services, sharing information, and verifying credentials, all while reducing the need to entrust sensitive personal data to third parties. Decentralized identity management is a fundamental concept in the domain of self-sovereign identity, where individuals have the ultimate say and authority over their own online identities.
Decentralized Finance (DeFi)
Decentralized finance is an umbrella term used to describe a range of financial applications and services that exist outside of the traditional banking system. DeFi networks are powered by smart contracts that facilitate automated transactions without needing any third party intervention.
Some examples of DeFi services:
- Peer-to-peer loans
- Yield farming
- Decentralized exchanges (DEXs)
- Cryptocurrency trading
A digital credential is like a digital version of a paper certificate or ID card you might carry in your wallet. It's an electronic document that proves you have a certain qualification, skill, clearance, or status. Just like a driver's license shows you're allowed to drive, a digital credential might show you completed a course, attended a certain school, or are qualified for a specific job.
But instead of being a piece of paper or plastic, it's a digital file that has special security features, so others can trust that it's real and hasn't been tampered with. You can share it quickly and easily over the internet, but it's protected from being copied or changed.
Encryption is fundamental to internet security and is used in protecting sensitive data, maintaining privacy, and ensuring the integrity of communications between individuals, businesses, and devices.
Encryption is like a complex mathematical way of coding information. When you encrypt a message, you're scrambling it from something understandable into what looks like total gibberish. There's a special key (like a digital code) that unscrambles this message back into something readable, but only the person you're sending it to has this key.
So, even if someone else finds your secret message while it's being delivered, all they see is nonsense. They can't turn it back into the real message without the key. It's like having a treasure chest that can only be opened by one unique key, and only the person you're sending it to has that key.
This is how your private information stays private as it travels across the internet whether you're messaging someone, buying something online, or logging into a website. The information gets scrambled up by encryption, and only the right person with the right key can unscramble it.
Federated Identity Management System (FIMS)
A system that allows organizations to share identity information between different platforms. This can be done through a single sign-on (SSO) process, which allows users to access multiple systems with one set of credentials like when you log into platforms such as signing in with your Facebook or Google account.
While federated identity management can simplify the user experience and improve security, there are also some drawbacks:
- There is an increased risk of data breaches. If one site or application is hacked, the attacker may be able to gain access to all of the systems that are part of the FIMS.
- FIMS can make it difficult to revoke access to specific systems. For example, if an employee leaves an organization, the IT department would need to update the FIMS in order to disable their account.
- It can be difficult to manage because they involve multiple platforms. There are often many different settings and options that need to be configured which can make it difficult for administrators to keep track of everything.
Cryptographic hashes are a key part of ensuring the security and integrity of data in blockchain. You can think of a hash like a digital fingerprint on a block made up of a string of letters and numbers that can’t be understood by a human. Blockchain uses cryptographic hashes to ensure that blocks in the chain haven't been tampered with.
For example, each block in a blockchain contains a hash of the previous block. If someone tries to modify the data in a block, the hash of that block will change. Since each subsequent block contains a hash of the previous block, it would then be easy to tell that the data in the blockchain has been tampered with. Cryptographic hashes are also used to secure digital signatures in blockchain.
In a verifiable credential system, the holder is one of the three main parties that owns the credential and stores it in their digital wallet. Some examples of verifiable credentials that a holder could store in their phone app include a college degree, professional certificates, identity documents, and course completion certificates.
In the system, the issuer (e.g. a university) is the entity that originally provided the credential and the verifier (e.g. employer) is any third party that wants to check the credential for authenticity.
The holder can present the credential to the verifier who can see if the credential was indeed provided by the issuer and has not been tampered with. This type of system provides a convenient way for holders to prove their identity and qualifications without having to carry around physical documents.
Interoperability refers to the ability of different systems, devices, or applications to work together and exchange information efficiently and effectively. In simple terms, it's like when different brands of toys can be played together seamlessly, or when different software programs can share and understand each other's data.
These next examples show how interoperability can simplify and streamline processes related to blockchain and verifiable credentials, allowing diverse systems to "talk" to each other and work together.
Example of interoperability between blockchains to enable cross-chain transactions
Let’s say Alice has cryptocurrency on Blockchain A and Bob has a wallet on Blockchain B. Instead of Alice having to sell her cryptocurrency on Blockchain A, transfer the money to an exchange, buy cryptocurrency on Blockchain B, and then send it to Bob, there are mechanisms or platforms that allow direct transactions between two different blockchains. These mechanisms make different blockchains interoperable, enabling Alice to directly send her funds to Bob even though they're using different blockchain platforms.
Example of credential verification across different systems
Emma completes her Bachelor's degree and instead of just receiving a physical diploma, UT also provides her with a digital version of her degree in the form of a verifiable credential. This digital degree is cryptographically signed by UT, ensuring its authenticity.
When Emma applies for a job at InnovateCorp, she needs to prove her educational qualifications. She uses her digital wallet app to present her digital degree with the company. Even though InnovateCorp uses a different system for HR and recruitment, the digital degree is based on interoperable standards, InnovateCorp's system can understand and process Emma's shared credential.
In a verifiable credential system, an issuer is the party that creates and provides the credential to a holder. A holder can be a person, organization, device, or object. Issuers can be businesses, organizations, or individuals.
Examples of the types of verifiable credentials issuers could provide:
- A school can issue nursing licenses to new graduates
- A health and safety training organization can issue certificates to students who complete their program
- A laboratory can issue a digital certificate detailing the diamond's cut, clarity, carat, and color
- An environmental agency issues a testing certificate for a car that proves the vehicle meets environmental standards
- An inspection organization would issue organic certification for coffee
Metaverse is an immersive 3D world made up of networks of virtual universes. It provides users with a way to interact with each other, play games, shop online, attend virtual conferences, exchange items, and much more. It allows users to create new realities by using artificial intelligence, cryptocurrencies, and virtual reality technology. Think of it as an interconnected group of 3D digital spaces accessed through the internet that allow real-time collaborations between many users at once.
Role of Decentralized Identifiers, Blockchain, and Verifiable Credentials in the Metaverse
Decentralized identifiers (DIDs) are essential in the development of the metaverse. They provide a secure, decentralized way to authenticate identities within virtual worlds. This decentralized infrastructure makes it easy for users to find and interact with one another without having to trust a third party.
Blockchain is playing an integral role in the development of the metaverse. Blockchain has many applications in the metaverse including enabling users to do secure transactions, identity verification, digital ownership, and giving them complete control over their own virtual identity and information.
Verifiable credentials are essential in the metaverse. These credentials offer verifiable proof that the holder possesses certain qualifications, characteristics and affiliations which enhances trust and security between people, businesses and other systems. Without verifiable credentials, there is no way to guarantee the integrity of digital identities and transactions taking place in the metaverse.
Non-custodial means no one else but you has access or control of your digital accounts and assets. A non-custodial digital wallet like the Dock Wallet doesn’t give the third-party service provider access to user funds or assets stored in the wallet. No middleman is involved in any transactions.
This is the opposite of custodial wallets, when a third-party provider holds on to user assets in exchange for service. With non-custodial wallets, users can access and control their digital identity information, verifiable credentials, and digital assets without having to surrender any kind of control to another party.
Non-Fungible Token (NFT)
Non-fungible tokens (NFTs) are digital assets that represent unique virtual or physical items. The key difference between non-fungible tokens and more traditional forms of currency is that non-fungible tokens can’t be replaced by another identical token. They are one-of-a-kind and non-interchangeable.
NFTs have been gaining in popularity due to their strong use in digital art, but NFTs can actually be applied to many other things. NFTs allow for ownership over a wide variety of digital elements such as gaming items, collectibles, sports highlights, music and more. One example is Grunks NFT Marketplace which allows the buying and selling of gaming items that are NFT-backed. NFTs can also be used to represent deeds and titles in real estate and infrastructure investments.
In the context of verifiable credentials, a "private key" serves as a unique and secret digital signature that is made up of a string of numbers and letters that an individual uses to sign digital information, essentially serving as a digital signature.
When it comes to verifiable credentials, the private key plays a crucial role in the creation, issuance, and management of these digital credentials. For instance, when an entity issues a digital credential, they sign it with their private key. This signature securely ties the credential to the issuer and verifies its authenticity and integrity. If someone tries to alter the credential, the signature will no longer match, and the tampering will be evident.
In the same way you would never give anyone the password to your banking or email account, you should never ever share your private key with anyone else.
The private key can be used to:
- Digitally sign documents
- Prove ownership
- Give consent to share data
In the context of verifiable credentials, a "public key" is a unique, non-secret digital code, that is made up of a string of numbers and letters. While it’s paired with a private key, unlike the private key, it can be openly shared with others. The public key acts like a digital address or an identity marker, which others on the network can use to verify the information signed by the corresponding private key.
When a party, such as an employer or university, uses its private key to sign a digital credential during issuance, the verification of this credential doesn't require the private key itself. Instead, the verifier uses the issuer's public key to confirm the authenticity and integrity of the digital signature.
Basically, the public key answers the question, "Does this signature match the known identity?" without ever exposing the secret private key. If the credential has been tampered with, the verification process using the public key will fail, indicating the data's inconsistency.
While your private key must be always kept secret, your public key is intended to be shared safely.
The public key is used to:
- Verify digital signatures
- Validate the integrity of signed data
- Confirm a digital identity
A reusable identity is a verifiable credential that a user can securely and conveniently use across multiple platforms, services, or applications without needing to repeatedly submit identity verification documents or go through separate, time-consuming verification processes.
This identity is verified once and services, platforms, and applications that trust this credential can onboard new users much faster or instantly. A reusable identity is similar to a passport that can be used to enter different countries after a single issuing process.
Key Benefits of Reusable Identity
- Speeding up the onboarding process: Users can swiftly access new services or platforms because they don't have to undergo a full identity verification process each time. Once their reusable identity is established and verified, it can be acknowledged quickly by other parties, significantly reducing wait times and administrative processing.
- Enhancing user experience: Reusable identity streamlines the user's experience, eliminating the redundancy of repetitive verification steps. Users can enjoy smoother, less interrupted interactions with platforms and services, leading to higher satisfaction.
- Maintaining privacy: Reusable identities often employ technology that allows users to reveal only necessary information, keeping other personal data private. This selective disclosure enhances user control over personal information.
- Dock’s reusable identity solution
- Reusable Identity: 7 New Market Opportunities for Identity Verification Companies
- IDV Companies: The World Is Moving to Digital ID Verification, Are You Prepared?
A seed phrase is a set of randomly generated words that is used to gain access to your digital wallet. Digital wallets are essentially like virtual vaults for storing important and private information like decentralized identifiers (DIDs), verifiable credentials, and cryptocurrency. Seed phrase is sometimes referred to as a seed recovery phrase.
When you create a new wallet, you will be given this seed phrase which is the key to unlocking your wallet and accessing the information in it. It’s very important to securely store the seed phrase in a safe place because it’s the only way to access your digital wallet if you forget your login credentials.
If someone gets your seed phrase for your digital identity wallet, it’s as if they have a master key where they can access all of your important information and data. This means that they can access any accounts associated with that digital identity wallet, view your personal information, see any payment details, and even conduct transactions on your behalf. Someone could drain all the funds from your account without your knowledge.
Selective disclosure is a privacy tool that enables users to only reveal the information that is necessary to prove a certain claim. For example, someone going to a club can just show their date of birth to confirm that they are at least 18 years old but not show their full name and address on their credential
Or a patient can reveal relevant test results and documents to their insurance provider but not irrelevant medical files. This gives people more control over their personal information and helps to protect their privacy.
Selective disclosure helps organizations comply with data protection regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) by minimizing the amount of personal data that is processed and stored.
Self-Sovereign Identity (SSI) Management
Self-Sovereign Identity is a model of identity management that gives individuals complete control over their own personal data. Unlike traditional models of identity management that centralize control over personal data within organizations, Self-Sovereign Identity puts people in charge of their own information. This means that individuals can choose what information to share, with whom to share it, and how it will be used. People have the ability to revoke access to their data at any time which provides a higher level of privacy and security than traditional models of identity management.
These are the three pillars of Self-Sovereign Identity:
- Decentralized identifiers (DIDs)
- Verifiable credentials
A verifier in a verifiable credential system is a party that confirms the validity of a credential provided by an issuer. A verifier could be an employer, government department, party in the supply chain, or a store employee.
When someone (holder) shows the credential, the verifier can instantly check to see if it is authentic in seconds by simply scanning a QR code or using an online verification tool. This can all be done without contacting the issuer at all.
Here are examples of the kinds of credentials verifiers can instantly check:
- A store checking to see if someone is a post-secondary student in order to qualify for a student discount
- A retailer checks to see if a batch of organic apples have their organic certification
- A gaming site needs to ensure that users are at least 18 years or older
- A bank ensures that a client makes at least $50,000 a year to qualify for a service
A verifiable credential is a digital document that confirms the authenticity of information about an individual, entity, or object. It's like a digital version of everyday documents, such as a driver's license or a school diploma. The key feature is that it can be instantly and securely verified online, ensuring that the information it contains is trustworthy and hasn't been tampered with.
Key Benefits of Verifiable Credentials
- Verifiable Credentials: The Ultimate Guide
- Verified Credentials: Why They Are Essential in Our Digital Age
Verifiable Credential System
The verifiable credential system is a way to verify that someone has a certain credential like a professional certificate, driver’s license, or identity document.
The system consists of three main parties:
- Issuer: Entity that issues the credential like a university, government department, or licensing organization
- Holder: The person or organization holding the credential
- Verifier: The entity that verifies that the holder has the credential, like an employer, entertainment website, or financial institution
Web3 is the third generation of the World Wide Web and it is a new way of building the Internet that is fairer, more open, and more secure. While the first two generations of the web were based on centralized systems, Web3 is based on decentralized technologies such as blockchain and peer-to-peer networking. Web3 enables users to connect to the internet without relying on central authority figures such as internet service providers or web hosting companies.
Decentralized identifiers (DIDs) are a key part of web3 because they give users a way to prove their identity online without needing to rely on a central authority. DIDs are unique, tamper-proof IDs that can be used to sign transactions and access services. They're important because they help to create a more secure and interoperable internet, where users can control their own data. DIDs also have the potential to help reduce fraud and improve privacy by making it more difficult for hackers to steal personal information.
Web3 identity is a digital representation of Self-Sovereign Identity on the decentralized internet (Web3). It allows individuals and entities to control their identities, associated data, and transactions without reliance on centralized authorities. This form of identity is secured by blockchain technology, ensuring immutability, transparency, and direct control by the identity holder.
Key features of web3 identity
- System built on the principles of freedom, privacy, and security
- Uses blockchain technology to provide a cryptographically secure identity solution that can be used with web applications, decentralized networks, and web protocols
- Users have complete control over their personal data without sacrificing convenience or security without relying on centralized institutions
Use case examples
- Digital IDs for secure and private logins: Single sign-on for decentralized applications (dApps) without relying on traditional, centralized providers like social media or email accounts.
- Graduates can hold verifiable digital copies of their degrees, which universities issue directly to students' digital wallets, reducing the potential for degree fraud.
- Citizens can vote in elections securely and privately, with their Web3 identity ensuring one vote per person and protecting voter privacy.
Word Wide Web Consortium (W3C)
The World Wide Web Consortium (W3C) is an international organization that sets standards for the World Wide Web.
- Make sure that new technology can be integrated seamlessly into the existing web infrastructure
- Help businesses operate more efficiently by making sure that their websites are compatible with a wide range of devices and browsers
- Ensure that the web works the same no matter what device or browser you use
W3C established these standards that Dock follows for decentralized identifier (DID) and verifiable credential technology:
On July 19, 2022, Decentralized Identifiers (DIDs) v1.0 became an official Web standard. DIDs are being used across a variety of markets that require data authenticity.
Zero-Knowledge Proofs (ZKPs)
Zero-Knowledge Proofs is a way for one party (the prover), to demonstrate to another party (the verifier) that they have a specific piece of information without revealing what the actual information is.
Key Characteristics of Zero-Knowledge Proofs
- Privacy: Ensure that the prover doesn’t reveal any sensitive or confidential information during the proof.
- Validity: Provide a way for the verifier to confirm the accuracy of the proof without knowing the underlying data.
- Efficiency: Designed to be computationally efficient, allowing for practical implementation in various applications.
Examples of Zero-Knowledge Proof Applications
- Verify the identity of a user without sharing their password or personal information
- Parties can confirm they have a minimum amount of funds without revealing the exact amount of assets they hold
- Someone can verify that they are at least 18 years old to buy alcohol
The Capabilities that Dock’s Zero-Knowledge Proof Technology Enables
1. Custom Conditions
These are the specific requirements or criteria that the prover must satisfy to convince the verifier, without revealing any actual information about the data or process underlying these conditions.
For example, in secure areas or systems, ZKPs can prove that someone has the clearance or rights to enter without revealing their identity or the specifics of their credentials. The custom condition would be the level of clearance required.
2. Selective Disclosure
When someone presents a credential for verification, they can share one or more relevant details without presenting the entire credential.
For example, someone can present their date of birth on their driver’s license only when entering a club but keep all of the other details private.
3. Range Proofs
Range Proofs allows a prover to demonstrate that a particular value (such as a number) falls within a specified range, without revealing the specific value itself.
Examples of range proof applications:
- Less than a value: Educational grants are available to residents who make under $30,000 a year.
- In between a value: An young entrepreneurship program is available to people between the ages of 18 to 30.
- More than a value: Senior discount applies to people who are over 65 years old.
4. Verifiable Encryption
Verifiable encryption is a method for safely sharing information, where only authorized parties can view the actual content when required. Think of it as using a unique lock to safeguard your data, and only specific individuals like regulators possess the key to unlock it when necessary.
For example, verifiable encryption can be used to protect the integrity of digital evidence in criminal cases. Law enforcement agencies can encrypt and securely store digital evidence such as photos, videos, or documents. This ensures that the evidence remains tamper-proof and can be reliably presented in court when needed.
5. Threshold Anonymous Credentials
Unlike other credentials that have one issuer, this is a method where credentials are jointly issued by a group of issuers and requires collective agreement. In order for a credential to be issued, a certain number of parties have to agree.
For example, some industries such as pharmaceuticals need approval from regulatory bodies to ensure the products meet safety standards before they can go to market. By implementing threshold anonymous credentials, products need to be approved by a certain number of regulatory parties in order for a credential to be issued.