The ability to create sub-accounts is a valuable feature for organizations because it provides them with enhanced security, better data segregation, and improved user management capabilities. The sub-accounts are typically used by organizations (resellers) offering digital identity and Verifiable Credential features and services to their own customers on their platforms. Dock’s sub-accounts feature was built and designed based on requests and feedback from Dock customers.
The Certs API allows users to:
- Create and manage digital identity profiles using decentralized identifiers (DIDs)
- Issue Verifiable Credentials
- Enable advanced privacy features such as Selective Disclosure and Zero-Knowledge Proofs
- Backup encrypted data to the cloud
- Set automatic expiration dates and remotely revoke the validity of credentials
How Sub-Accounts Work
There is a master account owned by the main organization that is offering digital identity and Verifiable Credential features on their platform and the master account can create sub-accounts.
What the Master Account Can Do
- Can create and issue API keys for the sub-accounts
- Oversee sub-account activity and relationships
- Update billing criteria
What the Sub-Accounts Can Do
- Have multiple issuer profiles
- Issue and verify credentials
Benefits of Having Sub-Accounts
Improved Data Segregation for Reports and Billing
Sub-accounts allow for better data segregation which is crucial for information management and reporting. When multiple users are sharing a platform or system, it's essential to ensure that each user's data is kept separate and secure. Sub-accounts make it easier to generate reports tailored to each user’s needs and to bill multiple customers accurately. The master account could create issuer profiles for their customers. For example, you can say all of the loyalty card related credentials for a clothing store are from this particular customer.
If there were no sub-accounts, some of the downsides are that it would be hard to ensure that each customer’s data is kept separate, which can result in customers accessing data they’re not authorized to view. Also reports could be too generic which would make it hard for users to get the information they need.
Increased Security and Privacy
Data security and privacy is provided because there are different encryption keys for each sub-account. Sub-account 1 can’t see the information of Sub-account 2, 3, and so on.
Because each sub-account has a unique encryption key, if a bad actor gained access to one sub-account, they couldn't access any other ones. This makes it much harder for attackers to access sensitive data and helps to protect customers. Without sub-accounts, a bad actor could use the same encryption key as all the other accounts and access all the data in each one.
Auditing is the process of reviewing user activity to ensure that users are following rules and regulations, and that data is being used appropriately. It's an important part of data management, especially in industries that deal with sensitive information. Sub-accounts make auditing easier by allowing administrators to track user activity on a per-user basis.
This means that administrators can track each user's activity individually, rather than having to review all activity on the platform or system as a whole. This makes auditing much more targeted and efficient, as administrators can focus on specific users or groups of users.
Easier to Securely Delete User Data
Sub-accounts can make it easier to delete a user's data if they are no longer a customer under the master account. This helps to ensure that user data is securely and quickly removed without worrying about their data being intermingled with other customer data. This can save time and reduce the risk of errors when deleting user data.
Without sub-accounts, it can be challenging to manage data deletion for multiple customers. Deleting a user's data may involve searching through the entire platform or system to find all instances of that user's data, which can be time-consuming and error-prone. In addition, it may be difficult to ensure that all of the user's data has been securely deleted, which can lead to data breaches and legal and financial consequences.
Sub-Account Use Case Examples
Driving Licence Department
The Driving License Department owns the online platform that provides driving license services. The department issues API keys and creates 35 sub-accounts for each driver’s licensing location that is issuing, renewing, and billing for driving licenses. Each location can create multiple issuer profiles as needed while the Driving License Department maintains oversight and control over the issuance of driver’s licenses.
Health Data Analytics Company
- Master account: Health Data Company
- Sub-accounts: Health Data Company's Customers
The health data company has an online platform where their own customers can access tools and features such as being able to issue Verifiable Credentials for nurses who complete specific training programs. Each customer will have their own sub-account and all of the transactions and information will securely be kept within the sub-accounts.
Travel Visa Service
- Master Account: Travel visa service company
- Sub-accounts: Airlines and government countries
People who apply for travel visas use the travel visa service to submit their documents and the company acts as the intermediary between travelers and the government department that issues the visa.
When visas are approved by the government, the travel visa company will issue the visa as a Verifiable Credential that a traveler can store in their wallet app and present the visa to the airlines when they check in as well as to the authorities in the destination countries.
The travel visa service white labels Dock’s digital identity wallet to create their own app for travelers to store their travel visa issued as a Verifiable Credential and for airlines and authorities to instantly verify the validity of the visa. The staff at airlines can create a verification request with the travel visa service app for each traveler who checks in and verifies the wallet-to-wallet in person.
Each airline and destination country using Verifiable Credentials on the travel visa service app will have their own sub-accounts. Each account will manage digital identity and credential transactions.
Dock is a Verifiable Credentials company that provides Dock Certs, a user-friendly, no-code platform, and developer solutions that enable organizations to issue, manage and verify fraud-proof credentials efficiently and securely. Dock enables organizations and individuals to create and share verified data.
- Dock Certs: Web app to issue and manage digital identity and Verifiable Credentials
- Certs API: Easy integration with your system to make your data fraud-proof and instantly verifiable
- Dock Wallet: Easily store and manage their digital credentials and identity (individuals) and verify credentials instantly (organizations)
Partner Use Cases
- SEVENmile issues fraud-proof verifiable certificates using Dock
- BurstIQ Makes Health Data Verifiable, Secure, and Portable With Dock
- Gravity eliminates Health & Safety certificate fraud with Dock
- Decentralized Identity
- Verifiable Credentials
- Self-Sovereign Identity
- Decentralized Identifiers (DIDs)
- Web3 Identity
- Blockchain Identity Management
- Selective Disclosure
- How to Prevent Supply Chain Fraud With Blockchain
- BurstIQ Use Cases That Leverage Verifiable Credentials
- Blockchain Food Traceability: Enhancing Transparency and Safety
- How to Prevent Certificate Fraud
- Digital Credential Platform