The ability to create sub-accounts is a valuable feature for organizations because it provides them with enhanced security, better data segregation, and improved user management capabilities. The sub-accounts are typically used by organizations (resellers) offering digital identity and Verifiable Credential features and services to their own customers on their platforms. Dock’s sub-accounts feature was built and designed based on requests and feedback from Dock customers.
The Certs API allows users to:
There is a master account owned by the main organization that is offering digital identity and Verifiable Credential features on their platform and the master account can create sub-accounts.
What the Master Account Can Do
What the Sub-Accounts Can Do
Sub-accounts allow for better data segregation which is crucial for information management and reporting. When multiple users are sharing a platform or system, it's essential to ensure that each user's data is kept separate and secure. Sub-accounts make it easier to generate reports tailored to each user’s needs and to bill multiple customers accurately. The master account could create issuer profiles for their customers. For example, you can say all of the loyalty card related credentials for a clothing store are from this particular customer.
If there were no sub-accounts, some of the downsides are that it would be hard to ensure that each customer’s data is kept separate, which can result in customers accessing data they’re not authorized to view. Also reports could be too generic which would make it hard for users to get the information they need.
Data security and privacy is provided because there are different encryption keys for each sub-account. Sub-account 1 can’t see the information of Sub-account 2, 3, and so on.
Because each sub-account has a unique encryption key, if a bad actor gained access to one sub-account, they couldn't access any other ones. This makes it much harder for attackers to access sensitive data and helps to protect customers. Without sub-accounts, a bad actor could use the same encryption key as all the other accounts and access all the data in each one.
Auditing is the process of reviewing user activity to ensure that users are following rules and regulations, and that data is being used appropriately. It's an important part of data management, especially in industries that deal with sensitive information. Sub-accounts make auditing easier by allowing administrators to track user activity on a per-user basis.
This means that administrators can track each user's activity individually, rather than having to review all activity on the platform or system as a whole. This makes auditing much more targeted and efficient, as administrators can focus on specific users or groups of users.
Sub-accounts can make it easier to delete a user's data if they are no longer a customer under the master account. This helps to ensure that user data is securely and quickly removed without worrying about their data being intermingled with other customer data. This can save time and reduce the risk of errors when deleting user data.
Without sub-accounts, it can be challenging to manage data deletion for multiple customers. Deleting a user's data may involve searching through the entire platform or system to find all instances of that user's data, which can be time-consuming and error-prone. In addition, it may be difficult to ensure that all of the user's data has been securely deleted, which can lead to data breaches and legal and financial consequences.
The Driving License Department owns the online platform that provides driving license services. The department issues API keys and creates 35 sub-accounts for each driver’s licensing location that is issuing, renewing, and billing for driving licenses. Each location can create multiple issuer profiles as needed while the Driving License Department maintains oversight and control over the issuance of driver’s licenses.
The health data company has an online platform where their own customers can access tools and features such as being able to issue Verifiable Credentials for nurses who complete specific training programs. Each customer will have their own sub-account and all of the transactions and information will securely be kept within the sub-accounts.
People who apply for travel visas use the travel visa service to submit their documents and the company acts as the intermediary between travelers and the government department that issues the visa.
When visas are approved by the government, the travel visa company will issue the visa as a Verifiable Credential that a traveler can store in their wallet app and present the visa to the airlines when they check in as well as to the authorities in the destination countries.
The travel visa service white labels Dock’s digital identity wallet to create their own app for travelers to store their travel visa issued as a Verifiable Credential and for airlines and authorities to instantly verify the validity of the visa. The staff at airlines can create a verification request with the travel visa service app for each traveler who checks in and verifies the wallet-to-wallet in person.
Each airline and destination country using Verifiable Credentials on the travel visa service app will have their own sub-accounts. Each account will manage digital identity and credential transactions.
Dock is a Verifiable Credentials company that provides Dock Certs, a user-friendly, no-code platform, and developer solutions that enable organizations to issue, manage and verify fraud-proof credentials efficiently and securely. Dock enables organizations and individuals to create and share verified data.
Dock’s Verifiable Credentials Platform makes your data fraud‑proof and allows your stakeholders to verify its authenticity in seconds - making expensive, time‑consuming, and manual verification processes disappear.