Verifiable Credentials: The Ultimate Guide 2023

Published
March 22, 2023
·

Dock is a pioneer in the decentralized identity space. Since 2017, our expert team has been building cutting-edge Verifiable Credentials and technology. We created this comprehensive guide on Verifiable Credentials to explain what they are, ahow they work, and why it's important for organizations and individuals.

TL;DR

  • There is an increasingly global problem around the world of physical and digital credentials like driver's licenses and university degrees being forged. It is a slow, time-consuming, andse expensive  process for organizations to verify the authenticity of credentials.
  • Verifiable Credentials are a digital, cryptographically secured version of both paper and digital credentials that people can present to organizations that need them for verification.
  • In the Verifiable Credentials ecosystem, there is an issuer, holder, and verifier.
  • The key benefits of Verifiable Credentials for:

1) Organizations: Issuing organizations can conveniently provide fraud-proof credentials and verifying organizations can instantly check the authenticity of credentials.

2) Individuals: Enables full ownership and control of their data while preserving privacy as well as providing improved security.

  • There are a growing number of use cases where Verifiable Credentials can be used in a variety of sectors including supply chain, education, and finance.

Introduction

Organizations use physical credentials like employee badges, certifications, and passports to identify people and verify claims about them like being old enough to go to a nightclub or graduating with a degree. But of course, physical credentials have their drawbacks.

Did you know that:

  1. Over half of all people claiming a new PhD in the United States have a fake degree?
  2. More than 1,200 vendors operating in the UK and worldwide offer fake COVID vaccine and test certificates for as little as £25?
  3. 75% of university admissions staff could not spot a fake certificate?

With the increasing digitization of information, people are required to interact with thousands of businesses online. How would organizations know if a digital document is real? If organizations can’t tell if digital assets are real or fake, they are exposed to liabilities such as hiring someone who is not really qualified to do a job. Many people simply use Photoshop or change a PDF themselves to make fake certificates or licenses.

Verifiable Credentials can help individuals and organizations create and share their identities and claims reliably.

What Is a Verifiable Credential?

Verifiable Credentials are a digital, cryptographically secured version of both paper and digital credentials that people can present to organizations that need them for verification. Imagine digital and instantly verifiable versions of identity documents, academic achievements, licenses, and more.

When digital credentials conform to the Verifiable Credentials Data Model 1.0, which is a standard established by World Wide Web Consortium (W3C), they can be referred to as Verifiable Credentials. The Verifiable Credentials Data Model 1.0 is a “specification [that] provides a standard way to express credentials on the Web in a way that is cryptographically secure, privacy-respecting, and machine-verifiable.”

W3C is an international community where member organizations, full-time staff, and the public work to set international standards for the World Wide Web. They created standards for URL, decentralized identifiers, and others. Verifiable Credentials are one of the three pillars of Self-Sovereign Identity (SSI), which is an approach to digital identity that gives individuals control of their digital identities. The other two pillars are blockchain and decentralized identifiers.

Verifiable Credentials, blockchain, and Decentralized Identifiers (DIDs) are the three pillars of Self-Sovereign Identity.

The main parties involved in the use of Verifiable Credentials are the:

  1. Issuer: Organization that has the authority to issue Verifiable Credentials such as a government department issuing a national ID or a college issuing a diploma
  2. Holder: Someone who owns the credential and stores it in their digital wallet
  3. Verifier: The person or organization validating or authenticating the credential like a hiring company needing to check a candidate’s educational credentials
Examples of how Verifiable Credentials interact with the issuer, verifier, and holder

Benefits of Verifiable Credentials

  • Instantly verifiable anywhere at any time within seconds compared to days, weeks, or months with traditional verification processes
  • Tamper-proof with cryptography, which enables people to store, protect, and share data securely
  • No need to contact the issuer (e.g. a university or certifying body) to confirm the authenticity
  • Creates immediate trust between parties
  • ID holder have full control and ownership of their data, enabled by decentralized identifiers (globally unique identifiers) and Public key cryptography.
  • Provides user privacy because they can choose which parts of their identity they want to reveal such as showing their age without showing their full name. Or proving they are above a certain age without disclosing their date of birth.
  • No personal data is stored on the blockchain
  • Portable as holders can store Verifiable Credentials in their digital wallet and take them anywhere while still being verifiable.

Organizations can issue their degrees, IDs, licenses, and more as verifiable digital credentials that can be stored in a digital wallet, which is a digital version of a physical wallet that people can carry around as a mobile application on their phone, computer, or even a cloud-based server.

Gartner, a technological research and consulting firm, shared five trends for identity and access management and fraud detection. One of the trends is that the decentralized identity standard will shift to being increasingly mobile and global. The term “decentralized identity” is used interchangeably with self-sovereign identity because it refers to the idea of individuals owning and managing their own identities.

Verifiable Credentials Example

A government can issue a passport as a Verifiable Credential for the holder to securely store in their digital identity wallet.

In the Verifiable Credentials ecosystem, the issuer and holder are required to use Decentralized Identifiers, or DIDs. A decentralized identifier (DID) is a way to identify yourself or something online without relying on a central authority, like a government or a big company. Think of it like a digital version of your driver's license or passport that you can use to prove who you are on the internet.

The public key associated with the DID of the organization that issued the credential is stored on the blockchain. So when someone wants to verify the authenticity of the credential, they can check the blockchain to see who issued it without having to contact the issuing party.

A DID:

  • Is a globally unique identifier made up of a string of letters and numbers
  • Allows the owner to prove cryptographic control over it
  • Comes with a private key and a public key (codes used to encrypt and decrypt information)
  • Enables private and secure connections between two parties and can be verified anywhere at any time

We will go into more detail later on about how DIDs work, but here is an example that ties all of these details together.

Let's say a government department uses Verifiable Credentials to issue passports. Whenever they issue a new passport, they will sign it with a private key while their public key and DID are on the blockchain. In this case, the data outline (schema) on the verified credential would include the name, country, date of birth, and so on.

You will be able to store your passport within your digital wallet and control precisely what you want a verifier to see. Then when a verifier like a company, for example, wants to check the Verifiable Credential, they can check to see if the government department really did sign it without contacting the issuer because the government's public key and DID are on the blockchain.

Verifiable Credentials in the Dock Wallet

Another benefit of a Verifiable Credential is privacy. If an on-demand driving company asks for your license if you're applying to become a driver, you can use your phone to simply show them a verifiable presentation of the credential that proves that you have the authority to drive. With a verifiable credential, you can selectively disclose only the information required by the verifier. If a platform uses Zero-Knowledge Proof technology, you could even prove you have a valid license without showing any information from the license itself.

With Verifiable Credentials, the DMV also has the authority and ability to define an automated expiration date. They can also revoke the license if a driver breaks the law and is penalized by having their credential removed for a certain period of time.

Why Do We Need Verifiable Credentials? What’s Wrong With Our Current Verification Systems?

The main reason why Verifiable Credentials are becoming increasingly popular among people and businesses around the world is that it checks a lot of boxes when it comes to user privacy requirements and addresses several major issues associated with the current identity management system.

Problems With Our Current Traditional Verification Systems

  • Proving the authenticity of documents involves a slow and difficult verification process, which often takes organizations weeks or even months
  • Increased risk of breaches of data resulting from centralized data management systems storing a large amount of user information
  • Paper and digital credentials are easy to forge
  • Organizations store vast amounts of personal data from users which leaves users without control over who has access to their personal information, where their documents are stored, and how they are being used
  • With a physical credential or PDF, people may be disclosing a lot more information than is necessary when they present it for verification

Verifiable Credentials enable people to verify their identity, only provide information that is relevant to the context, and prove their documents weren’t modified.

With a digital credential that could be in a PDF or XML document, for example, verifying the origin and authenticity of documents is complex. You’d have to confirm that:

  1. The Issuer Organization effectively issued that credential and has the authority to do so like an organization that provides driver’s licenses
  2. The person submitting the credential (holder) is its rightful owner
  3. The credential is valid and not expired, modified, or revoked

​​In many cases, this involves manually contacting the issuing organization, which is a long, tedious, and often expensive process.

Here are just a few of many examples of how fraudulent IDs and credentials pose a risk to organizations:

Construction

New construction employees need to present credentials to an employer, especially if they will operate heavy machinery. If an employee presents fake credentials to a company, this is dangerous because this could result in a serious accident and the company could be liable for hiring someone without the right qualifications to operate the machinery and do the work safely.

Healthcare

The verification processes for providers in the healthcare industry have many inefficiencies with manual verification and gatekeepers. Traditional verification can take weeks to months which causes major delays in filling in much-needed healthcare roles and delays for people to begin working.

Supply chain

There can be severe safety issues and monetary damages that could happen from an improperly managed supply chain such as a manufacturer failing to ensure the safety of working conditions at their facilities, potentially resulting in severe injuries suffered by workers. Forged documents are also used to show the origin of goods, which can be dangerous for consumers if the products don’t meet safety standards.

How Does a Verifiable Credential Work?

The issuer (e.g. nursing program) creates the verifiable credential and digitally signs it with a cryptographic key that only the issuer can use. When the verifier (e.g. hospital) receives a credential, they will verify its authenticity instantly through a blockchain, an immutable and decentralized database.

One important thing to note is that the blockchain doesn’t actually store people’s Verifiable Credentials. It only stores information that the verifier would need to validate the authenticity of the credential like the issuer's public cryptographic key that matches the one that signed the credential.

Using this information, the verifier will determine:

  • If the issuer has the authority to issue that credential
  • If the verifiable credential is still valid (not revoked or expired)
  • If the credential has been tampered with

This system is trustless. The verifier no longer has to contact the issuer to confirm the validity of the credential. And the best part is that everything happens in a matter of seconds!

The 3 Components of Verifiable Credentials

  1. Credential metadata: This might be cryptographically signed by the issuer and contains the credential identifier as well as properties about the credential itself such as the expiry date and who the issuer is.
  2. Claim(s): A tamper-proof set of claims made about the credential subject such as someone’s employee number and job title.
  3. Proof(s): Cryptographic method that allows people to verify:
  • The source of the data (e.g. who the issuer is)
  • That the data has not been tampered with

What Is the Role of Decentralized Identifiers (DIDs) In Making Verifiable Credentials Work?

Decentralized Identifiers Explained

We often use physical cards to provide proof of our identity and claims about us to show to other people or organizations. But in the digital world, there were no universally accepted standards for expressing, exchanging, and verifying digital credentials.

We currently use emails and phone numbers as identifiers to access websites, services, and apps. But our access to these identifiers can be removed anytime by service providers, the data is controlled by providers, and user data is vulnerable to hacks. Decentralized identifiers change all of this.  

A DID:

  • Is a globally unique identifier made up of a string of letters and numbers
  • Is created and owned by the user
  • Allows the owner to prove cryptographic control over it
  • Comes with a private key and a public key that are also made up of a long string of letters and numbers
  • Enables private and secure connections between two parties and can be verified anywhere at any time

Here is an example of a Dock DID:

A party can be an individual or organization and they can make as many DIDs as they want for different relationships. For example, you can have a DID for:

  • Professional reasons like showing your credentials to an employer or university
  • Authenticate data for your personal interests like showing you are legal age to go to a bar or a member of an organization
  • Online gaming profiles

Someone can create several DIDs for different purposes such as:

  • DID 1: Educational and professional certificates
  • DID 2: Identity documents (e.g. driver's license, state IDs, passport)
  • DID 3: Online gaming profiles
  • DID 4: Online shopping
decentralized identifier profiles that have associated verifiable credentials

What Are Public and Private Keys?

Every Decentralized Identifier (DID) comes with a public and private key.

Each DID comes with a private and public key. Keys come in private/public pairs and a DID can have multiple pairs.  

Private key

  • A private key (a string of letters and numbers) is like a password that allows a holder to access and manage their data.
  • The owner should be the only one who knows the private key and it should never be shared with anyone else.
  • Regarding DIDs, the private key allows people to prove ownership, grant permissions to share specific data, and sign documents.

Public key

  • A public key (a string of letters and numbers) that can be safely shared with anyone to send and receive data
  • Used for user authentication and verification purposes

To explain how public and private keys work, let’s use the example of comparing a private key to a master key of a car. The car’s owner (holder) has the master key that gives her full access to all parts of the car, including the trunk and glove compartment. She can provide restricted access to other people she chooses. The owner should never give her master key to anyone else.

Now the owner wants to make another key that gives restricted access to a valet or auto body shop to start the car. This key is like the public key. The valet and car shop worker wouldn’t be able to access the glove compartment and the trunk.

To use another example, an employer would use their private key to sign and issue a verifiable credential to confirm an employee's job title. The employer’s public key would be shared on the blockchain so that the verifier, such as a government department that needs to authenticate someone’s work status, can confirm the authenticity of the data with that public key. Basically, the government body can check the DID on the blockchain to see who issued the credential without having to contact the issuing party.

How to Check the Authenticity of Verifiable Credentials With Dock's Solutions

Organizations can use Dock Certs and the Dock Wallet to verify users’ digital credentials instantly with the phone or computer. This feature is powered by blockchain technology and because credential verification is quick and fraud-proof, verifiers can be assured that the information being presented is accurate. Users can verify documents on the web and from wallet-to-wallet (online or in person). 

Benefits of Instant Credential Verification for Organizations

Company sends a verification request
  • Confirm the validity of someone’s documents within seconds instead of taking days, weeks, and months with traditional verification processes
  • Prevent document fraud 
  • Save money on expensive, manual, and inefficient verification processes
  • Comply with data regulations
  • Improve efficiency in operations
  • Reduce the risk of liabilities, fines, lawsuits, injuries, and death by hiring people with the right qualifications

Benefits of Instant Credential Verification for Individuals

Holder selects which information to present, a process enabled by selective disclosure
  • The Dock Wallet enables people to have more data privacy, control, and security as they can choose which parts of their credentials they can send to a verifier rather than showing all of the information on the credential. For example, someone could just send their name and email but not their date of birth and address.
  • Conveniently share their credentials from their phone.
  • Can share only the necessary information to a verifier to reduce the risk of their data being misused while having full control of who has access to it.

Dock’s Step by Step Verification Guide

Click here for the complete guide on how to verify credentials with Dock Certs and Dock Wallet.

World Wide Web Consortium's (W3C) Verifiable Credential Standards

Verifiable credentials enable interoperability

Dock’s Verifiable Credentials follow the Verifiable Credentials Data Model 1.0 standards established by the World Wide Web Consortium (W3C), an international organization that sets standards for the World Wide Web. It was created by the inventor of the Web, Tim Berners-Lee, to ensure that the Web remains an open and interoperable system that can be used by anyone, regardless of the technology they use or the language they speak. 

W3C develops and maintains technical standards for web technologies. Some of the common web standards the organization created include HTML (the standard markup language used to create web pages) and CSS (a language used to describe the presentation of web pages). 

The Importance of W3C Standards

By establishing these standards, the W3C helps to ensure that different web browsers and devices can display web pages in the same way. They also ensure that web developers can create websites that work well across different platforms and build them faster and cheaper.

Without these standards, different web browsers and devices might display web pages differently, making it difficult for people to use the Web. For example, if one browser interpreted colors and font-sizes differently from another, websites would look different on each browser. Some of them may be unreadable which would make the web frustrating and difficult to use. 

Also, web developers would have to write different code for each browser, which would be a tedious and time-consuming task. They would also need to test their website on a variety of browsers and devices, which can be very costly in terms of time and money.

How W3C Verifiable Credentials Enable Interoperability

Someone can browse different websites in a consistent way because of W3C Verifiable Credentials

Interoperability means that different systems, applications, and programs can work together without any difficulties. 

Here are examples of interoperable systems: 

  1. Different brands of cell phones can call each other

People are able to phone each other regardless of the brand of phone they have. Cell phones from different manufacturers such as Apple and Samsung can call each other because they are built to work with the same cellular network standards.

  1. Standardized USB connector

Most electronic devices such as smartphones, laptops, or cameras have a USB port and can be connected to another device that also has a USB port to share data and power. Even though the devices may have different operating systems or features, they are still able to communicate with each other through the standardized USB connector.

The Importance of Interoperability for W3C Verifiable Credentials

Interoperability is important for Verifiable Credentials because it allows different systems and organizations to easily share and verify digital credentials in a secure, efficient, and standardized way. 

Interoperability can be compared to a passport where all countries agree on the passport standard. So when someone gets to a country, verifiers know what information to expect and how to read it. Similarly, if different systems and organizations use different formats for digital credentials, it can be difficult to share and verify them. But if they all use the same format for digital credentials, it is much easier and more efficient to share and verify them.

Key Differences Between Centralized Identifiers and Decentralized Identifiers

Dock's WebID allows people to securely sign in without a password and without revealing any more information than needed to access a website or app.
Centralized Identifiers Decentralized Identifiers
Identifiers provided by centralized providers like Google or phone companies allow access to apps and services (email addresses and passwords) Identifiers you generate for yourself powered by blockchain to use apps and services
Your personal data is collected on centralized servers and it's not clear who has access to it Data is not shared with anyone except whoever you choose to reveal it to and there is no personal data stored on the blockchain
Data can be manipulated by providers Records on the blockchain are immutable and tamper-proof once it’s recorded on the blockchain
Data is owned by third parties and you can’t control your data You have full ownership of your DIDs and complete control of your cryptographic keys
People’s identifiers are used to track online behavior Create as many DIDs as you want for different relationships to keep your data private as having multiple DIDs makes it harder to track users and correlate data
Providers can remove access to your data anytime Your data can’t be taken away from you and your credentials can be verified anywhere, anytime
Less secure and private connections between parties Enables unique, private, and secure peer-to-peer connections between two parties

Here is a scenario that goes through all of the steps of how DIDs and Verifiable Credentials can work:

  • Issuer: Successo Institute
  • Holder: Anita Ramos
  • Verifier: Bubble Pearl restaurant

1. Anita creates a DID using her Dock Wallet called "Successo Institute Credentials" and the DID will be on the Dock blockchain.

New DID for Verifiable Credentials

2. Successo Institute issues her student status as a Verifiable Credential and sends her a PDF and JSON file of the credential. She imports it in her Dock wallet by scanning the QR code on the PDF.

Student status as a Verifiable Credential

3. Anita imports this credential on her Dock wallet phone app, allowing her to bring her Verifiable Credentials anywhere.

anita's verifiable credentials in the Dock Wallet

4. Partnering businesses on and off-campus give 20% discounts on products and services to university students and they trust Successo Institute as an issuer. To confirm student statuses, Bubble Pearl creates a verification template in Dock Certs and imports verification template into the Dock Wallet by simply scanning a QR code.

Bubble Pearl Restaurant imports the verifiable credential verification request from Dock Certs
verifiable credential request imported in the Dock Wallet

5. Anita goes to Bubble Pearl restaurant and they need to confirm that she is a student of Successo Institute in order to apply the discount. The cashier initiates the verification process by asking Anita to scan the QR code.

Anita scans the credential verification request QR code

6. Anita selects Accept to give permission to Bubble Pearl to view her credential.

Anita accepts the credential verification request

7. Anita selects her student status Verifiable Credential.

Anita selects her student status issued as a Verifiable Credential

8. Anita only wants to share her student number but not her name and email to Bubble Pearl restaurant and selects Continue.

Anita can choose which data to share because of selective disclosure on her Verifiable Credential

9. She chooses the identity to present, which is the Successo University Credentials DID.

Anita shares her Verifiable Credential using her decentralized identifier

10. Bubble Pearl Restaurant's cashier sees that the credential is valid in his Dock Wallet.

The Verifiable Credential presentation is valid

11. Anita sees that the verification is successful in her wallet.

Anita sees a successful credential verification on her Dock Wallett

12. The cashier applies the 20% discount to her purchase.

In another example, if someone wants to buy alcohol, a cashier can scan the QR code on a customer’s verified credential to confirm that they are of legal age. In this process, the customer can use a Zero-Knowledge Proof to prove they are above a certain age, without sharing any other information like their entire birth date or name.

The Role of Blockchain in Verifiable Credentials

The DID's corresponding public key of the organization that issued a credential to a holder is stored on the blockchain, which is an immutable database. The person who wants to verify the validity or authenticity of the credential can check the blockchain to see who issued it without having to contact the issuing party.  

Blockchain is a system of recording information chronologically in a way that makes it extremely difficult to change, hack, or cheat the system. It is a distributed database that is shared among nodes, which are computers in the blockchain network, that can execute certain functions like sending and receiving information. Each block on the chain has unique data that references the previous block and the blocks combine to complete a chain. Blockchain technology is also referred to as Distributed Ledger Technology (DLT).

Key Features of a Blockchain

1. Decentralized: Blockchains operate using a peer-to-peer network of computers to verify and record transactions. Whenever there is a new transaction on a blockchain, the block can’t be added to the chain until it is verified by the network. For someone to tamper with the blockchain, they would have to tamper with all of the blocks of the chain and hack every node, which is extremely difficult to do.

2. A blockchain acts as a decentralized distributed ledger: A distributed ledger is a digital database that runs on a distributed network in diverse locations rather than having one record of data in a centralized location that a person or body can control or manipulate. Each node gets a full copy of the blockchain and the information can be used to verify that everything is in order and make sure it hasn’t been tampered with.

If everything looks good, each node adds this to its own blockchain. Everyone in the network creates consensus where they agree which blocks are valid and which aren’t. Tampered blocks will be rejected by nodes in the network.

3. Immutable: Each block on a chain contains transaction data and the blocks can’t be tampered with or backdated. Unlike traditional forms of record-keeping that are easy to change and manipulate information without anyone knowing.

Verifiable Credentials Using Blockchain


In identity management, a blockchain allows everyone in the network to have the same source of truth about which credentials are valid and who authenticated the validity of the data inside the credentials. Blockchain can enable zero-knowledge proofs, meaning that someone can verify credentials without a holder revealing the actual data like their full name and address.

For example, let’s say Shelly wants to sign up to play a mobile game from her phone. The gaming company requires players to be at least 18 years old and uses Verifiable Credentials to confirm their age.

  1. Shelly creates a DID with the Dock blockchain and stores it in her Dock wallet on her phone
  2. The department of motor vehicles (DMV) in the US issues Shelly a driver’s license as a verifiable credential that contains her date of birth
  3. The gaming company trusts the DMV as an issuer
  4. Shelly signs into the gaming site with her DID and the company uses the Verifiable Credential associated with her DID to verify that she is at least 18 years old without her revealing her date of birth
  5. Shelly can securely sign in to play with her DID without ever using a user name and password

In the above example, Shelly has full ownership and control of how her data is shared and used. And her information can’t be tracked or stored.

How to Show the Proof of Existence of Verifiable Credential Data and Files With Dock’s Blockchain

With Dock, issuers have the option of proving the existence of Verifiable Credentials or files to a verifier by connecting the data to a blockchain with the use of anchoring.

What is anchoring in blockchain?

An anchor is a digital fingerprint of external data that is included in a blockchain transaction to prove that the external data is authentic. The anchor makes up the credential’s proof of existence in their original form.

Anchoring works by converting data to cryptographic hashes (a long string of numbers and letters that is not readable by any human) that are written to the blockchain.

Hashes:

  • Prove the existence of data on files and credentials while the content is kept private
  • Maintain the privacy and security of data because only the hash is stored on the blockchain rather than the credentials themselves
  • Creates immutable timestamps associated with the information and recorded on the blockchain

Let’s say there is an online course that wants to issue credentials to students who have completed the program. The issuer can use Dock’s anchoring feature to hash the credentials that they have issued. Anchors are created when the hashes are posted to Dock’s blockchain and the record can’t be changed.

Anchoring can be applied to any documents and verifiable credential data for a variety of situations.

What Is and Isn’t Stored on the Blockchain

By default, nothing gets stored on the blockchain except for an issuer's and holder's public keys associated with their DID. DIDs will only be stored on the blockchain depending on the client's preference and technology implementation. The Verifiable Credentials that contain personal details are securely stored on a decentralized digital wallet app rather than the blockchain. They don’t need to be stored on the blockchain in order to be verified as long as the keys are available.

Centralized Identifiers Decentralized Identifiers
Identifiers provided by centralized providers like Google or phone companies allow access to apps and services (email addresses and passwords) Identifiers you generate for yourself powered by blockchain to use apps and services
Your personal data is collected on centralized servers and it's not clear who has access to it Data is not shared with anyone except whoever you choose to reveal it to and there is no personal data stored on the blockchain
Data can be manipulated by providers Records on the blockchain are immutable and tamper-proof once it’s recorded on the blockchain
Data is owned by third parties and you can’t control your data You have full ownership of your DIDs and complete control of your cryptographic keys
People’s identifiers are used to track online behavior Create as many DIDs as you want for different relationships to keep your data private as having multiple DIDs makes it harder to track users and correlate data
Providers can remove access to your data anytime Your data can’t be taken away from you and your credentials can be verified anywhere, anytime
Less secure and private connections between parties Enables unique, private, and secure peer-to-peer connections between two parties

Verifiable Credentials Use Cases

Industry Traditional Process Problems/Risks Verifiable Credentials Solution
Supply chain Relies on physical IDs and documents to demonstrate compliance, which creates inefficiencies.
Documents can be easily forged and difficult to authenticate.
Manual verification process is slow and prone to errors.
An importer can bring unapproved, non-compliant medical supplies into a market putting public health at risk.
Verifiable Credentials can’t be forged and they can be verified within seconds without contacting the issuing party, saving a tremendous amount of time and money.
Finance To access financial services, someone has to go through compliance screening by submitting personal details in physical form that is stored in a large database and shared with one or more third parties that conduct know your customer (KYC) and credit checks. Individuals have no control over how their data is secured, shared, and accessed by third parties. The data provided in the credentials is cryptographically secured, tamper-proof, and can be verified.
Healthcare Employers use manual processes to verify paper-based licenses and certificates for healthcare providers. Traditional verification takes weeks if not months, which creates delays in filling much-needed health care roles. Organizations that provide and regulate medical licenses for the healthcare workforce can issue licenses in the form of digital credentials. The recipients of these licenses can then easily share them for instant verification by any hospital, clinic, or medical department where they would like to work.

Dock’s Clients Using Verifiable Credentials

Dock is working with organizations to provide technological solutions to issue Verifiable Credentials and create decentralized identifiers.

Gravity Training connected with us so they could issue Verifiable Credentials in a convenient and cost-effective way to people who complete their training program in field positions. Authentic credentials are essential to keep workers and employers safe. Their courses include rigging, fall arrest, and radio frequency awareness training.

Fake credentials are a growing problem in South Africa. Many people are photoshopping credentials and showing them to employers. Gravity issues thousands of certificates a year for trainees and is manually uploading certifications on their database, which takes a lot of time and resources. They want to use Verifiable Credentials to be compliant, to manage verifications across various locations, and to enhance their record-keeping for auditability.

With Dock’s technology, Gravity is able to:

  • Save a tremendous amount of time and money issuing and managing  credentials with expiry dates in bulk with Dock’s user-friendly platform that doesn’t require any code
  • Allow inspectors and managers to instantly verify documents and monitor expiration dates digitally
  • Provide workers with credentials they can store on a wallet with their phones

Dock has also been collaborating with Credenxia since 2021 to help them move towards a decentralized solution for creating and managing employee credentials. Credenxia is a leading global verification company that partners with businesses in a wide range of industries including construction, health care, and transport. Their technology helps with compliance for employers and workers as well as enables businesses to effectively manage the credentials of their workforce.

The company chose to work with Dock because of our expertise in blockchain, we are compliant with W3C standards, and the APIs were well-documented. Credenxia was previously running on a trust model to do manual verification. They were getting feedback from their stakeholders asking how people would know if Credenxia was compliant themselves during their verification process. There is no overarching body that checks the work and processes of document verification companies.

The collaboration with Dock allows Credenxia to:

  • Provide Verifiable Credentials with blockchain technology.
  • Enhance transparency with clients by adding verifiable notes that are hashed on the blockchain, making them immutable. If the notes have been tampered with, clients would be able to see it.
  • Enhance the audit position of the user base and give back control to someone’s credentials and identity.
  • Move towards a zero-trust model that clients are demanding.
  • Retrospectively decentralize already verified credentials.

Decentralized Digital ID Wallet App

A decentralized digital identity wallet is an identity management application that allows people to securely store, manage, and share digital credentials. A digital credential can be an ID, license, background check, certification, and more. It’s the equivalent of a physical wallet that holds various IDs and cards to demonstrate claims about yourself like licenses, bank cards, and service cards.

To illustrate how a decentralized digital ID wallet can work, let’s say Carlos wants to create a new profile on an online sports shop that uses Verifiable Credentials. He can sign in and make purchases from his digital wallet without creating a user name, password, and entering credit card information. The website needs to confirm that shoppers live in Spain as they only deliver within the country and their payment method. The website verifies his credentials that were issued by a credit card company and driver’s licensing organization, which are issuers that the website trusts to authenticate the credentials.  

Dock’s Decentralized ID Wallet

The Dock Wallet enables you to have full control over your digital credentials and every piece of data stored in the wallet has the ability to be shared with third parties only when you choose to do so and how much information you want to provide. You can grant and remove access to whomever at any time.

With the Dock Wallet you can import existing certificates, batches, and credentials to store all of your records and achievements in one place as long as they were issued as W3C-compliant Verifiable Credentials.

Summary of Key Terms

Anchoring

  • An anchor is a digital fingerprint of external data that is recorded on the blockchain transaction to prove that the external data is authentic
  • Proves the existence of verifiable credential data or files while the content is kept private
  • Anchoring works by converting data to cryptographic hashes (a long string of numbers and letters that is not readable by any human) that are written to the blockchain

Blockchain

  • A blockchain is a decentralized database that is shared among nodes which are computers in the blockchain network
  • A system of recording information chronologically in a way that makes it extremely difficult to change, hack, or cheat the system

Decentralized Digital ID Wallet

  • An identity management application that allows people to securely store, manage, and share digital credentials

Decentralized Identifier (DID)

  • Is a globally unique identifier made up of a string of letters and numbers
  • Is created and owned by the user
  • Allows the owner to prove cryptographic control over it
  • Comes with a private key and a public key that are also made up of a long string of letters and numbers
  • Enables private and secure connections between two parties and can be verified anywhere at any time

Cryptographic hash

  • A long string of numbers and letters that is not readable by any human
  • Used in anchoring to prove the existence of data on files and credentials while the content is kept private
  • Maintain the privacy and security of data because only the hash is stored on the blockchain rather than the credentials themselves
  • Creates immutable timestamps associated with the information and recorded on the blockchain

Private key

  • A private key (a string of letters and numbers) is like a password that allows a holder to access and manage their data
  • The owner should be the only one who knows the private key and it must never be shared with anyone else
  • Regarding DIDs, the private key allows people to prove ownership, grant permissions to share specific data, and sign documents

Public key

  • A public key (a string of letters and numbers) that can be safely shared with anyone to send and receive data
  • Used for user authentication and verification purposes

Verifiable Credential

  • A digital, cryptographically secured version of both paper and digital credentials that people can present to organizations that need them for verification
  • When digital credentials conform to the Verifiable Credentials Data Model 1.0, which is a standard established by World Wide Web Consortium (W3C), they can be referred to as Verifiable Credentials

Conclusion

In an increasingly digital world, the problem with physical IDs and credentials is that they can be easily forged and take a lot of time to verify for authenticity.

Verifiable Credentials are:

  • Are a digital version of paper-based credentials that people can present to organizations
  • Tamper-proof
  • Supports data protection
  • Instantly verifiable
  • Secure and allow the ID holder to have full control and ownership of their data

In the Verifiable Credentials ecosystem, there is an issuer, holder, and verifier. The issuer and holder are required to use decentralized identifiers, or DIDs, which are globally unique identifiers that allow the owner to prove cryptographic control over them. DIDs allow for private and secure connections between two parties.

There are a growing number of use cases for Verifiable Credentials in diverse industries around the world. This has many benefits including speeding up the hiring process, reducing fraud, providing privacy, and improving safety in the supply chain.

Learn More

About Dock

Dock is a Verifiable Credentials company that provides Dock Certs, a user-friendly, no-code platform, and developer solutions that enable organizations to issue, manage and verify fraud-proof credentials efficiently and securely. Dock enables organizations and individuals to create and share verified data.

“We’ve looked at a lot of the systems that allow you to issue DIDs and VCs and generally what we’ve found is that Dock is far easier to use than many of the existing tools out there. It can deploy very quickly and it will be very easy for our developers to use the tool.”
Amber Hartley
Chief Strategy Officer, BurstlQ

Start issuing Verifiable Credentials today

Dock Certs is an all-in-one suite of Verifiable Credential (VC) tools built for organizations to issue digital credentials and certificates that are automatically and instantly verifiable, fraud-proof and auditable.