Verifiable Credentials are a digital, cryptographically secured version of both paper and digital credentials that people can present to organizations that need them for verification. A few of many examples of information that can be issued as Verifiable Credentials:
When digital credentials conform to the Verifiable Credentials Data Model 1.0, which is a standard established by World Wide Web Consortium (W3C), they can be referred to as Verifiable Credentials.
An example of a university degree issued as a Verifiable Credential that is stored on a Dock wallet.
Examples of Decentralized Identity Verification
Maintaining privacy is a major benefit of Verifiable Credentials. Let’s say there’s an on-demand food delivery company that requires applicants to have a valid driver’s license. The company can instantly check the Verifiable Credential to confirm that an applicant has a valid driver’s license. A verifiable presentation would allow an applicant, the holder, to show their license number without sharing unnecessary information like their full name or address.
In another example, a club’s staff member can scan the QR code of the holder’s Verifiable Credential to ensure they are at least 18 years old. The public DID of the government’s licensing department is on the blockchain which allows the club to verify the authenticity of the Verifiable Credential because the club trusts the department that issued the credential. The Verifiable Credentials create trust between the parties and guarantee the authenticity of the data and claims without actually storing data on the blockchain.
In another situation, Sofia just moved to Canada without a physical copy of her university degree and she needs to prove her field of study to receive a job offer. Her university then issues her a Verifiable Credential, which is the degree, that is associated with her DID and she can store this in her digital wallet. Sofia then presents the credential to the employer who can instantly verify its authenticity.
A decentralized identity wallet enables people to securely store, manage, and share DIDs and Verifiable Credentials. It’s comparable to a physical wallet that holds various IDs and claims about yourself like service cards, bank cards, and licenses. The decentralized identity wallet will store verified credential details like citizenship, employment, name, and address to prove eligibility, identity, or complete a transaction.
A mobile identity wallet stores information on the phone rather than a browser’s storage or cloud. The digital wallet allows people to access apps and services without revealing personal information. DIDs also prevent your devices from being tracked and correlated (data may be traced back to someone's identity or online behavior). Verifiers can connect to the user’s identity wallet and request data while the user always chooses when to give permission to share data.
Let’s say Anna wants to sign in with Dock Certs using her DID.
Here are just a few of many examples of how decentralized identity technology can solve many problems that result from traditional verification processes and centralized identity management systems in a variety of industries.
Industry | Traditional Process | Problems/Risks | Verifiable Credentials Solution |
---|---|---|---|
Supply chain | Relies on physical IDs and documents to demonstrate compliance, which creates inefficiencies. | Documents can be easily forged and difficult to authenticate.Manual verification process is slow and prone to errors.An importer can bring unapproved, non-compliant medical supplies into a market putting public health at risk. | Verifiable Credentials can’t be forged and they can be verified within seconds without contacting the issuing party, saving a tremendous amount of time and money. |
Finance | To access financial services, someone has to go through compliance screening by submitting personal details in physical form that is stored in a large database and shared with one or more third parties that conduct know your customer (KYC) and credit checks. | Individuals have no control over how their data is secured, shared, and accessed by third parties. | The data provided in the credentials is cryptographically secured, tamper-proof, and can be verified. |
Healthcare | Employers use manual processes to verify paper-based licenses and certificates for healthcare providers. | Traditional verification takes weeks if not months, which creates delays in filling much-needed health care roles. | Organizations that provide and regulate medical licenses for the healthcare workforce can issue licenses in the form of digital credentials. The recipients of these licenses can then easily share them for instant verification by any hospital, clinic, or medical department where they would like to work. |
Blockchain: A decentralized database that is shared among computers in the blockchain network that records information in a way that makes it very difficult to change, hack, or cheat the system.
Centralized identity management: Administrative control by a single authority or Hierarchy.
Decentralized digital identity wallet: Enables people to securely store, manage, and share DIDs and Verifiable Credentials.
Decentralized Identifiers (DIDs): Cryptographically verifiable identifiers created by the user, owned by the user, and independent of any organization. DIDs contain no personally identifiable information.
Decentralized identity: A type of identity management that allows people to control their own digital identity without depending on a specific service provider.
Digital identity: The body of information about an individual, organization, or electronic device that exists online, including search history and user names.
Federated identity management: Allows authorized users to access multiple applications and domains with a single set of credentials like when people can use their Google or Facebook to sign into websites or apps.
Holder: A user who creates their decentralized identifier with a digital wallet app and receives the Verifiable Credential.
Issuer: The organization that signs a Verifiable Credential with their private key and issues it to the holder.
Private key: Made up of a long string of letters and numbers that allows people to prove ownership, give consent to share selected data, and sign documents. It is used to both encrypt and decrypt the data. As an analogy, a private key is like a master key that can access all of your information and the owner should never share their private key with anyone.
Public key: Made up of a long string of letters and numbers that can safely be shared with anyone you choose to give specific information to.
Self-Sovereign Identity (SSI): A model that gives individuals full ownership and control of their digital identities without relying on a third party. This term is often used interchangeably with the term “decentralized identity.”
Verifiable Credentials (VCs): Digital cryptographically-secure versions of both paper and digital credentials that people can present to organizations that need them for verification.
Verifier: A party that checks the credentials and can read the issuer’s public DID on the blockchain to verify if the Verifiable Credential the holder shared was signed by the issuer’s DID.
Decentralized identity is a type of identity management that allows people to own, and control their own digital identity without depending on a specific service provider. Decentralized identity technology is solving many of the problems resulting from centralized and federated identity management systems, including widespread certificate fraud, slow and expensive verification processes, and risks of data breaches.
Decentralized Technology Benefits
Industry | Traditional Process | Problems/Risks | Verifiable Credentials Solution |
---|---|---|---|
Supply chain | Relies on physical IDs and documents to demonstrate compliance, which creates inefficiencies. | Documents can be easily forged and difficult to authenticate.Manual verification process is slow and prone to errors.An importer can bring unapproved, non-compliant medical supplies into a market putting public health at risk. | Verifiable Credentials can’t be forged and they can be verified within seconds without contacting the issuing party, saving a tremendous amount of time and money. |
Finance | To access financial services, someone has to go through compliance screening by submitting personal details in physical form that is stored in a large database and shared with one or more third parties that conduct know your customer (KYC) and credit checks. | Individuals have no control over how their data is secured, shared, and accessed by third parties. | The data provided in the credentials is cryptographically secured, tamper-proof, and can be verified. |
Healthcare | Employers use manual processes to verify paper-based licenses and certificates for healthcare providers. | Traditional verification takes weeks if not months, which creates delays in filling much-needed health care roles. | Organizations that provide and regulate medical licenses for the healthcare workforce can issue licenses in the form of digital credentials. The recipients of these licenses can then easily share them for instant verification by any hospital, clinic, or medical department where they would like to work. |
Dock is a Verifiable Credentials company that provides Dock Certs, a user-friendly, no-code platform, and developer solutions that enable organizations to issue, manage and verify fraud-proof credentials efficiently and securely. Dock enables organizations and individuals to create and share verified data.
可验证证书是纸质和数字证书的数字加密版本,人们可以向需要这些证书进行验证的组织展示。以下是可以作为可验证证书发放的许多信息的一部分:
当数字证书符合世界万维网联盟(W3C)制定的可验证证书数据模型1.0标准时,它们可以被称为可验证证书。
一个存储在Dock钱包中的可验证证书的大学学位的示例。
去中心化身份验证的例子
保护隐私是可验证证书的重要优点。假设有一家即时食品送货公司要求申请人持有有效的驾驶执照。该公司可以立即检查可验证证书以确认申请人是否持有有效的驾驶执照。可验证演示将允许申请人,持有人,显示其执照编号,而无需共享不必要的信息,如其全名或地址。
在另一个例子中,俱乐部的工作人员可以扫描持有人的可验证证书的QR码,以确保其年满18岁。政府许可部门的公共DID在区块链上,这使得俱乐部可以验证可验证证书的真实性,因为俱乐部信任发放证书的部门。可验证证书之间建立了各方之间的信任并且保证了数据和声明的真实性,而实际上并没有在区块链上存储数据。
在另一种情况下,索菲亚刚刚移居加拿大,没有大学学位的实体副本,她需要证明她的专业领域以获得工作机会。然后,她的大学发行了一个与她的DID相关联的可验证证书,即学位,并将其存储在数字钱包中。然后,Sofia将证书提交给雇主,后者可以立即验证其真实性。
去中心化身份钱包使人们能够安全地存储、管理和共享DID和可验证证书,类似于持有各种ID和关于自己的声明的服务卡、银行卡和许可证的实体钱包。分散式身份钱包将存储验证凭据的详细信息,例如公民身份、就业、姓名和地址,以证明资格、身份或完成交易。
移动身份钱包将信息存储在手机上,而不是浏览器存储或云端存储中。数字钱包允许人们访问应用程序和服务,而不必透露个人信息。DID还可以防止设备被跟踪和相关联(数据可以追溯到某人的身份或在线行为)。验证者可以连接到用户的身份钱包,并请求数据,而用户始终选择何时授权共享数据。
假设安娜想使用其DID签署Dock Certs。
2.Anna使用Dock钱包扫描QR码,并授权网站立即验证她的凭证。
3.她选择为Dock Certs创建的DID,然后单击批准。