How to choose the right credentialing platform?
Are you interested in dematerializing your processes and issuing certified and 100% digital certificates for your academic documents (diplomas, transcripts, skills, badges, etc.)? A better understanding of the challenges of verifiable credentials platforms using blockchain technology is key to get your project off to a good start. Durability, interoperability, open standards, vendor lock-in effect and user experience: let’s have a look!
Digital credentials are 100% digital, verifiable and secure certificates, allowing to dematerialize a credential, training or official document. Many players are offering credentialing platforms. Many come from digital vault technology, but the current buzzword is blockchain. However, it can be difficult to understand: the blockchain has almost become a must for marketing departments, hiding disparate realities.
What does the blockchain digital credentials guarantee?
For all the titles of a person (diplomas, professional training, training for certification, transcripts, acquired skills… and also official or administrative documents), the guarantee of blockchain digital credentials is to provide certificates that are:
- tamper-proof and valid for life, regardless of the service provider;
- directly verifiable, i.e. that can be presented without recourse to a third party to certify their authenticity.
As digital credentials become more widely available, the need for an open standard is growing. Each holder of a certificate must be guaranteed that they will be able to use it throughout their life, in all types of environment, independently of the service provider that issued the certificate. This is the guarantee of interoperability of blockchain digital credentials.The W3C has addressed this issue and has proposed a standard (Verifiable Credentials Data Model 1.0) as early as 2019. This standard is currently being implemented by the European Commission on the EBSI blockchain, and for example by the Digital Credentials Consortium and EDCI (Europass Learning Model). Another example is the Open Badges standard (IMS Global), which standardizes credentials generally dedicated to skills and soft skills.
Why should we do more than just talking about blockchain?
Let’s take an example: you are looking at a certificate online on a service provider’s site and you are notified that the certificate is secured by the blockchain. Very often, you are looking at data stored in a database (at best a digital safe) of the supplier, who has deposited a timestamp (a unique signature, proof of the non-modification of a document or a set of data) on the blockchain.
Many questions can arise:
- Can I check that the timestamp is the right one, without trusting the site I am on? For certified data presented on an online digital credential, in many cases, this will only be possible for IT experts, otherwise it will be very difficult, if not impossible.
- Can I check who issued the document or data that I am looking at?
- What happens if the provider stops its service?
We can see that if the blockchain satisfies marketing departments by allowing them to talk about security, durability and immutability, these notions can be overused. The timestamps will be long-lasting, but the data used are subject to the usual problems of centralized service providers (security, authenticity, continuity of service).
What are the requirements for understanding the services offered by blockchain credentialing platforms?
As soon as the fundamental principles of blockchain digital credentials are set as specifications, namely « forgery-proof, vendor-independent, interoperable and verifiable without third parties », it becomes obvious that the traditional know-how of a centralized IT service provider is no longer sufficient, and that the challenge is as much about technology as it is about systems.
Here is an analysis of the main requirements, and for each of them the answer provided by BCdiploma, a verifiable credentials platform already used by more than a hundred institutions in 15 countries.
Requirement #1 A digital credential blockchain is tamper-proof and verifiable
What is a verifiable digital certificate? It is a certificate that can be verified without the help of a third-party to ensure that it has not been falsified, i.e. that the data consulted has been issued by the issuer and that it has not been altered.
The storage architecture of the data presented and their authentication mode (« how are they signed by the issuer? ») have a direct impact on the security of the digital certificate and the proper understanding of its proofs of authenticity.
In traditional blockchain technologies, such as those based on BlockCerts, the storage of data is dissociated from the storage of proof, and it is necessary to query a third-party open-source service, known as a verifier, to request verification of authenticity. It is therefore necessary to carry out handling, on the one hand, and on the other hand to trust the verification service which carries out a timestamp comparison operation.
In contrast, BCdiploma ensures the security, integrity and traceability of credential data by storing it directly on a blockchain. Reading the proofs is thus made easier: the data itself can be consulted without handling. You can ensure that it has been issued from the issuer’s verified address, information that is accessible to all in a smart contract. The links to view this information on the blockchain are provided with each credential.
Requirement #2 A digital credential blockchain is accessible for life, regardless of the service provider.
Yes, that’s right: a great breakthrough in blockbuster ecosystems, bringing a complete break with the classic model of dependence on service providers.
How does this translate into practice and what questions need to be asked?
- How is the viewed data stored? In a database, decentralized storage managed by the issuer, a wallet owned by the owner of the credential?
- Is the solution offered secure and durable?
- Another important factor for service adoption is whether the type of storage can be easily deployed across a large university or an entire student group?
- Who is responsible for the services and the verifier that allow the reading of the credential and/or access to the proofs?
BCdiploma offers its user community a « long term » approach to these critical issues:
- The certificate data is stored by the issuer itself directly on a public blockchain (or, at the issuer’s request, on its own consortium blockchain). They are thus, in fact, stored and secured in a durable and tamper-proof environment independent of BCdiploma.
- The proofs of authenticity of the certificates are stored on a public blockchain within a smart contract: they also remain tamper-proof and can be consulted without time limit.
- The access to the certificates is carried out by a reading web service that the issuers can appropriate, and for which they have contractually a reversibility clause. The idea is to deploy a web service within a minimalist cloud instance to provide this reading service.
Requirement #3 A digital credential blockchain is interoperable with open standards
The challenge of blockchain digital credentials is to provide each individual with digital certificates that can be used at every stage of their life, without depending on any format and any provider. It is therefore not possible to build a blockchain credentialing service based on a proprietary format.
Open standards, which guarantee good interoperability, are issued by the W3C, which has published the Verifiable Credentials Data Model. The Open Badges standard (IMS Global), is also considered a durable open standard when it comes to acquired skills and soft skills.
Interoperability is key to the BCdiploma project. In its patented technical framework, BCdiploma focuses on providing a direct access link to a certified set of data, regardless of the data model used. Thus, the standard format of a digital credential issued via BCdiploma is a simple URL link that can be viewed directly on any web browser. This is a very pragmatic approach to interoperability and user UX.
In addition, because BCdiploma technology is non-prescriptive in terms of the data model, it adapts particularly well to any existing or future open standard. The most illustrative example is BCdiploma’s Open Badges micro-certification format. Without any adjustments to its blockchain engine, BCdiploma was able to offer its users an Open Badge format for issued digital credentials. BCdiploma is the first 100% blockchain operator to be certified Open Badges by IMS Global.
The challenge of the W3C Verifiable Credentials standard has been taken up by BCdiploma, which is deploying its service from 2021 in EBSI and EDCI environments, two European Commission projects implementing this new open format.
What about the end-user?
Above all, the end-user wants to have verifiable and tamper-proof credentials available when they need them. Using the blockchain is the best way to meet this need efficiently.
Hence the pragmatic approach that BCdiploma offers its users: to provide a link directly usable in traditional professional digital environments, without the need to use a third-party application.
For further information
In this article, we have overlooked the issue of compliance with the GDPR, which is key when storing credentials data for a long time. This issue deserves careful thought so please refer to article “Blockchain digital credentials, probative value and GDPR: time to take stock!“.