Verifiable Credentials

Verifiable Credentials

A Verifiable Credential (VCs) is a type of data structure consisting of claims (datapoints) and cryptographic proofs that are issued issued by a single party, held by the subject, and shared and verified by trusted parties under explicit consent. They are flexible form of of machine-readable data that is cryptographically secure and privacy-respecting by default.

VCs are another W3C recommended specification (opens in a new tab) as of 2022; the growing consensus is that because they rely on digital signatures — among other strong cryptographic methods — they are more tamper-evident and more trustworthy than traditional physical or digital credentials.

The structure is highly flexible and can support traditional identity information like birthdate or a national ID, as well as other sensitive information like account numbers and payment information. The addition of technologies, such as digital signatures, makes verifiable credentials (opens in a new tab) more tamper-evident and more trustworthy than their physical counterparts.

In Portabl's context, VCs are used to represent personal data that is signed and issued by Portabl or a participating provider and subsequently owned and controlled by the user. Importantly, an end user can accumulate 1 or many credentials — sort of like stamping different pages in a passport. For example, an end user may have a complex identity credential signed by their bank as well as a simple credential proving their email or phone number. Some of these credentials may have data in common, and try to abstract most of that away for end users.

The important part is that credentials are reusable because they travel with the end user and take advantage of their underlying cryptography to ensure data authenticity and veracity of the signer — this is what makes them portable.

Beyond portability, datapoints are all composable. That means an end user will never ‘overshare’ — they will only need to disclose the minimum required by a request for datapoints without bleeding information about the non-disclosed datapoints.

For example, an end user can request a credential from their bank A, which may contain information necessary to perform KYC. The user can then share some or all of the datapoints in that credential to join fintech app B, all without having to manually input information. B can cryptographically verify that the user is a trusted entity.

How do Verifiable Credentials work?

A VC is created by the issuer and sent to the receiver. It contains a set of datapoints i.e. claims about attributes, e.g., name, birth date, grade, ID, or other information the issuer wants to attribute to the receiver. In order to forward a claim to a verifier, a presentation is created. A presentation allows to present only a subset of attributes, such as revealing the birth date attribute without the name attribute.

The issuer-holder-verifier relationship is often referred to as the “trust triangle.”


Why are Verifiable Credentials important to Portabl?

VCs are a key component of Portabl's mission to give users control over their personal data. By using VCs, users can choose which data they want to share with third parties, and they can do so without compromising their privacy or security.

In addition, VCs can help reduce fraud and streamline data sharing processes. With VCs, trusted parties can quickly and easily verify the authenticity and accuracy of data, which can help prevent fraud and speed up decision-making processes.

Overall, VCs provide a secure, decentralized, and user-centric way to represent and exchange personal data, which aligns with Portabl's values and goals.