Back to The Latest

The SLAP – Requirements for Practical Verifiable Credentials   

Opinion

By: Andres Olave – Head of Product, Velocity Network Foundation

Velocity Network has been around for five years now. We have learned a lot while building the Internet of Careers. From the recent discussions with leaders in the SSI and HR tech industries, I have learned that we need to do a better job of sharing these experiences to achieve our dream of using digital data for employment and education in the real-world.  

These issues are NOT about the VC format wars (W3C VC, SD-JWT-VC, MDOC), the Exchange wars (DIDCOMM, VC-API, or OID4VC), or the digital sinature algorithm wars (too many to mention). They are about REAL business needs that must be met before any of these technologies can meet success. I call these business needs the SLAP: 

  • Survivable credentials 
  • Legal risk mitigation 
  • Accreditation for Issuers and Relying Parties 
  • Practical privacy 

Survivable credentials 

Organizations do not live forever; they can open and close overnight. Organizations can merge, go bankrupt, or be liquidated.  On average, in the US, 595,000 companies close annually, and even in the education space, 16 colleges close annually. In the global context, new countries are created, and old ones are disappearing. 

And what if they had been issuing identity, education, and employment Verifiable Credentials? Their websites would disappear overnight. Yet the architecture pursued by many leading educational and employment ecosystems now requires the Issuer’s website to be up permanently; otherwise, the credentials would become unusable. Decentralized identity-based solutions are frequently built on the fallacy that Issuers will exist forever rather than acknowledging the inherent truth that change is inevitable. DID:WEB and JWK Sets require ever-present websites at stable URLs. The novel DID:DHT method has an unavoidable expiry mechanism and republishing mechanism built into the protocol level (in spite of Authoritative Gateway workarounds). It is the same with credential statuses such as revocation and suspension, which are typically stored and published by the Issuer.  

If a college were to close, there would be no more keys and no more revocation statuses, leaving the holder stranded without a Verifiable Credential and without a way to get a substitute. They would be inevitably excluded from the educational and HR use cases for Verifiable Credentials through no fault of their own. 

Velocity Network, therefore, chose to embrace the use of decentralized ledgers (DLTs). DLTs are currently plumbing the depths of the trough of disillusionment (and for good reason in many cases), yet they are one of the simplest ways to ensure Issuer DIDs and credential status lists exist after an Organization’s closure and create truly survivable credentials for individuals. 

Legal risk mitigation 

Verifiable Credentials can be used in a variety of different cases, including gaining access to employee benefits. Still, other more exciting and economically beneficial cases would be to improve the recruitment process, particularly in industries with stringent background checks. These latter use cases come with compliance requirements and legal jeopardy for the Issuer and Relying Party participants. This more legalistic environment is one where potential Issuers may be prevented from issuing credentials at all because of:  

  • The compliance obligations they have if the credential were used by a Relying Party in a regulated use case; 
  • The financial liability an Issuer may incur in case of a Relying Party trusting data in a credential that contains an error  

In both cases, the Issuer needs an ecosystem to guarantee protection from these potential legal issues. Velocity Network issuance protocols are specifically designed to meet the compliance regulations of the background screening industry across the US and Europe. They also limit Issuer liability. Liability is limited, but not zero, which sends a signal to Issuers not to wilfully issue untrue credentials, thereby protecting relying parties and holders. 

Accreditation for Issuers and Relying Parties 

If a Relying Party cannot trust that the Issuer of a Verifiable Credential is who they say they are, then the information in that Verifiable Credential is useless. The Velocity Network provides a class-leading accreditation and trust framework, ensuring that different Issuers are issuing credentials they are accredited to issue. Velocity Network brings in the biggest third-party providers of credential data, not solely relying on primary sources such as the student’s university or direct employer. These third parties follow stringent accreditation requirements required by Velocity Network and enable everyone to go to these clearing houses and background screeners to issue Verifiable Credentials to individuals that can cover all education credentials, all licenses, or even an entire CV. 

We contend that only by having the background screeners, IdV providers, and clearing houses participate can the ideal of digital Verifiable Credentials for everyone be achieved. That requires ecosystems with robust certification processes, such as Velocity Network’s, which was co-developed with accreditation experts. 

Furthermore, holders need to know that their data will go to real organizations and trust the evaluation process for establishing organizational identity. 

There are three models for how these accreditations are distributed. The first model is decentralization using Accreditation Verifiable Credentials (AVCs). The AVCs can be stored on the Issuer’s websites, but this would be subject to the survivability and privacy concerns raised elsewhere in this article. Alternatively, they can be stored on blockchains, which is what EBSI and CHEQD do. 

The second model is for the accreditations (in AVC or non-AVC formats) to be stored on centralized trust registries. The significant downsides are that they are centralized and are single points of failure.  

The third model is a hybrid modeled after DNS, where a trusted authority heads the ecosystem and its trusted partners (or intermediaries) that store the accreditations. This is the model of Open ID Connect Federation and Velocity Network Foundation’s Trust Framework. This third method balances the risks of single points of failure, survivability and performance. 

Practical Privacy 

Velocity Network approaches privacy design through our HR use cases and compliance with GDPR and similar data privacy regulations worldwide—we call this practical privacy. 

Firstly, Velocity Network minimizes the solution’s impact on an individual’s personal data footprint. Personal data in any form (encrypted or hashed) is never stored on the DLT or other centralized systems.  

Secondly, for a Relying Party to receive data, a wallet must capture the individual’s consent and is tracked by the Relying Party. If consent is revoked, then the Relying Party is obligated to remove that data. 

Thirdly, the Issuer must be unable to trace how a credential is used. A job seeker looking to switch companies will never use a credential from an ecosystem that does not ensure that their current employer does not surveil their usage. The issuer must not be able to monitor the use of a single credential nor cleverly correlate the use of a set of employment and training credentials of an individual that were issued throughout a career. Known as “Phoning home,” Velocity Network ensures that linked data, such as URLs for credential status lists, use the Velocity Network DLT, not Web URLs. Indeed, there is a more general issue: linked data permits unscrupulous Issuers to add tracking to any credential. Even if a DLT is used, data access logs should not contain specific credential IDs or links. 

Lastly, Relying Parties should minimize the amount of data they receive. Velocity Network is fortunate because HR lends itself better to micro-credentials because there are a variety of educators and employers throughout a career. Each employment credential has a relatively small amount of data, highlighting a single role at a single organization, revealing very little.  Holders can share with Relying Parties as few credentials as they would like, and each achievement will reveal far less than a traditional LinkedIn profile. There are also use cases in HR that could be enabled by introducing selective disclosure capabilities in the future, and Velocity Network continues to pursue introducing these solutions. 

Next steps 

Velocity Network has been building and operating for survivable credentials, legal risk mitigation, accreditation for Issuers and Relying Parties, and practical privacy for two and half years. We welcome working with the community to create shared standards for ecosystems to achieve workable decentralized identity solutions that solve the pertinent problems for rolling this technology out to organizations and holders. Please contact me if you want to learn more, build a spec together, or start issuing on a robust network for your students and employees. 

References 

https://www.bestcolleges.com/research/closed-colleges-list-statistics-major-closures/ 

https://stachecow.com/how-many-us-businesses-open-and-close-every-year-309#stories