Sertifier has joined the Velocity Network Foundation and has adopted its protocols and trust framework into its credentialing solution and credential wallet.
As a leading innovative credentialing solution provider, why did Sertifier join the Velocity Network and how do Sertifier’s customers and end-users benefit from this?
As Arda Helvacılar, Founder and CEO of Sertifier wrote when he announced joining Velocity:
“By integrating Velocity’s transformative blockchain technology into Sertifier’s leading digital credentialing platform, we’re enhancing the trust and verifiability of digital certificates and badges.
Together, we’re strengthening the future of the labor market, placing power back in the hands of individuals, businesses, and educational institutions.”
Let’s explore the concept of a Trust Framework and the key elements of the Velocity Network Trust Framework which Sertifier and its customers and users are benefiting from.
What is a “Trust Framework”?
“Trust Framework” is a term most of us have not heard of or used in the past. Therefore, when we describe the Velocity Network as a Trust Framework, we often get asked about what this actually means.
A Trust Framework is a set of technology designs, protocols, policies, legal agreements, and processes. These elements interoperate to ensure that all participants who exchange data, individuals, issuers, and relying parties, can trust each other and the data that they are exchanging.
Diverse real-world use cases require different levels of assurance and trust for different types of data and different types of transactions. For example, the trust required in sharing and verifying a Nurse License as part of a recruiting process for a hospital is significantly higher than the trust required in sharing a badge of completing the training in “advanced Excel”.
Velocity Network as a Trust Framework
Velocity Network has put in place the most robust trust framework to support the most sensitive and compliance-driven use cases. Some elements of the framework are required for all activities on the Network, and some elements are voluntary. This enables use cases that do not require the highest level of trust and assurance to utilize a subset of the trust framework elements.
The Velocity Network supports trust in two types of transactions:
- Issuing – when a source of data, such as an employer, education institution or licensing body provides an individual with their digital verifiable credential.
- Disclosure and Verification – when the individual shares their credentials with a relying party, and this receiving body confirms the credential validity.
In these transactions, there is a need to build trust in many aspects and address multiple types of potential risks. Broadly, these fall into four groups:
- Trust in the Issuer
- Trust in the Relying Party
- Trust in the Individual
- Trust in the Credentials
Let’s explore some of the trust risks and the solutions the Velocity Network provides for each of these.
Trust in the Issuing Organizations
Risk: An unauthorized person or organization claims to be an organization and issues false credentials.
- VNF maintains a trusted Issuer Registry.
- To be included in the issuer registry an organization must pass a robust KYB process, and agree to the Velocity Network issuer legal framework
- The Network signs and issues an accreditation as a Verifiable Credential for the organization. This Accreditation Verifiable Credential (AVC) contains the organization’s verified profile information, such as the names and logos they are permitted to use, and more.
Risk: a trusted issuer issues a type of credential that it has no right to issue, that is it not the authoritative source for. For example, an employer issues a degree credential.
- The Velocity Network restricts certain credential types to certain Issuers: For example, an education institution should not be able to issue a driver’s license credential
- The Velocity Network restricts certain claims to certain Issuers.
Trust the Relying Party
Risk: Protect individuals from phishing/disclosure to organizations who are not who they claim to be.
- VNF maintains a Relying Party Registry.
- To be included as a relying party an organization must pass a robust KYB process, and agree to the Velocity Network issuer legal framework.
- In any request for data from an individual, the Network mandates that a relying party presents clear terms and conditions for the handling of the personal data.
Trust in the Individual
Risk: Ensure that an individual is who they claim they are when claiming a credential. Avoid a situation where a person receives a credential that they have not personally obtained.
- All wallets on the network enable individuals to verify their identity, including email, phone, and ID Documents such as driver’s license, passport, and national ID cards, before claiming a credential.
- Prior to offering a credential to an individual the Velocity Network protocols enable the issuer to ask for an appropriate identity document, and verify that it meets the information it has on record.
Risk: ensure that the individual is who they claim they are when sharing a credential
- When disclosing a credential (or multiple credentials) with a relying party, the relying party can also request that the individual disclose appropriate verified identity information.
Trust the Credentials Shared by an Individual
Risk: Relying parties must be confident that the credentials have not been tampered with.
- When the credential is issued, the issuer encrypts the public key required for tamper checking and securely stores it within the Velocity Network decentralized ledger. When a relying party wishes to verify a credential, it retrieves the public key from the ledger. Once in possession of the public key, the relying party may run the tamper check, and will also receive an attestation from the issuer of the key.
Risk: Relying parties must be able to check that the credentials that were disclosed to them are valid – meaning they have not expired and have not been revoked by the original issuer.
- Expiry can be checked by simply checking the W3C VCDM expiration timestamp.
- The revocation check method is based on the W3C Status List 2021 standard, using the Network blockchain to store the data. Storing data on the blockchain ensures that revocation checks are privacy-preserving and can be conducted in perpetuity, unlike web-based methods.
Sertifier on Velocity Network
Sertifier on the Velocity Network is the best of both worlds: The advantages of the design, quality, and user experience of the Sertifier platform, combined with the trust of the Velocity Network protocols.
About the Author
Etan Bernstein is the Co-Founder and Head of Ecosystem of Velocity Career Labs ™ and the Velocity Network Foundation®. These organizations co-exist to reinvent how career records and credentials are shared across the labor market, empowering individuals, businesses, and educational institutions through transformational blockchain technology.
Prior to founding Velocity Etan served as Managing Partner of AKT Solutions, one of the largest HR advisory and technology system integrators in EMEA, working with prominent enterprises in the region to transform their HR infrastructure.
Etan began his 25+ year career in Organization Development and HR leadership roles at Intel and Applied Materials.