By clicking "Accept", you agree to the storing of cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts. More info

Selective Disclosure Guide: Privacy Feature of Verifiable Credentials

Published
September 4, 2024

Selective Disclosure is a privacy feature that allows organizations to only view the necessary information contained in a digital credential without compromising the privacy of the person who holds it. In this article, we will explain the key benefits of Selective Disclosure for organizations and individuals, how it works, and how Dock’s technology enables this privacy tool.

What Is Selective Disclosure?

Selective Disclosure is a feature of Verifiable Credentials that allows users to share only the information they want with specific parties. By using Selective Disclosure, people can limit who has access to their personal data. 

For example, let’s say Ash holds a university degree as a digital credential that contains his name, student number, email, and degree name. He applies for a consulting agency and they send a request to verify his university degree. Using his Dock Wallet that holds all of his digital credentials, with Selective Disclosure, he only chooses to share his name and degree name instead of sharing all of the details from his credential.

The Dock Wallet allows people to share specific information to verifiers if the Verifiable Credential was issued with Dock's privacy enhancing feature (Dock BBS+)
The Dock Wallet allows people to share specific information to verifiers if the Verifiable Credential was issued with Dock's privacy enhancing feature (Dock BBS+)

A Verifiable Credential is like a digital version of a traditional paper credential such as a driver's license or passport but with the added benefits of increased security and privacy. The information contained in a Verifiable Credential is stored in a secure and tamper-proof format, allowing organizations to easily and quickly verify the information without the need for extensive background checks or in-person verification. The individual who holds the Verifiable Credential has control over what information is shared and with whom, which provides a higher level of privacy and security compared to traditional paper credentials.

Benefits Selective Disclosure for Organizations and Individuals

1) Data minimization

Data minimization is when individuals and organizations only share the minimum amount of information necessary for a specific transaction or purpose. This approach reduces the amount of personal or sensitive data that is collected, stored, and/or shared, decreasing the risk of data breaches and privacy violations.

For example, in healthcare, a patient might use a Verifiable Credential to selectively disclose only their medical history related to a specific condition rather than their entire medical record when seeking treatment from a new doctor. This minimizes the amount of data that is shared, reducing the risk of sensitive information being misused or disclosed to unauthorized parties while enhancing the protection of sensitive information.

2) Helps with compliance with data regulations

By limiting the amount of data disclosed, Selective Disclosure helps organizations comply with data protection regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) by minimizing the amount of personal data processed and stored. Learn more about how Dock’s technology can help with data compliance

3) Enhance trust with customers 

Selective Disclosure allows customers to present only the information they need to verify the authenticity of the credential. This increased level of control over the information that is shared can help build trust with customers and improve organizations’ reputation with regard to how they respect people’s privacy.

Selective Disclosure Use Case Examples

Banking: Customers only share the necessary information in a secure and privacy-preserving manner to have their identity verified or to complete a financial transaction.

Education: Students can selectively disclose their academic history by only sharing their transcripts, diplomas, or other relevant information when applying for jobs or further education.

Government: Government agencies can verify the identity of citizens and employees that only share the minimum amount of personal information necessary for a specific transaction or service.

Human Resources: Employers can verify the education and employment history of job applicants by only accessing the minimum amount of information necessary to make a hiring decision.

Supply Chain: Companies can use Verifiable Credentials to securely share information about the origin, quality, and authenticity of products, only disclosing the relevant information necessary to ensure the integrity of the supply chain.

Healthcare: Patients can selectively disclose their medical history and only share information that is relevant to a specific treatment or procedure.

Dock’s Solutions Enable Selective Disclosure

The Dock Wallet allows people to share specific information with verifiers when there is a credential verification request. With the wallet and Verifiable Credentials, organizations can’t access people’s information without their explicit permission.

Here are some examples of when people would use Selective Disclosure with credential verifiers: 

1) A woman can prove her student status by sharing her student number but not her full name to a restaurant that wants to verify that she is a student before applying the student discount.

Restaurant’s credential verification request:

Verifiable Credential request

Anita uses Selective Disclosure to share her student number only but not her full name and email:

With Selective Disclosure, Anita chooses to just send her student number only.

2) Gym needs to verify that all employees need to have a valid First Aid certificate.

3) These are Sandy's existing credentials in her Dock Wallet. When she scans the gym's request to verify her First Aid certificate, she will be prompted to select the appropriate credential.

Sandy chooses to share her certificate number and name but not her email:

With Selective Disclosure, Sandy only chooses to share her name and certificate number only

3) A health company wants to ensure that Senior Graphic designer job applicants have a Bachelor of Design degree. The HR representative requests shortlisted applicants to share their credentials.

Because Eric doesn’t want to share all of his information until he is selected for an interview, he only shares information that confirms the authenticity of his degree but not other personal details like his name and email.

Selective Disclosure Implementation: Enabled by Dock BBS+ Signature

Selective Disclosure can be used when the credential issuer such as a school, licensing organization, or employer uses Dock Certs to provide a credential. Selective Disclosure can be enabled by selecting the Dock BBS+ option. 

BBS+ signatures are needed to enable Selective Disclosure. BBS+ is a different signature algorithm that lets holders efficiently prove that they have a signature without revealing it, which makes the holder unlinkable because the proof looks different each time.

Generally, a signature algorithm is a mathematical process that is used to create a unique digital signature for a message or document. This signature is like an electronic "fingerprint" that proves that the message or document came from a specific sender and has not been tampered with.

Click here to see our complete gone on Dock Certs for credential issuers. 

Conclusion

Selective Disclosure is a valuable privacy tool for organizations looking to balance the need for secure, trusted digital credentials with the need to protect individual privacy. By only revealing the necessary information, organizations can comply with data protection regulations, reduce costs and improve the efficiency of the verification process, and build trust with customers and other stakeholders. As the use of Verifiable Credentials continues to grow, Selective Disclosure will play a key role in ensuring the privacy, security, and efficiency of digital credential verification processes.

Customer Use Cases

Learn More

About Dock

Dock is a Verifiable Credentials company that provides Dock Certs, a user-friendly, no-code platform, and developer solutions that enable organizations to issue, manage and verify fraud-proof credentials efficiently and securely. Dock enables organizations and individuals to create and share verified data.

Create your first Verifiable Credential today

Dock enables IDV providers and IAM systems to verify the same person across multiple businesses or siloed systems. It enables them to easily confirm that a user has been verified before, create a consistent view of that user’s identity and significantly reduce onboarding friction.