By clicking "Accept", you agree to the storing of cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts. More info

Verifiable Digital Certificates: Complete Guide on How They Work

Published
September 4, 2024

What Are Digital Certificates?

Digital certificates issued as Verifiable Credentials on the Dock Wallet

A digital certificate is an electronic document that verifies the identity, characteristics, or qualifications of a person, organization, or object. 

Parties Involved in the Use of Digital Certificates

3 parties that use digital certificates

Issuer: Party that issues digital certificates such as an educational institution or company. 

Holder: Person or organization that stores and uses the digital certificate. 

Verifier: Party that needs to verify the validity of the certificate such as an employer or government department.

Digital Certificate Examples

Digital certificates can be used in a variety of sectors to instantly and conveniently verify credentials to ensure that they are authentic and valid. 

Here are just a few of many examples of how digital certificates can be used to check the credentials of:

  • Healthcare providers to ensure they are qualified to provide quality care safely to patients 
  • Construction workers to ensure they have proper safety training
  • Travel agents and tour guides to ensure they can provide a great and safe experience for travelers
  • Restaurant workers to ensure they know how to properly handle food 
  • Commercial drivers to ensure they have the right type of driver’s licenses

Verifiable Digital Certificate Purpose

Digital certificates can be verified by scanning a QR code

The purpose of a verifiable digital certificate is to establish trust between two parties in a digital environment by preventing document fraud, which is a problem that is rampant in many industries. 

Many people are creating fake license and degree certificates to get jobs they’re not qualified to do, which creates a huge risk for employees, the public, and employers. The consequences are especially severe when fraudsters are working in high-stakes jobs like engineers, doctors, and nurses. 

Some of the many issues that have happened as a result of certificate fraud:

But verifiable digital certificates can help prevent document fraud as they help verifying organizations like employers or businesses check the authenticity of the credentials instantly in seconds without having to call up the issuing organization at all.

Problem With Older Versions of Digital Certificates

Not all digital certificates are created equal. Older versions of digital certificates that are issued simply as a PDF or image are easy to photoshop. Often, an edited image is enough to get unqualified people in jobs. If people didn’t fake a certificate on their own, they could easily buy fake licenses and degrees online instantly and cheaply.

Digital Certificates Issued as Verifiable Credentials

A Verifiable Credential is a fraud-proof and instantly verifiable digital document that contains important information about an individual, organization, or object, such as their full name, job title, and licensing information. Verifiable Credentials are often used when someone needs to prove their identity online or in person to provide added security and reduce the risk of fraud or identity theft.

To prevent certificate fraud, organizations can easily issue verifiable digital certificates with Dock Certs, a no-code, easy-to-use platform. 

Start issuing digital certificates

Benefits of Verifiable Digital Certificates for Organizations

  • Providing assurance that sensitive data is transmitted securely and is tamper-proof
  • Reducing the cost and time for verifying a document’s authenticity and integrity
  • Enhancing data security and privacy 
  • Streamlining operations, such as user onboarding, by providing a faster way of validating information
  • Creating trust between parties in a digital transaction by providing evidence that data is authentic and uncorrupted

Benefits of Verifiable Digital Certificates for Individuals

  • Increased security and privacy as the digital certificates are mainly held in a digital wallet like the Dock Wallet instead of a centralized server that can be vulnerable to large scale hacks and data breaches
  • Digital certificates issued with advanced privacy features like Selective Disclosure (people only share information they choose) and Zero-Knowledge Proofs (proving something without revealing the details)
  • Digital certificates are portable and can be taken anywhere with the phone app while still remaining verifiable

How Does a Digital Certificate Work?

Verifiable digital certificates use blockchain technology and decentralized identifiers (DIDs) to securely verify the identity of a person or entity. First, we’ll go over each of these terms. 

Blockchain

Blockchain

A blockchain is a distributed digital ledger that records and securely stores data, making it nearly impossible to manipulate. Information stored on a blockchain is secured through cryptography and distributed across multiple computers, making it nearly impossible to manipulate or alter. Any changes on the blockchain would have to be accepted by the majority of computers in the network in order to be validated, making it extremely difficult for a single entity to tamper with data on the blockchain.

Decentralized Identifiers (DIDs) Can Be Stored on the Blockchain

People can make multiple decentralized identifiers

Centralized identifiers such as email addresses and social media profiles is what we dominantly use to access apps and services. The recurring problems that have resulted from these identifiers include:

  • Centralized identifier providers can remove access to your data at anytime
  • Can be stored on centralized servers, which are vulnerable to large scale hacks and data breaches
  • Often unclear who has access to personal information

To solve these problems, digital certificate issuers and holders (certificate recipients) can create their own decentralized identifiers, which are made up of a string of letters and numbers, and act as a unique identifier that can be stored on the blockchain. 

Example of a DID created by Dock:

Example of a DID generated by Dock

With DIDs, individuals can prove their identity and ownership of their certificates without revealing any of their personal information such as usernames, emails, or passwords. It also allows for secure verification that digital certificates provided are legitimate without requiring contact with the issuing organization. This makes it possible for employers and organizations to quickly verify an individual's qualifications without risking compromising the data of those involved.

Use Dock Certs to Create a DID

How DIDs and Verifiable Digital Certificates Work Together

How blockchain, DIDs, and Verifiable Credentials work together

DIDs allow people to securely store Verifiable Credentials in an encrypted format on their individual devices, making it harder for bad actors to access data. It’s important to know, to maximize data security, it is best not to store Verifiable Credentials on the blockchain. Doing this also goes against many privacy regulations including General Data Protection Regulation (GDPR), a European Union law that protects individuals' personal data and sets guidelines for how companies can collect, use, and store this information.

Dock never stores digital certificate information on the blockchain. We only store DIDs. Dock’s blockchain acts as a registry of DIDs in order to enable instant verification. Once a user has shared their DID, a verifying organization like an employer can use this identifier to verify a holder’s digital certificate without having any personal information about them. 

How do you know if a digital certificate is fake?

A verifier will know a digital certificate is fake if the DID doesn’t show up or doesn’t match the DID of the issuing organization. 

For example, let’s say a construction company only recognizes health and safety training certificates of ABC Training, whose DID is did:dock:5HREUPKyPNiCND31Q9tCw1hCZhwyDPt42EhMcsGMyD1dYpsr

When the construction company staff scans a fake digital certificate, they will immediately see that the credential isn’t valid because the certificate DID doesn’t match ABC Training’s real DID that is registered on the blockchain. This allows universities and other institutions to ensure that only verified and valid credentials are accepted from applicants. By using decentralized identifiers in this way, organizations can be certain that any credentials presented to them are legitimate and trustworthy.  

A failed verification message will come up on the Dock Wallet for an invalid credential

Public Key Certificate AKA Digital Certificate

This employer's DID comes with a private and public key pair

A digital certificate is also known as a public key certificate. Each DID comes with a private and public key, which come in pairs and a DID can have multiple pairs. Encrypting information is a way of encoding data into a format that can only be accessed by those with the correct key. It protects data from being accessed or changed without permission, making it harder for hackers to access sensitive information.

Digital certificates use public keys to establish trust between the certificate holder and the issuer. The certificate includes the public key of the certificate holder, which can be used to verify their identity. A public key is a long string of characters (e.g. letters and numbers) that is used in cryptography to encrypt and decrypt information. 

The private key of a DID is a unique and secret code used to access data associated with the DID. This key is used to securely sign transactions related to the DID, verifying that the user behind the transaction is authenticated and authorized to carry out the requested action. The private key ensures that only users with permission can gain access to associated data, making it a secure and reliable way to protect information.

How private and public keys are used to issue a passport

Hold Digital Certificates With a Digital Identity Wallet

digital certificate details on the Dock Wallet

A digital identity wallet, like the Dock Wallet, is an effective way to securely store and manage your digital certificates while protecting your personal information from malicious actors. By using a secure wallet solution like this, individuals have more control over who has access to their credentials and can rest assured knowing that their data is safe.

The Dock Wallet enables people to:

  • Create and have full control of their digital identity with decentralized identifiers (DIDs)
  • Securely store and manage their digital certificates 
  • Have more privacy by only sharing information they choose to a verifier rather than all of the details on their certificate such as only sending their license number and full name but not their email, full address, and date of birth 
Get your free Dock Wallet to store digital certificates

Instant Digital Certificate Authentication

Verifying a digital certificate

Organizations can use Dock Certs and the Dock Wallet to verify users’ digital credentials instantly with the phone or computer. Conventional verification processes often take days, weeks, or even months and often involve expensive, manual processes.

Benefits of Instant Digital Certificate Verification 

  • Prevent certificate fraud
  • Helps organization comply with data regulations by providing more data privacy and security 
  • Improve efficiency in operations
  • Reduce the risk of injuries, liabilities, lawsuits, and death by hiring people with the right qualifications
Start creating verification requests for digital certificates

Example of a Full Digital Certificate Verification Flow

Here is an example of how the issuer, holder, and verifier use verifiable digital certificates. 

Fate Home Construction needs many workers for an upcoming project but needs to make sure that all workers have a valid Work at Height training certificate issued by ABC Training. Because the company wants to speed up their hiring process, they use Dock Certs and the Dock Wallet to create verification requests that are sent to job applicants in the form of a QR code. 

  1. Issuer: ABC Training (DID: did:dock:5HREUPKyPNiCND31Q9tCw1hCZhwyDPt42EhMcsGMyD1dYpsr)
  2. Holder: Riku Atsuko (DID: did:dock:5EKbt2cusWELwkoqPRKCLa7VDWixR1i4uojYGE1fATs9mZfb)
  3. Verifier: Fate Home Construction 

  1. Fate Home Construction organizes a hiring event at their office. Riku arrives and a staff member shows the verification request QR code on their Dock wallet app for Riku to scan.
Digital certificate verification request with a QR code

2. After Riku scans the QR code with his Dock Wallet, he gets this digital certificate presentation request and selects Accept.

Digital certificate presentation request

3. Riku chooses his Work at Height certificate and selects Next.

Work at Height digital certificate

4. Because ABC Training issued the Work at Height digital certificate with Dock’s advanced privacy features, Riku chooses to only send his certificate number to Fate Home Construction but not his email and full name. 

Digital certificate that enables selective disclosure

5. Riku chooses the DID he created specifically for job applications to send the certificate information.

You will select a digital identity to present the digital certificate

6. The digital certificate is valid and Riku sees that the verification is successful.

Verified digital certificate

Conclusion

The use of verifiable digital certificates is becoming increasingly popular as organizations look for ways to improve efficiency in operations, reduce risks, and comply with data privacy regulations. This technology helps organizations prevent certificate fraud, improve data security and privacy, provide more transparency throughout the process, and increase trust in the validity of important documents.

Dock Certs enable organizations to provide digital certificates efficiently and create verification requests. The Dock Wallet enables people to securely store and manage their digital certificates and fully own their digital identity with decentralized identifiers (DIDs). 

About Dock

Dock is a Verifiable Credentials company that provides Dock Certs, a user-friendly, no-code platform, and developer solutions that enable organizations to issue, manage and verify fraud-proof credentials efficiently and securely. Dock enables organizations and individuals to create and share verified data.

Dock’s Solutions

  • Dock Certs: Web app to issue and manage digital identity and Verifiable Credentials
  • Certs API: Easy integration with your system to make your data fraud-proof and instantly verifiable
  • Dock Wallet: Easily store and manage their digital credentials and identity (individuals) and verify credentials instantly (organizations)

Partner Use Cases

Learn More

Create your first Verifiable Credential today

Truvera enables IDV providers and IAM systems to verify the same person across multiple businesses or siloed systems. It enables them to easily confirm that a user has been verified before, create a consistent view of that user’s identity and significantly reduce onboarding friction.