As you learned in our talk about holders, issuers, verifiers, and subjects, a verifier verifies a credential that someone is holding. But what does that really mean? When a credential is “verified” that means that it has gone through one or more of the following three checks: verification, validity, and veracity.

A verification check tests that a credential has been formatted correctly. In Transmute’s platform that means checking to make sure that a credential meets the requirements of the W3C verifiable credential data model. The verification check also makes sure that the linked data contained in the verifiable credential meets certain standards.

A validity check tests that a credential has the appropriate signature/proof and that the credential hasn’t been tampered with. As you learned in our piece on digital signatures, this is the digital, higher security version of checking a written signature.

A veracity check tests that a credential has use-case specific details or fields necessary for it to be valuable. For example, a customs organization may require an associated purchase order number on every commercial invoice for in-bound shipments. A veracity check can be coded in customs’ system to make sure that every commercial invoice has a purchase order number contained within it in order to be considered for facilitation benefits.

Verifiable data issued on the Transmute Platform includes both verification and validity checks in the security tab of each credential. Veracity checks are decided by each business, and Transmute works with each customer to ensure that required fields are correctly defined in order to support this verification need.