Verifiable Credentials: W3C Verifiable Credentials

Cryptographically secure digital credentials that can be verified without contacting the issuer. Based on W3C standard. EUDI Wallets use verifiable credentials for storing identity documents, diplomas, licenses, and other official documents.

The World Wide Web Consortium (W3C) published the Verifiable Credentials Data Model as a recommendation, first in version 1.0 (2019) and then in version 2.0 (2024). This data model defines the abstract structure and semantics for digital credentials on the web.

At its core, the data model defines three key concepts. A claim is an assertion about a subject, such as "Alice's date of birth is 1990-05-15." A credential is a set of one or more claims made by an issuer, bundled together with metadata and a cryptographic proof. A presentation is data derived from one or more credentials, packaged for sharing with a specific verifier.

The W3C data model is intentionally format-agnostic. It defines the logical structure of credentials but does not mandate a specific serialization format. This has led to two main implementation approaches: JSON-LD with Data Integrity Proofs and JWT/SD-JWT based credentials. The EUDI Wallet ecosystem has chosen SD-JWT VC as its primary format, while also supporting ISO mdoc for certain use cases.

Every verifiable credential contains an issuer identifier, issuance date, optional expiration date, one or more claims about a subject, and a cryptographic proof (typically a digital signature) that makes any tampering detectable. This structure ensures that a verifier can confirm who issued the credential, that it has not been modified, and that it has not expired, all without needing to contact the issuer at the time of verification.

Verifiable credentials operate within a three-party trust model known as the issuer-holder-verifier triangle (sometimes called the trust triangle). Understanding these roles is essential for understanding how credentials flow through the ecosystem.

Issuer: The entity that creates and signs the credential. In the EUDI Wallet context, issuers include government agencies issuing Person Identification Data (PID), universities issuing digital diplomas, driving licence authorities issuing mobile driving licences, health insurance providers issuing insurance cards, and employers issuing professional qualifications. The issuer vouches for the truthfulness of the claims contained in the credential.

Holder: The entity that receives, stores, and manages credentials. In the EUDI Wallet ecosystem, the holder is typically the citizen whose identity or attributes the credential describes. The holder stores credentials in their wallet and decides when and with whom to share them. Critically, the holder can create presentations that contain only selected claims from their credentials, supporting selective disclosure.

Verifier (Relying Party): The entity that receives and verifies a presentation from the holder. The relying party checks that the credential was issued by a trusted issuer, has not been tampered with, has not expired or been revoked, and that the holder is authorized to present it.

Trust Registry: Underpinning the triangle is a trust registry (or trusted list) that allows verifiers to determine which issuers are authoritative for which types of credentials. In the EUDI Wallet ecosystem, trusted lists are maintained by member states and the European Commission, listing which entities are authorized to issue specific types of electronic attestations.

The Architecture Reference Framework (ARF) specifies SD-JWT VC (Selective Disclosure JSON Web Token Verifiable Credential) as the primary credential format for the EUDI Wallet. This is an IETF standard that extends the widely-used JWT format with selective disclosure capabilities.

How SD-JWT works: When an issuer creates an SD-JWT credential, each claim that should be individually disclosable is replaced with a hash (digest) in the main JWT payload. The actual claim values are placed in separate "disclosures" appended to the JWT. The issuer signs the JWT containing the hashes. When the holder wants to share the credential, they can include only the disclosures for the claims they wish to reveal. The verifier can check that each disclosed claim matches its hash in the signed JWT, confirming authenticity without seeing the undisclosed claims.

Key Binding: SD-JWT VC supports key binding, which means the credential is bound to the holder's cryptographic key. When presenting the credential, the holder must prove possession of the corresponding private key, preventing credential theft or replay attacks. In the EUDI Wallet, this private key is stored in the WSCD (secure hardware).

Comparison with ISO mdoc: The ARF also supports ISO mdoc (Mobile Document) format, particularly for mobile driving licences. While SD-JWT VC is optimized for online (remote) presentations using OpenID4VP, ISO mdoc is optimized for in-person (proximity) presentations via NFC or Bluetooth. Both formats support selective disclosure, but through different cryptographic mechanisms.

One of the most debated topics in the verifiable credentials community has been the choice between JSON-LD with Data Integrity Proofs and JWT-based credentials. Understanding this debate helps explain why the EUDI Wallet chose the path it did.

JSON-LD credentials use Linked Data principles to provide rich semantic context for claims. Each claim is linked to a globally unique definition, eliminating ambiguity. JSON-LD credentials can support advanced features like BBS+ signatures for zero-knowledge proofs and unlinkable presentations. However, they require JSON-LD context resolution (fetching context files from the internet), which raises privacy concerns (the context server could track credential usage) and reliability issues (if the context server is down, credentials cannot be verified).

JWT/SD-JWT credentials use the well-established JWT format familiar to web developers worldwide. They are simpler to implement, have smaller payload sizes, work well with existing OAuth 2.0 and OpenID Connect infrastructure, and do not require external context resolution. Their main limitation is that they do not natively support zero-knowledge proof presentations, though SD-JWT provides practical selective disclosure that covers most use cases.

The EUDI Wallet ARF chose SD-JWT VC as the primary format for pragmatic reasons: it builds on widely deployed infrastructure, is simpler for relying parties to implement, avoids the privacy and reliability issues of JSON-LD context resolution, and provides sufficient selective disclosure for the identified use cases. The ARF does not preclude future support for additional formats as the ecosystem matures.

Verifiable credentials in the EUDI Wallet go far beyond abstract technical concepts. Here are concrete examples of how they work in practice.

Digital diploma: A university issues a verifiable credential attesting that a student has completed a Bachelor of Science in Computer Science. The credential contains claims including the student's name, the degree title, the awarding institution, the graduation date, and the final grade. When the graduate applies for a job in another EU country, they can present this credential from their EUDI Wallet. The employer's system verifies the university's signature, checks that the credential has not been revoked, and confirms the claims, all in seconds and without contacting the university.

Mobile driving licence (mDL): A driving licence authority issues a credential in ISO mdoc format containing the licence holder's name, photo, licence categories, and expiry date. During a roadside check, the citizen holds their phone near the officer's device. Using NFC or Bluetooth, only the relevant data is shared: the officer sees the licence categories and validity but does not need to see the citizen's home address.

Age verification: A citizen wants to buy age-restricted goods online. Instead of uploading a photo of their ID, they present a verifiable credential from their EUDI Wallet. Using selective disclosure, only the claim "age_over_18: true" is shared. The online shop verifies this claim is backed by a government-issued PID credential, without ever seeing the citizen's name, date of birth, or any other personal data.

Professional qualification: A doctor moving from Portugal to the Netherlands presents their medical licence credential to the Dutch health authority. The credential, issued by the Portuguese Medical Council, contains their specialization, licence number, and validity period. Cross-border recognition is automatic because both countries participate in the EUDI Wallet trust framework and recognise each other's qualified trust service providers.