light-mode-image
Learn

CWT credentials

CWT credentials are used to represent claims of data that can be cryptographically proven as authentic while being compact enough to fit inside a QR code. They are ideal where high information assurance is required but not high identity assurance about the entity presenting the credential.

The following sections will provide you with further information on CWT credentials:

  • Core capabilities: Learn more about the core capabilities enabled when using the CWT credential format.
  • Credential types: Learn about the two different types (CWT and Semantic CWT credentials) and how to choose the one most suitable for your use case.
  • Data structure: Learn more about how CWT and Semantic CWT credentials are built, and how to use standard and custom claims.
  • Implementation considerations: Learn about key considerations that should be explored as part of implementing either a CWT or Semantic CWT credential into your ecosystem.
  • CWT credentials across MATTR Platforms: Introduces key capabilities that are available across MATTR platforms when you embed CWT credentials into your ecosystem.

CWT credentials can be converted to a number of formats. This includes PDF documents that can be presented digitally or printed, as well as Apple and Google passes that can be stored in a digital wallet. Thus, CWT credentials reduce the digital divide by supporting offline or paper-based contexts alongside digital-first channels.

Holders present CWT credentials by showing a verifier a QR code representing their credential. This can be scanned visually, or digitally transmitted by uploading an image or PDF. Verification can be online via API or entirely offline. This makes CWT credentials ideal for rapid verification scenarios and/or when there is no reliable internet connectivity.

CWT credentials are bearer credentials, where all the assurance is fully self-contained within the QR code, with no need for complex dynamic presentation capability from the holder. However, this means that the verifier cannot verify the identity of the person holding and presenting the credential.

Discount vouchers, physical asset tags and luxury goods verification cards are all examples where having authentic information through the supply chain increases the value of goods and services produced, without relying on the identity of the holder.

Therefore, CWT credentials are ideal where high information assurance is required but not high identity assurance about the entity presenting the credential.

Frequently asked questions

What is a CWT credential?

A CWT credential is a verifiable digital credential built on the CBOR Web Token format. It represents claims that can be cryptographically proven as authentic while remaining compact enough to fit inside a QR code. CWT credentials are designed for use cases that require high information assurance but not high identity assurance about the entity presenting the credential.

When should I use a CWT credential instead of another credential format?

Use a CWT credential when you need a compact, self-contained, QR-code-friendly credential that can be verified offline and does not require the verifier to confirm the identity of the holder. Typical examples include discount vouchers, physical asset tags, and luxury goods verification cards, where the value lies in the authenticity of the information rather than the identity of the bearer.

How is a CWT credential presented and verified?

Holders present CWT credentials by showing a verifier a QR code that represents the credential. The QR code can be scanned visually or transmitted digitally by uploading an image or PDF. Verification can be performed online via API or entirely offline using the credential's cryptographic signature. This makes CWT credentials suitable for rapid verification scenarios and contexts without reliable internet connectivity.

Are CWT credentials bound to a specific holder?

No. CWT credentials are bearer credentials. All the assurance is contained within the QR code itself, so the verifier can rely on the authenticity of the information but cannot confirm the identity of the person holding and presenting the credential. Where identity assurance is required, an mDoc or another credential format with holder binding is more appropriate.

Can CWT credentials be used without a smartphone?

Yes. CWT credentials can be converted into a number of formats, including printable PDFs and Apple or Google passes. This supports offline and paper-based contexts alongside digital-first channels, which helps reduce digital exclusion where smartphone access cannot be assumed.

How would you rate this page?

Last updated on

MATTR platforms

Previous Page

Core capabilities

Next Page

On this page

Frequently asked questions
What is a CWT credential?
When should I use a CWT credential instead of another credential format?
How is a CWT credential presented and verified?
Are CWT credentials bound to a specific holder?
Can CWT credentials be used without a smartphone?