Credential Profiles

Credential profiles

MATTR Credential Profiles combine and evolve with the latest standards and technology stacks to make working with verifiable credentials seamless.

Selecting the right Credential Profile for a solution depends on a number of factors, including but not limited to:

  • The size of the payload.
  • The need for biometric or other identity assurance capabilities.
  • The cryptographic scheme used.
  • The need for privacy-preserving features like selective disclosure.
  • The primary method of issuance, presentation and verification.

Contact us if you need help deciding what Credential Profile is right for your use case.

MATTR platforms currently support three primary credential profiles:

Compact Credentials

Compact credentials are best-suited for sharing authentic information simply. They carry a smaller payload and are optimised for presenting in-person, whether affixed to a physical document or item or displayed digitally on-screen.

Digital signatures ensure the authenticity of information included within the credential, however, do not include assurance about the person presenting the information. If identity assurance is needed, this can be done through attribute matching with an outside identity document.

Key architectures and technology stacks for Compact Credentials:

  • CBOR Web Token (CWT) data model.
  • W3C Verifiable Credential (VC) JSON data model.
  • NIST-approved P-256 key types.
  • COSE digital signature encoding.

Learn more about Compact Credentials.

Web Credentials

Web Credentials are digital-first credentials optimised for sharing over the web that contain rich data beyond text, such as images. They have the ability to include a semantic vocabulary, making them portable across contexts.

Web Credentials can be bound to a digital wallet to provide identity assurance for the person presenting the credential. They can also enable selective disclosure, meaning a user can choose to reveal only the information needed when sharing the credential, and conceal data that is unnecessary for that specific verifier.

Key architectures and technology stacks for Web Credentials:

  • W3C Verifiable Credential (VC) JSON-LD data model.
  • Linked data proofs with semantic data.
  • ed25519 and bls12381g2 key types.
  • BBS signature suite.

Learn more about Web Credentials.

Mobile Credentials

Mobile Credentials are digital credentials based on the ISO/IEC 18013-5:2021 (opens in a new tab) standard, designed to be stored on a holder’s mobile device. Mobile Credentials support a variety of advanced security features, making them an ideal choice for use cases requiring higher assurance identity credentials, such as driving licenses or national IDs.

Mobile Credentials verification workflows are currently designed to be carried out over non-internet communication protocols such as BLE, facilitating in-person exchange and offline verification. These workflows support selective disclosure and enable authenticating the issuer, the holder, and the device the Mobile Credentials are presented from.

Key architectures and technology stacks for Mobile Credentials:

  • Based on the ISO/IEC 18013-5:2021 (opens in a new tab) standard.
  • Use CBOR for object representation and COSE for signing and encryption.
  • Use X.509 certificates for implementing chain of trust authentication workflows.
  • ECDSA with P-256 (ES256) algorithm support for issuer and device authentication.

Learn more about Mobile Credentials.