Verifiable Credentials (VC)

A verifiable credential is a digital version of a real-world claim, such as a diploma, a membership, or a proof of age, that is cryptographically signed by an issuer so anyone can check it is genuine and unaltered. The W3C data model defines three roles: an issuer that signs the credential, a holder that stores it in a wallet, and a verifier that checks it.

The model supports selective disclosure, where a holder can prove a single fact, such as being over eighteen, without revealing the underlying document or other attributes. The OpenID Foundation profiles OID4VC and OID4VP define how credentials are issued and presented over familiar OAuth-based flows.

For CIAM, verifiable credentials point toward reusable identity: a customer verifies once and reuses the result across services, which reduces repeated proofing and supports privacy by sharing only what is needed.

Sources

• W3C Verifiable Credentials Data Model: https://www.w3.org/TR/vc-data-model/