Revocation and data deletion

Verifiable Credential Revocation.

nChain Identity introduces a game-changer approach for verifiable credential revocation, benefiting both issuers and verifiers.

• For issuers, our system provides a seamless revocation process for credentials through our Issuers API. Issuers control the credential revocation process, independent of users and verifiers. Issuers sign each credential with a unique pair of keys (a unique secret that is linked to the Issuers account). This signature is linked to their Decentralised ID. Each credential status is recorded on-chain and signed by the authority who issues it. Issuers can efficiently revoke credentials when necessary, with immediate effect and utmost security, by changing the status of that credential on-chain.

• On the other hand, nChain Identity offers assurance and efficiency in credential verification for verifiers. When presented with a verifiable credential, verifiers check its status directly on-chain. This direct verification process ensures the validity and integrity of the credential without relying on potentially outdated or tampered information. Verification displays credential status securely checked on-chain, enhancing trust and reducing the risk of fraudulent credentials.

• Lastly, for subjects, our verification process is entirely independent of the issuer. This allows a higher level of privacy that federated identity models do not support. The issuer won't know who the verifier is, the data you share, or why you share it.

Data Deletion

All your personal information and data related to your verifiable credentials are stored in your wallet on your device. nChain Identity Wallet uses biometric checks to access your data, and you can only share it through your device.

Every time you share a verifiable credential, the verification process requests you sign the verifiable presentation. This means that even if the individual or organisation is presented with information duplicates when sharing it, they can't share a valid credential themselves. The same case is presented when the issuer generates a verifiable credential and assigns it to you. The issuer can duplicate the credential's information for tracking or auditing purposes, but it can not share the information as a valid credential since it can't reproduce our signature, and therefore, it can prove the information is accurate.

The only place where your credentials' information is stored is in the wallet on your phone. There are no security copies, and the nChain Identity service has no access to itt. When you delete your account on your wallet, your information is deleted, and nChain Identity can not help you recover it.