A credential is a qualification, achievement, quality, or piece of information about an entity’s background, typically used to indicate suitability. A credential could include information such as a name, home address, government ID, professional license, or university degree. The use of credentials to demonstrate capability, membership, status, and minimum legal requirements is a practice as old as society itself. The potential use cases are innumerable, but common important examples are represented here in the domains of:
- Education - where academic credentials and co-curricular activities are recognized and exchanged among learners, institutions, employers or consumers.
- Workplace - where an applicant’s certified skill or license is a condition for employment, professional development and promotability.
- Civil Society - where access to social benefits and contracts may be based on verifiable conditions such as marital status.
- Payments - where the legal right to purchase a product depends on the verifiable age or location of the buyer.
- Identity - where an entity presents credentials to prove their identity or qualification.
- Ownership - where an entity presents proof of ownership of a particular asset or a right to perform specific operations against a resource. Examples are ownership of securities that entitles the entity to dividend payments or the authority to transact on an account.
- Internet of Things (IoT) - where a machine presents credentials that enable it to act on behalf of its owner in a limited capacity, and where that machine can delegate certain tasks to other machines in an ad-hoc way.
A number of W3C member organizations are proposing the creation of a new standardization activity around credentials on the Web with the following goals in mind:
- Interoperability and Portability. We want to ensure that an open credential can be used by as broad of a range of organizations as possible. We firmly support the notion that a recipient of a credential should be able to store, archive, and migrate credentials throughout their lifetime with relative ease.
- Scalability. The credentialing solution should be usable by the 3 billion people using the Web today, and the 6 billion people that will be using the Web by the year 2020.
- Verifiability. The veracity of claims made by a credential should be verifiable using the credential itself.
- Privacy Enhancing and Recipient Controlled. We want a system that protects the privacy of the individual or organization using the credential by placing the recipient in control of who is allowed to access their credential.
- Extensibility. Our desire is to construct a foundation where different industry vertical-specific solutions can be built without unnecessary central coordination.
- Accessibility. The credentialing solution should be accessible and therefore also usable by the 10% of the world population with disabilities.
- Patent and Royalty-free. We are building public infrastructure whose growth should not be limited by patents and royalties. Credentials affect everyone and the technology to create them must be open and free.