Securing Digital Credentials: A Technical Approach to Scalability

In a broad sense, “Digital Credentials” encompass digital badges, certificates, and micro-credentials: they represent not only a technological advancement but also a new paradigm in managing professional and educational pathways. Choosing the right digital credentials technology is crucial to ensure the integrity, security, and portability of digital qualifications, as well as the scalability and sustainability of the ecosystem being implemented.

In this article, we explore the key factors to consider when choosing a digital credentials technology. From data security to ease of verification, and compliance with industry standards, each aspect plays a vital role in the effectiveness and relevance of digital credentials. The goal is to provide you with the knowledge and tools necessary to make an informed choice, tailored to your needs and those of your target audience, in a world where digital credentials are becoming increasingly essential.

BCdiploma is renowned for its expertise in Blockchain Digital Credentials. The company’s technological prowess is evidenced by an international patent US10715313B2 and prestigious awards like the Gold Award at the 2023 1EdTech Learning Impact. BCdiploma is a Microsoft partner with Microsoft Azure co-selling status and client references across various countries and universities.

BCdiploma’s technical approach in its SaaS solution combines:

  • BCdiploma’s patented technology for certification and integrated verification of credentials.
  • Public blockchain for data storage of credentials.
  • Microsoft Azure cloud for hosting applications and APIs.

Credential Data Certification Technology

Credential Data Certification Technology

This image was generated using AI to represent the following paragraph.

A key question in choosing Digital Credential technology is: how is the data certified? Does the system ensure the right level of permanence, security, and transparency?

BCdiploma’s data certification technology ensures long-term security, authenticity, and confidentiality of data through onchain storage. This technology is used by over 170 institutions globally. Its key features include:

Maximum data security

BCdiploma ensures the highest level of security and permanence by encrypting data directly on the blockchain. It’s impossible to alter or falsify data that has been written onchain. This feature is unique in the credential solution ecosystem and superior to the widely used “fingerprint” or “hash” approach, which requires additional centralized data storage.

Dataprivacy by design & compliance

BCdiploma was designed to adhere to strict privacy standards. Its encryption algorithms have been legally vetted by Lexing Bensoussan, an international law firm specializing in personal data law. Blockchain Certified Data has comprehensive documentation for data confidentiality and complies with the strictest regulations on Personal Data Privacy Protection, notably GDPR and FERPA. Each credential can be accessed via a unique, unforgeable link.

Transparency

Each issuing institution on BCdiploma has a secure blockchain identity, equipped with an “Enterprise Wallet” for safe and straightforward blockchain interactions. This feature enables instant and easy verification of the issuer’s identity. BCdiploma credentials include native authenticity proofs, instantly and automatically verifiable.

Interoperability

BCdiploma is aligned with Digital Credentials market standards, including Open Badges, VC (Verifiable Credentials), DiD, and ERC721. It’s a cross-chain solution compatible with all EVM (Ethereum Virtual Machine) blockchains, such as Ethereum, Avalanche, Polygon, and Layer 2 solutions like Arbitrum, Optimism.

Integrability

BCdiploma’s technology can be integrated into various third-party systems via APIs. Its functionalities, especially credential issuance and verification, are fully automatable.

Reliable, scalable, and secure

BCdiploma has been in production since 2019, offering continuous service with a 99.98% availability. The solution is audited by an ANSSI-certified third party.

Simplicity

BCdiploma masks the complexity of blockchain technology through user-friendly interfaces and software design. Its backoffice is easy to use and facilitates adoption by all stakeholders.

Maximum accessibility and multilingual support

BCdiploma offers highly accessible interfaces compliant with WCAG, AODA, and EN 301 549 standards, ensuring digital inclusion and broad adoption. It dynamically supports multiple languages, including Semitic languages like Arabic, crucial for international expansion of the credentialing projects.

Public Blockchain for Credential Data Storage

Public Blockchain for Credential Data Storage

This image was generated using AI to represent the following paragraph.

When a Digital Credential technology uses blockchain, in the broad sense… it is necessary to dig deeper: what type of blockchain? Why and according to what criteria of choice?

BCdiploma’s technology is compatible with any EVM (Ethereum Virtual Machine) compatible blockchain. To ensure maximum security and reliability, we recommend using a permissionless or “public” EVM-compatible blockchain, which offers several advantages:

Maximum Security

Public blockchains inherently provide the highest level of security due to their decentralized nature. This decentralization ensures strong resistance to governance attacks, unlike permissioned or private blockchains that are more centralized and thus more vulnerable.

Reliability, Integrity, and Permanence

Public blockchains have extremely high availability rates. The large number of participants and their decentralization minimize downtime, ensuring data integrity at all times.

Simplicity

Public blockchains are readily available and do not require any infrastructure deployment or management. Their maintenance is handled by network operators, who are incentivized by the protocol (e.g., Proof of Stake – PoS) to keep the network functioning efficiently. In contrast, the implementation of permissioned blockchains is complex and costly. They require a dedicated infrastructure that is difficult to deploy and maintain by expert personnel, which most institutions lack. Moreover, they necessitate establishing a governance model upfront, which can be complex to implement and maintain over time, making the management of consortium entries and exits challenging.

Interoperability

There are many EVM-compatible blockchains, such as Polygon, Ethereum, and Avalanche, which natively implement the Ethereum Virtual Machine for smart contract execution, making them highly interoperable. On the other hand, less common blockchains like Tezos use smart contract technologies specific to their ecosystems, resulting in lower interoperability, a smaller user and developer community, and less comprehensive tooling.

Cost-Efficiency and Energy Efficiency

Most public EVM-compatible blockchains have adopted a Proof of Stake (PoS) consensus mechanism, which is energy-efficient. Furthermore, Layer 2 EVM-compatible blockchains like Arbitrum or Optimism offer significantly lower operational costs and minimal energy consumption. In a global context sensitive to energy issues, an eco-friendly approach can be crucial for the adoption and image of a project, thereby contributing to its success.

Combining BCdiploma’s certification technology with the use of a public blockchain offers the best security, reliability, and cost-effectiveness in the market.

A Cloud Environment for Hosting Credential Applications and APIs

A Cloud Environment for Hosting Credential Applications and APIs

This image was generated using AI to represent the following paragraph.

The choice of a cloud partner for hosting services is far from trivial, especially for a globally used Digital Credentials platform. Let’s delve into this issue together.

As a long-time Microsoft partner, BCdiploma relies on Azure for its infrastructure, hosting applications, and APIs, as well as for securing cryptographic keys necessary for blockchain interactions. This partnership ensures scalability, reliability, and government-grade security. Here are the benefits:

Government Grade Security & Conformance

Azure datacenters provide some of the highest security guarantees worldwide. Specifically, the Azure Datacenters used by BCdiploma ensure the highest degree of sovereignty and compliance with many governmental requirements, notably thanks to their SOC 1-2 & ISO 27001-2 certifications.

High Scalability

Azure’s public data centers offer nearly infinite scalability, surpassing traditional data centers in terms of resource availability and service offerings. BCdiploma’s architecture already benefits from these resources, which will be used in all implementation projects.

Light Build Cost

The public cloud datacenters like Azure’s ones allow for on-demand resource availability, eliminating the need for initial investments in hardware or software to start a project. For example, Azure Keyvault provides HSM FIPS 140-2 level 3, essential for blockchain projects focused on security, for a few euros per month. In contrast, purchasing such hardware would cost thousands of euros, excluding installation and management. Therefore, a pay-as-you-go model is a significant advantage in building a project and controlling medium-term costs.

High Availability and Reliability

Considering the nature of the project involving sensitive and personal data, cybersecurity risks are paramount and cannot be overlooked, even in a POC/pilot project. Beyond the security of the data centers themselves, the provided infrastructure components are resilient to load spikes and Distributed Denial of Service (DDoS) attacks – challenges that BCdiploma has faced on numerous occasions.

Managed Services

Azure data centers offer managed services, including infrastructure management and IT services at a controlled cost. With automated updates for software and hardware, vulnerability monitoring and mitigation, and active patch management, Azure maintains maximum security for infrastructure, servers, and software over time, without requiring dedicated personnel within the institutions.

Tried and Tested

BCdiploma has been utilizing and benefiting from Azure data center capabilities for its credentialing solutions for years. Azure’s infrastructure is perfectly suited to BCdiploma’s solution architecture. We have expertise in deploying our solutions in these data centers and leveraging them to provide highly secure and scalable solutions. Our SaaS solution, BCdiploma, has been proven and is in production on this type of infrastructure worldwide. We have robust and reliable proofs from our clients and references in similar environments.

The Challenge of Integration

The Challenge of Integration

This image was generated using AI to represent the following paragraph.

Digital Credential services are intended to interface with Student Information Systems (SIS) and Learning Management Systems (LMS) to enable complete automation of academic processes. But how can one be sure of the level of integration and the quality of the APIs?

BCdiploma is designed for maximal integration into the information systems of its users and clients. It offers a default “staging” and production work environment to simplify the development and testing related to these integrations.

The integration is carried out at multiple levels:

  • Through API: All functionalities of the solution are accessible via RESTful APIs, with no usage limitations. Some methods of these APIs are public, while others require authentication.
  • White Label Credentials: Diploma attestations can be provided in a white-label format, fully branded in the name of the university. Thus, the attestations can be issued and consulted on a domain name of the universities, to increase trust through a documented reverse proxy system.

BCdiploma has already been integrated into numerous information systems, including Modern Campus, Destiny One, EDX, and Moodle. Therefore, it can be seamlessly integrated into any Student Information System (SiS). This flexibility in integration ensures that BCdiploma can adapt to various existing infrastructures and systems, making it a versatile solution for credential verification and management.

Examples of Credentialing Systems Deployments

Examples of Credentialing Systems Deployments

This image was generated using AI to represent the following paragraph.

In the U.S., BCdiploma won the 1EdTech Learning Impact Conference 2023 Gold Award “The Stanford Center for Professional Development (SCPD) and BCdiploma’ Partnership for Personalized and Verifiable Blockchain Credentials” (refer to the business case for more details).

In France, BCdiploma is a preferred choice for higher education institutions, equipping 30% of the ranked business schools, including notable ones like ESCP Business School and emlyon business school. It also serves the largest public university (Université de Lille with 80,000 students, as detailed in their white paper) and the largest public engineering school (Arts et Métiers Paris Tech).

BCdiploma’s clientele extends beyond educational institutions, encompassing:

  • NGOs, such as the WHO – World Health Organization, for training certifications.
  • Governmental services for administrative documents, like Career Management for Professional Mariners in French Polynesia (see the business case).
  • Certification bodies, including TOEIC for English language testing (refer to the business case).
  • Professional certifiers like AFNOR for ISO standards.
  • Intellectual property lawyers, such as Cabinet Touroude – Yes My Patent.
[title[Digital Credentials: Technical Challenges in Security]] [description[Explore vital factors for choosing digital credentials tech: security, verification ease, and industry standards. Make informed choices in the digital era.]]