Key points
- W3C standard (VC Data Model 2.0)
- Cryptographically signed by an issuer, held by a subject, presented to a verifier
- Supports selective disclosure (share only the needed claims)
- Pairs with Decentralized Identifiers (DIDs)
- Adopted by EU Digital Identity Wallet, US mDL programs, and pilot enterprise reusable-identity stacks
What it is
Verifiable credentials (VCs) are the digital equivalent of a passport, driver's license, or diploma — but cryptographically signed by the issuer, held in the user's wallet, and verifiable offline.
The three roles:
- Issuer signs a claim about a subject
- Holder (the subject) keeps the credential in a wallet
- Verifier checks the issuer's signature against a known public key (often via a DID document or registry)
How it works
Issuer signs { subject: did:example:abc, claim: 'over18', issuedAt: ... } with their private key. The holder stores it. A verifier accepting age proof checks the signature and the issuer's trust status — no callback to the issuer needed, preserving privacy.
With selective disclosure (SD-JWT, BBS+ signatures), the holder can prove a claim without revealing the full credential.
When buyers care
- EU Digital Identity Wallet (EUDI) and eIDAS 2.0 deadlines
- Mobile Driver's Licenses (mDL, ISO 18013-5) rollouts in US states
- Workforce 'reusable identity' (verified hire / verified contractor)
- KYC and education credential reuse
Common misconceptions
- VCs don't require blockchain. DIDs can live on a chain, but VCs themselves are just signed JSON / JWT.
- VCs don't replace IdPs. They complement them as a portable proof layer.
FAQ
How do VCs relate to DIDs?
DIDs identify the parties (issuer, holder). VCs carry the signed claims about them.
Are VCs production-ready?
Yes for regulated rollouts (mDL, EUDI). Enterprise workforce adoption is still early in 2026.