Verification

Verification is a critical aspect of WalliD CertiShop, ensuring that issued certificates are authentic, tamper-proof, and verifiable in both online and offline scenarios. The system leverages the cryptographic foundations of VC protocols to validate the integrity and authenticity of credentials.

Cryptography Behind Verification

At the core of verification lies the cryptographic process enabled by VC protocols. When a certificate is issued:

1. The Certificate Authority's (CA) wallet digitally signs the certificate using a private key, creating a cryptographic proof linked to the issuer's identity.

2. The cryptographic signature ensures that any tampering with the certificate invalidates the proof, guaranteeing its integrity.

3. This signed certificate becomes part of the trust chain, linking the issuer, the credential, and the protocol used for validation.

How CertiShop Enables Verification

CertiShop ensures seamless verification through three distinct mechanisms:

1. Unique Verification URL

   • For every issued certificate, a unique URL is generated.

   • The URL is connected to the source of truth, either the client’s database or the VC protocol used during issuance.

   • When accessed, the system retrieves the original certificate data, verifies its cryptographic proof, and checks its current status (e.g., valid, revoked, or expired).

   • This URL is sent to the certificate recipient via email.

2. QR Code Integration

   • A QR code linking to the unique verification URL is generated.

   • The QR code is embedded into the PDF certificate, allowing easy access to the verification process with a simple scan.

   • This ensures that the verification process is intuitive and user-friendly.

3. PDF with Embedded Cryptographic Proof

   • Certificates are issued as visually appealing PDFs containing an electronic signature with the cryptographic proof of authenticity.

   • The electronic signature ensures that the document can be verified offline. Any alteration to the PDF would invalidate the signature, making tampering easily detectable.

   • This mechanism provides an additional layer of trust for scenarios where online verification is not possible.

Real-Time and Offline Verification

1. Online Verification

   • Real-time verification occurs when the recipient or verifier uses the URL or QR code.

   • The system queries either the client’s database or the VC protocol backend to validate the certificate and return its status.

   • This method ensures up-to-date and accurate results.

2. Offline Verification

   • The embedded cryptographic signature in the PDF ensures that the document can be verified even without internet access.

   • Verification tools or software can validate the integrity of the signature, confirming the document’s authenticity.

Diagrams

1. Verification Flow

   • Show the process of scanning the QR code or accessing the URL → Querying the database or protocol → Returning verification results.

2. Offline Verification Mechanism

   • Illustrate how the embedded cryptographic signature is checked against the document for tampering.