W3CThe Verifiable Credentials Data Model is a W3C Recommendation that provides a standard way to express credentials on the Web so that they are cryptographically secure, privacy-respecting, and machine-verifiable. It enables digital equivalents of physical credentials like passports, licenses, and diplomas, while also supporting entirely new credential types that have no physical counterpart.
Background
The need for a standardized digital credential format grew alongside the expansion of online identity verification and the limitations of existing federated identity models. Traditional federated systems like SAML and OpenID Connect place the identity provider at the center, creating privacy concerns because the provider knows which services a user accesses. The W3C Verifiable Credentials Working Group developed a decentralized alternative where credential holders maintain control. Version 1.0 became a W3C Recommendation on 19 November 2019, and Version 2.0 was published as a W3C Recommendation in 2025, reflecting significant community feedback and implementation experience.
Purpose & Scope
The data model defines three core roles in a "triangle of trust": the Issuer (who creates and signs a credential), the Holder (who stores it), and the Verifier (who checks it). Any role can be played by a person, an institution, or a machine. The model places the holder at the center, granting individuals control of their identity attributes — paralleling how physical cards can be presented to anyone without requiring permission from the card issuer.
Key Elements
| Component | Description | Required |
|---|---|---|
| @context | JSON-LD context for term definitions | yes |
| type | Credential type(s) including "VerifiableCredential" | yes |
| issuer | Entity that issued the credential | yes |
| issuanceDate | Timestamp of issuance | yes |
| credentialSubject | Claims about the credential subject | yes |
| proof | Cryptographic proof of authenticity | yes |
| expirationDate | When the credential expires | no |
| evidence | Information collected before issuance | no |
| termsOfUse | Restrictions on credential use | no |
| credentialStatus | Pointer for revocation checking | no |
Serializations & Technical Formats
Verifiable Credentials are primarily expressed using JSON-LD, leveraging the @context mechanism for globally unambiguous property definitions with user-friendly aliases. The data model supports multiple proof mechanisms including JSON Web Tokens with JSON Web Signatures, JSON-LD Proofs, and zero-knowledge proofs. Transport protocols include HTTPS and various emerging standards from the Hyperledger Aries project.
Governance & Maintenance
The specification is maintained by the W3C Verifiable Credentials Working Group. Development follows the W3C process, with public working drafts, candidate recommendations, and formal recommendation stages. All specification work is conducted in public on GitHub, with issue tracking and pull requests open to community participation.
Notable Implementations
Verifiable Credentials are being adopted across multiple sectors including education (digital diplomas and transcripts), government (digital identity cards), healthcare (vaccination certificates), and financial services (KYC credentials). The model underpins the emerging Self-Sovereign Identity (SSI) movement and is closely related to the W3C Decentralized Identifiers (DIDs) specification.
Related Standards
- JSON-LD — The serialization format used for expressing Verifiable Credentials
- OWL — Web Ontology Language, the formal knowledge representation framework underlying the semantic web stack