EduVault is a secure and centralized repository for storing and managing education credentials. The platform employs Microsoft Entra Verified ID as its login and certificate generation solution, utilizing a standards-based Decentralized Identity approach to enhance user, app, device, and service provider trust and security.
At the core of the Microsoft Entra Verified ID system are Decentralized Identifiers (DIDs) and Verifiable Credentials. DIDs are unique identifiers and data objects that contain claims made by the issuer attesting to information about a subject.
Through DIDs, users cryptographically sign their data as proof of ownership, ensuring their data and privacy are secure. The Microsoft Entra Verified ID system integrates several technologies and standards to deliver essential identity attributes like self-ownership and censorship resistance. The system employs blockchain technology to ensure safety in EduVault, with credentials generated by the service stored in the secure Microsoft Authenticator app.
The Microsoft Authenticator app serves as a DID user agent/wallet, enabling users to create and control DIDs independently of any organization or government. These DIDs are globally unique identifiers linked to Decentralized Public Key Infrastructure (DPKI) metadata, which includes public key material, authentication descriptors, and service endpoints.
The trust system used for resolving DID documents is the ION (Identity Overlay Network), a Layer 2 open, permissionless network based on the Sidetree protocol and the linear progression of Bitcoin’s time chain. The Microsoft Authenticator app creates DIDs, facilitates issuance and presentation requests for verifiable credentials, and manages the backup of the DID’s seed through an encrypted wallet file.
The Microsoft Resolver API looks up and resolves DIDs using the ION method and returns the DID Document Object (DDO), which includes the associated DPKI metadata. The Entra Verified ID Service is an issuance and verification service in Azure that provides a REST API for W3C Verifiable Credentials signed with the ION method, enabling identity owners to generate, present, and verify claims, forming the basis of trust between users of the system.
This diagram illustrates the participation of three parties in a verifiable credentials interaction. This solution automates verification of identity credentials and claims.
The issuer is an organization that attests to claims and grants digitally signed credentials to the user. E.g. Educational Institutions
The user is the individual or student who receives and approves the request for credentials obtained from the issuer and presents it to the verifier. The credential claims are cryptographically signed with the user’s private key.
The verifier is an organization or employer that requests proof and, upon receipt, verifies that the claims in the credentials satisfy requirements.
EduVault is the ultimate solution for Education Credential Verification. Our platform offers a secure and efficient way to issue, store, and verify education credentials and certifications, providing numerous benefits to all our target audiences.