Figure 12: Roles and Relationships of Verifiable Credentials




























            Issuer                                             Verifiable data registry
            A role an entity might perform by asserting claims   A  role  a system  might  perform  by  mediating  the
            about one or more subjects, creating a verifiable   creation and verification of identifiers, keys, and
            credential from these claims, and transmitting the   other relevant data, such as verifiable credential
            verifiable credential to a holder. In the context of   schemas and revocation registries, which might be
            digital finance, this would be a government entity   required to use verifiable credentials. In the context
            or any such entity having this mandate, in terms of   of e-KYC for digital financial services, this would be
            issuing an identity credential based on the national   a network of nodes supporting a public decentral-
            identity of the holder. These verifiable credentials are   ized identity (DID) registry. This registry provides the
            held by citizen-controlled and -permissioned digital   foundation of trust in the digital credentials used to
            wallets.                                           verify identity.

            Verifier                                           Verifiable Credentials
            A role an entity might perform by receiving one or   From the W3C Verifiable Credentials Data Model
            more verifiable presentations for processing. Other   specification:
            specifications might refer to this concept as a relying   A verifiable credential can represent all the same
            party. In digital finance, the Verifier will be the party   information that a physical credential represents. The
            who will perform the e-KYC verification (e.g., the DFS   addition of technologies such as digital signatures
            provider).                                         makes verifiable credentials more tamper-evident
                                                               and therefore more trustworthy than their physical
            Holder                                             counterparts.
            A role an entity can perform by possessing one or    A Verifiable Credential request can be made by
            more verifiable credentials. A holder is usually, but   sending a specific message from the Holder to the
            not always, the subject of the verifiable credentials   Issuer (using off-chain communication mechanism).
            they are holding. Holders store their credentials in   The identity information is embedded in the verifi-
            credential repositories. Any Holder with an identity   able credential delivered through a secure off-chain
            credential issued by the government will be able to   channel by the Issuer to the Holder. This information
            securely authenticate their official identity with digi-  is never sent through, nor stored on the distributed
            tal financial services providers to support e-KYC for   ledger. There is a proofing mechanism (e.g., a signa-
            new account opening and ongoing customer due       ture) embedded within the verifiable credential.
            diligence (CDD).






                                                                          e-KYC use cases in digital financial services  29