Slack

Example 1: Registration - offline authentication, identification

This process allows beneficiaries to present verifiable credentials issued by trusted authorities (e.g., identification system, civil registry, social registry, or health authority) to enroll in a social protection system (SP-System).

Process Flow

This process allows beneficiaries to use Verifiable Credentials (VCs) to enroll in a social protection system.

Process Flow: Registration to SP-system

Section
Description

Actors and Entities

SP system, beneficiary, digital wallet/digitally signed QR code

Assumptions

  • Issuers are onboarded and authorized to issue cryptographically signed verifiable credentials.

  • Beneficiaries have access to a digital device (e.g., smartphone) or printed secure QR code on paper/card.

  • The SP-System supports verification of VCs.

Prerequisites

  • Issuing authorities have issued verifiable credentials to eligible individuals.

  • Beneficiary has installed and activated a digital wallet or have stored the required VCs on digital device or has them in some paper/card.

  • The SP-System is integrated with the trust framework and verification infrastructure (e.g., DID resolver, revocation registry).

  • Consent and data-sharing policies are in place, aligned with data protection laws.

Process Inputs

SP system collects verifiable credentials presented by the beneficiary

Process Flow Steps

Step 1: The beneficiary opts to register in the SP-System using verifiable credentials.

Step 2: The beneficiary presents the VC to the service provider. if wallet is used, the wallet presents selected VCs data attributes consented to by the beneficiary to the SP-System via secure protocols.

Step 3: SP-System displays what data is being used and collects explicit beneficiary consent.

Step 4: The SP-System validates the digital signature, confirms issuer trust status and the provider does manual/digital verification of beneficiary face with that presented on VC.

Step 5: SP-System processes the verified identity claims to determine program eligibility and benefit type.

Step 7: SP-System confirms enrollment and optionally issues a enrollment verifiable credential to the beneficiary.

Outputs

Register beneficiary in the SP-System. Optionally: Issuance of a Social Protection Credential

Control Points

  • Credential Validation: Ensure credentials are from trusted issuers and not revoked.

  • Data Privacy & Consent: Beneficiary consent must be logged and linked to specific data use.

  • Issuer Trust Registry: The system must reference an up-to-date list of authorized issuers.

  • Revocation Check: Real-time revocation status must be confirmed at the point of verification.

Exception Handling

Refer to Exception Handling for alternate flows.

Diagram 1 - Enrollment in SP-System program

Last updated

Was this helpful?