Education providers should look to provide Verifiable Credentials for their students, now

It's been over five years since I and my good friend Andrew Tobin took the idea of "verifiable credentials" to the Australian Higher education market (and a number of banks and telcos too...)

Much has happened since then. Much has changed since then.

One thing is true though, Verifiable Credentials have come of age and now is the time to start using them in education.

TLDR

Education providers can improve their engagement with their students, increase the value of their educational products to their students, secure their infrastructure, and protect their brand, by using digital wallet and verifiable credential technologies.

The technology for issuing, holding and verifying digital verifiable credentials is based on open-source and open-standards based technology and has been rapidly maturing over the last few years, and is available and operationally ready now.

A range of solution approaches exists, from additions to existing enterprise software environments (such as Entra from Microsoft), to dedicated platform developments by specialist companies (such as MATTR, Trinsic, IdRamp, RANDA Solutions, Gen™, esatus AG and others), to build your own options using open-source libraries. Blockchain or not (you choose), a choice of vendors and common standards mean that education providers can minimise the risk of vendor lock-in for themselves and their students.

This is a "now" opportunity for all providers and the first movers have already moved.

Background

Back in 2017, I took my new-found (and then exceedingly rare) enthusiasm for Verifiable Credentials (VCs), by which I mean credential data structures that conform to the World Wide Web's Verifiable Credential Data Model, on the road in Australia and spoke with people from 8 Universities. The Universities were: Deakin, Macquarie, Melbourne, Monash, RMIT, Western Sydney, and UTS, all seen in one week. The meetings were a mixture of one-on-ones and group workshops, the reactions were universal interest, but there was no immediate take-up. Not surprising really, in 2017 the standard itself was only a public draft, it wouldn't reach full recommendation status until two years later, and at the time the open-source software solutions were limited to specific instances developed under the Linux Hyperledger Foundation. In addition, everyone was fascinated with blockchain technology solutions and initial token offerings and to some extent the discussions about the two technologies got tangled up (and still are sometimes).

This article tracks what's happened since then, and provides an argument as to why I think all education providers, and particularly those providing adult education, should look to verifiable digital credentials, digital wallets, and secure, private communication with their students and alumni as a critical element of their future strategy.

[My focus on education education is not to say that K-12 educators can't also use this approach, they very much can and to great positive effect (student passport anyone?), but this age group also requires consideration of parent/guardian relationships and other factors. You can read about how I think this can work here.]

Complimentary Developments in Education and Technology

Education

For a number of reasons, not least a response to a market need for flexibility and choice, the delivered unit of student education has been getting smaller. While major and minor subjects have long been part of the academic progress record for a student, now these courses may be delivered in even smaller incremental units - providing "micro-credentials" that enable "snacking" from the providers menu, and "stacking" to create educational programs of the students preference.

I first wrote about this phenomena some 5 years ago, my particular concern then was the challenge that ever smaller credentials in every larger numbers presented in terms of assessing an application student's "Credit for Prior Learning", whether a collection of credentials adds up to a major credential, and whether or not an employer can find what they need amongst the candidates credential collection. More recently I've been looking at how we might use advances in Verifiable Credentials and Trust Ecosystems to make possible "Verifiable Mutual Recognition" - something that can automate recognition of prior learning and recognised professional accreditation as far as that is possible.

Facing many different credentials from many different sources as part of an assessment of prior learning or candidate employee suitability is an increasing challenge. As a starting point, we need a way of verifying the candidate's claims, we need a way of proving that the candidate was issued specific credential(s) by specific institution(s) with specific results, and that they haven't modified any of these credentials.

Whilst badge systems and platforms have existed for some time, these don't solve the interoperability problem, in fact it could be argued that their siloed architectures make things worse, tying institutions and their alumni to proprietary stacks and insisting that every transaction traverses their platform.

Here we have help from emerging technology developments, particularly in the areas of verifiable credentials, wallets, trust registries and governance frameworks.

Technology

Since my first enthusiastic encounter with the world of verifiable credentials and decentralised identifiers, drafts have become standards and pilot implementations have become operational systems.

As an example, this year (2023) the New South Wales State Government will release a number of Verifiable Credentials through its DIVC program. Accessible to all holders of the Service NSW App, the plan is to release all government issued credentials as verifiable credentials as government agencies are enabled. When I last heard, there were some 60 credential types in the pipeline.

To make this sort of system work at scale (NSW has a population of some 8 million people) requires a number of elements including:

• Credential management (issuing, updating, verifying, revoking etc.)
• Wallets (for receiving and holding credentials, and presenting verifiable proofs of combined credentials, elements of credentials or just zero knowledge proofs that you have a credential)
• Verifying Technology/Apps (to enable organisations and people to verify the credentials of others)
• Governance Frameworks (describing how the operating elements are governed and hence providing confidence that they can be trusted)
• Publicly accessible registries of trusted information (such as names of issuing organisations and the credentials they issue, names of verifying organisations and the credentials they need, a list of all the credentials recognised within the governance framework, other trusted governance frameworks etc.)

The technologies and approach to make this possible have become practical over the last two or three years.

So how might this work for Education Providers?

The combination of these two trends, of the changing demands of education and the emerging technologies of verifiable credentials, creates a powerful opportunity for education providers.

The sake of brevity, I'll simplify the student lifecycle down to three phases:

1. onboarding - when the candidate student applies to enrol and needs to provide proof(s) of any pre-requisite academic achievement;
2. learning - when the student is taking educational programs and adding to their academic achievements;
3. applying - when the student is using their academic achievements to apply for jobs or to apply for new academic placements.

Let's look at each in turn.

Onboarding

Here we appear to run into a bit of a "network" problem, or perhaps a chicken and egg problem. When know that when everyone is using verifiable credentials for everything, we will get a network effect. But what happens when we only have few institutions? What happens when we only have one, the first mover? Well, since we can't rely on everyone having verifiable credentials, we have to maintain our existing enrolment service/interface, and in fact we have to maintain this for some time (since we need to allow for non-digital proofs for some time to come). If and when applicants do have verifiable credentials to offer, then great, we can and will make good use of them.

The observation to make here is that step 1 will get better over time, and there are benefits to be realised now even for a single institution issuing and consuming its own credentials. We'll look at those in the next two steps.

Learning

Once they have enrolled, students can use the wallet/app provided by the institution (or perhaps one of their own), and we can issue them with verifiable credentials, such as proof of their student status (and any special privileges or constraints associated with it) and their academic progress achievements. They can use their digital wallet to present verifiable proof(s) of their status and achievements at any time, to any person or organisation without the education provider having to "authenticate" their credentials.

Depending on wallet capabilities, the institution can also established a secure (as in uniquely encrypted and signed) message channel with the student through the wallet. Questions, responses and commitments can be exchanged privately and in a manner that allows non-repudiation by either party if required.

We can use their credentials to provide "password less" access to systems , buildings and resources. We can base access rights on proof of rights and capabilities rather than identification (see here for an argument as to why this is a more secure approach).

As they continue to participate in the educational program, we can use their proof(s) of prior achievement to ensure that they have the right credentials to take each subsequent course. We can now get an "onboarding" benefit for continuing or returning students.

Applying

Here the student makes use of the credential(s) they have been awarded by the institution to apply for jobs, enrol for further studies, or even prove their student status (for tax, travel, or other contexts where student status matters).

This is where lifelong benefits can be realised. The student can prove things about their education that matter to others and that determine their career path. Prospective employees can verify the CV of the student based on the credential(s) issued by their institution(s), the risk of fake credentials and false claims is reduced. The institutions can trust that their credentials cannot be faked or misrepresented, protecting their brand from damage.

The use of verifiable credentials demands that other organisations can verify digital credentials. Issuing organisations like the NSW Government are looking at providing simple tools to empower organisations and people to do their own verification. The economic arguments of efficiency and risk reduction are strong motivators for organisations to use secure digital verification techniques. While we have something of a network effect here again, we are at least starting with a few good eggs.

You say "how might it work", does it?

Yes, it works.

While Sezoo is not a software development company, we feel we should know how technology works if we're to provide advisory and consulting services in it. We've built a number of demonstrators and proofs of how this can, and does, work using a number of technology stacks.

Our most recent proof of concept was with the University of Canterbury (UC) where we developed a solution using Microsoft's #Entra product that explored UCs Lifelong Personal Learner Profile (LP2) concept. The proof of concept showed how someone might get a verifiable credential from a (future) NZ #RealMe government identity provider, use this to enrol at UC, take and pass several courses, and then apply for a job and selectively prove their academic achievement.

We know it works, and have built prototypes and PoCs. Our general advice is that customers should now look to take advantage of the significant investment(s) already made by companies who have already built working scalable infrastructure in VCs.

What next?

I've argued that all educational providers should be thinking about and/or doing something with verifiable credentials, now. What you do next is, of course, your decision and depends on how mature your strategy and execution are in this space. This is a multifaceted space: educational, technology, economic and human opportunities, impacts and challenges need to be considered.

We typically use a design thinking lifecycle to consider the various stages from understanding the problem/opportunity, through ideating solutions, prototyping, and building and running operational solutions. Let's simplify this into three phases:

1. Awareness. If you are deciding whether this is important for your institution, we can help you explore through awareness and ideation sessions and example business case modelling.
2. Exploration. If you have decided that you need to do this, and are working out how, we can work with you to identify the best technology path for you, to test/prove your thinking (and business case), and to select the product(s) and delivery teams that best fit your vision.
3. Execution. If you have a working verifiable credential system and want to work out how best to realise and further extend the benefits, then we can help you explore how this might be achieved.

And if you do have a working verifiable credentials system, then we'd be delighted to learn about how you've approached the problems and opportunities - we're always keen to learn and share experiences.