Digital identity systems are complex. Organizations need to accommodate diverse requirements for credential verification and validation. Through our experience working with these systems, making it easy for organizations to integrate digital IDs into their business, we understood a more granular approach was needed to meet these challenges. The Vidos platform separates these two critical functions out into the Verifier and the Validator. This approach gives users a great deal of control and flexibility.
This article explains the distinct roles of the Vidos Verifier and Validator, their benefits, and why separating these tools is the right choice for precision and scalability.
Verification and validation are often conflated in discussions about digital credentials, but they serve different purposes.
Verification is a technical process. It assesses whether a credential is authentic, intact, and meets the defined standards of its issuer. This step involves cryptographic checks to confirm the credential’s integrity and validity without taking into account its attributes.
Validation evaluates a credential’s content in line with specific policies or requirements of the accepting party. It determines if a credential fulfils organizational or regulatory standards for a particular use case. This step involves context-specific checks, such as confirming the status of a qualification, a person’s age, or geographic restrictions of a license.
Separating the verifier and validator functions reduces complexity and allows for more granular management. This ensures that verification processes aligns with standards while validation policies remain adaptable to local or business-specific needs.
The Vidos Verifier focuses on cryptographically verifying the authenticity and integrity of digital credentials. It ensures that credentials comply with issuer-defined standards and meet technical requirements. Supported credential types include W3C Verifiable Credentials, OpenID, and Microsoft Entra Verified IDs.
It supports various credential formats, including JWT, JSON-LD and mDoc credentials. By accommodating multiple cryptographic suites and algorithms, the Verifier simplifies the handling of diverse credential types while maintaining compliance with technical standards.
The Verifier also includes advanced revocation checking capabilities. It supports mechanisms like Status List 2021, ensuring that users always work with current and valid credentials. This proactive support for emerging revocation standards reflects the Verifier’s forward thinking design.
The Vidos Validator processes verified credentials and evaluates the attributes according to application-specific rules and requirements. It determines if credential or its attributes meet the needs of the organization or its stakeholders, going beyond the technical checks of the Verifier.
The Validator’s flexible policy based configuration allows organizations to define criteria tailored to their industry, region, or specific use cases and business processes. These rules can include checking license statuses, geographic constraints, or other business requirements.
The Validator’s modular design allows organizations to apply distinct validation rules to verified credentials. It can handle credentials from multiple sources, applying business specific checks without duplicating verification efforts.
Separating these services creates clear distinctions between the policies governing technical verification and those governing organizational validation. This distinction minimizes errors and ensures compliance with international and regulatory standards.
Organizations benefit from having stable verification processes that adhere to defined specifications while maintaining flexibility in their validation policies. For example, a multinational company could deploy a single Verifier instance while using multiple Validator instances to manage region-specific policies. This setup reduces duplication and improves operational efficiency.
Separating these tools also aligns with the distinct priorities of different stakeholders. Verification is primarily concerned with adhering to technical standards and cryptographic integrity. While validation is driven by the specific needs of businesses, risk management teams, and compliance officers. These stakeholders require flexibility to adapt validation criteria to industry-specific policies and operational requirements. By keeping verification and validation separate, organizations can maintain technical consistency while allowing for customization where it matters most.
Consider a government-issued digital identity used for accessing various government services. The Verifier confirms the authenticity of the credential using cryptographic checks, ensuring it has not been altered and is issued by a trusted authority. Meanwhile, the Validator applies service-specific rules to determine if the credential holder meets the requirements for accessing a particular service like tax filings or opening a bank account. If requirements change, the Validator’s rules can be updated without affecting the underlying verification process.
Similarly, a financial institution could use the Verifier to authenticate customer credentials and the Validator to apply internal compliance checks. By separating these functions, the institution can maintain robust verification processes while tailoring validation policies to meet evolving regulatory demands.
The Vidos Verifier and Validator provide organizations with a powerful combination of precision and flexibility. Vidos reduces complexity, enhances adaptability, and ensures compliance with both technical standards and business requirements.
This approach empowers organizations to manage digital credentials effectively, no matter how complex their needs. If you’re ready to optimize your digital identity workflows, explore how the Vidos Verifier and Validator can help.