The Question of Credential Custody & Portability

July 29, 2022

The Question of Credential Custody & Portability

Can blockchain change how credentials are issued and tracked by Associations and other certifying organizations?

For decades, Associations and related credentialing organizations have built successful business models on the premise that achieving and maintaining a certification and its associated credential has value. In its most general form, this relies on a single organization creating the certification, administering maintenance of the certification, and maintaining the certification history of those that are credentialled. Further, it places the organization as the single validating entity when the credential must be proven to be valid.

For individuals, the credential is often a gateway to practice their profession, achieve higher levels of compensation, or as a differentiator from others in the same field. An important point to highlight is that none of these factors matter if the provenance of the credential can’t be traced. Tied to the provenance is the brand of the issuing entity. And that brand is what imparts market value to the credential itself. 

For example, a credential from Microsoft potentially carries much more market value than one issued by “Dizzy’s House of IT Credentials.” Poor Dizzy!

Why Try Something New? 

A natural first stop on considering blockchain for credential management is to review how mature technology is being used today. Each credentialing organization typically will utilize a relational database to hold customer information and any associated data used to track the assignment of credentials to those customers. In most cases these databases might be encrypted, frequently backed up, and may even be clustered to achieve redundancy. No doubt relational database technology is extremely mature at this stage. From the business perspective, there may be no evident need to change technologies.

But what if we look at the ancillary technologies required to make the certification and credentialing programs really work? If we open that viewport a bit, we see a collection of data exchange technologies in use such as APIs, FTPs, and others. These technologies are required so that all the partners involved in the credentialing ecosystem can deliver value to the credential holders. Further, in many cases data is being replicated across various systems. And each replication introduces a potential risk of data error, data corruption, or outright data manipulation.

Finally, from the credential holder’s perspective, there can be significant manual work to keep up with reporting continuing education credits, and presenting proof of certification to schools, employers, and others. Now we see that the consideration of looking for better solutions is far beyond just database technology.

In this article, it is impossible to cover every potential application and benefit of blockchain in credentialing. However, an exploration of a few use-case examples along with an open-eyed look at issues that are likely to arise during a blockchain implementation should give us a footing for considering next steps. 

What Does Blockchain Solve?

Let’s address this common question that is often posed when any current blockchain conversation begins. It’s a valid question to ask and it deserves some inspection because as technology leaders, part of our role is to consider emerging technologies with a bit of hope and a bit of skepticism. From a practical perspective, I think there may be a few dimensions to consider. 

From the customer’s perspective, we can imagine how a credential issued as an NFT via a smart contract owned by the issuing organization might make it easier for the holder to prove their credential. Using technology already available today such as the Metamask browser extension, a person might visit a site that polls the linked wallet and recognizes the wallet holds the NFT credential. This might reduce the friction involved with a variety of transactions that might require presenting the credential as a requirement of the transaction. In today’s approach, this might require the issuing party to be involved, likely introducing complexity and delay in the validation process. 

Extending the example, imagine the site offers continuing education credits for watching a video, reading some content and maybe passing a short quiz. If passing the quiz could trigger an event on a smart contract, the person’s wallet might be issued another NFT representing earned credits. 

Taken as an aggregate, we have empowered the customer to hold custody of the NFT representation of the credential, prove its provenance and validity, and further use that identity to automatically receive awarded NFTs representing continuing education credits the customer might need to maintain their credential. This is all executed on-chain using already existing programmatic structures instead of custom APIs as might be done today.

Related: Web3 Terms Every Association Professional Should Know
Learn More >

What Are We Not Solving?

Blockchain as a technology has often been touted as more secure than alternative technologies such as centralized databases. As usual, the details matter in understanding how blockchain might be more secure. Because the technology relies on cryptography to process transactions, because of its potential to use a decentralized architecture, and because of its consensus mechanisms the transactions recorded on the chain are arguable more secure and certainly harder to modify or counterfeit.

What is often left out of that picture is that for blockchains to do interesting things, it takes networks and code. That’s the implementation layer. We still need programmers to create smart contracts, browser extensions, apps, and websites. And we still need networks and computing power to run all that code. And from this perspective, code and networks are still as vulnerable as ever. 

In fact, new types of attacks have emerged. But let’s also be realistic, if zero risk was our goal, we’d unplug every computer tomorrow. The calculation must be balanced between what is gained and lost in every new technology implementation. And with time, these networks and code will also become more secure.

Does Blockchain Introduce Issues?

In these early days, significant technical issues remain to be solved. For example, over the last few years, many blockchain projects have launched aimed at creating more scalable blockchain solutions. In technical terms, these projects fall into two categories – layer one and layer two solutions. A deep dive into each of these is beyond the scope here, but the point is that we still face performance and scaling barriers. In most cases, the volume of transactions a credentialing organization is likely to generate is well within the capacity of solutions today. But this is a technical area that more mature technologies have already solved.

We are also introducing new technology structures that are foreign to most organizations and may require new skills and maybe even new business agreements. For example, should a blockchain used to track credentials be private or should it be a public one? Should the blockchain selected use proof-of-work, proof-of-stake, or proof-of-authority consensus mechanisms?

Related: How to Talk to Your Members About Blockchain
Learn More >

Should the organization issue token types beyond the credential NFTs? For example, would governance tokens be awarded to those that hold credentials so that those governance tokens could be used to steer decision-making at the organization? How might gas/purchase tokens be issued and used to pay for on-chain transaction fees?

While this might all seem complex, what I think it reveals is that there is an entirely new world of possibilities that this technology may unleash.

What Stays the Same?

Every technology ever introduced into a process or organization has brought opportunity, risk, and a requirement of governance. These three themes don’t change with blockchain. Organizations will need technical partners to help prove, pilot, and implement the technology. Customers will also need tools to make the on and off ramps to use the technology easier. This is an area of significant focus currently. Customers must also see value in the technology. It is important to keep that front of mind. If the organization isn’t delivering some new value to the customer such as faster or lower friction transactions to gain, maintain, and renew their credentials then blockchain has no place in the conversation - yet. But this is the same consideration that should be given to any technology implementation.

Closing Thoughts

We are entering a new era of computing. As a foundational technology, blockchain is just one part of a collection of additional technologies, unique implementations, and eventually entirely new business models that are likely to evolve. It is even quite possible that today’s blockchain will just be a footnote on the way to something else. Much as America Online might be seen as a stop along our way to today’s internet. The difficulties presented by the technology are likewise not new. Anyone that tried to get “on the internet” in 1995 might remember the on-ramp wasn’t exactly as easy as tapping on your browser app. But these hurdles were overcome even as new ones emerged. 

From this perspective, blockchain must be given a serious look for any organization that aims at issuing credentials, for organizations and individuals that need to validate credentials, and for professionals that wish to differentiate themselves with those credentials. Rest assured there are already several projects in the credentialing space underway. In 2020, the country of Georgia launched a program to verify education on-chain, MIT has been using blockchain to log certificates since 2015, Brazil is exploring similar approaches, and there are other examples in South Korea and Colombia to name a few. 

This technology is here, and it deserves a look as part of your overall technology strategy.

Juan has spent over 20 years working in the technology space having held hands-on roles focused on web design, web development, data architecture, and technology management. As the CIO at Inteleos, he works with teams across the organization to help craft and execute a technology strategy that focuses on outcomes over outputs using the OKR methodology. Juan has presented at several industry conferences, publish several articles in industry publications including CIO Magazine, Nonprofit Pro, and Associations Now. Additionally, he has been a guest on Delcor’s RebootIT podcast in a two- episode series focused specifically on OKRs. Most recently, Juan was part of Wharton’s first cohort to complete the Economic of Blockchain and Digital Assets course. Juan also enjoys writing about assorted topics on his Substack site Sophosapientrically Speaking.

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram