Educational Certificates That Prove Themselves
A verifiable-credentials platform that replaces forgeable PDF certificates with tamper-proof, ledger-anchored digital credentials. Built for ministries, universities and awarding bodies where a certificate isn't just a document — it's a lifelong claim that must stay provable, everywhere.
A complete national credentialing operation — issuing registry, public verifier and holder portal — shown here running on demo data for an education deployment.
Anyone can verify a certificate in seconds — scan the QR code or enter the verification code. The portal checks the cryptographic signature, integrity hash and live status, and shows exactly what was attested, by whom, and when.
Issuance volumes, verification activity and SLA usage at a glance — with a live registry-integrity check proving the entire trust chain is intact, every time you look at it.
Every credential carries its full trust-registry history, printable QR verification, and one-click lifecycle actions — suspend, revoke or reissue with mandatory audited reasons.
Transparent SLA usage against the annual allowance, issuance trends by month, per-institution and per-template breakdowns — exportable as CSV or JSON and reconciled against the ledger.
Skios VCP separates what a credential says from how it is trusted. Personal data stays protected off-ledger, while a tamper-evident trust registry anchors every credential's authenticity and status — verifiable by anyone, forever.
Every issuance, suspension, revocation and reissue is committed to an append-only, hash-chained trust registry — designed to sync onto a permissioned Hyperledger Fabric ledger. Any retroactive edit, deletion or relink is detected. Verifiers confirm authenticity independently, without contacting the issuer.
Certificates are issued as W3C Verifiable Credentials, cryptographically signed with Ed25519 over canonicalised JSON. Aligned to eIDAS 2.0, the EUDI Wallet and the European Digital Credentials for Learning framework — so a credential issued today stays verifiable across the EU for the holder's lifetime.
Employers, universities and authorities verify any certificate in under a second — by QR code, verification code, URL or REST API — free and without registering. Every check validates the integrity hash, the issuer's signature and the live lifecycle status against the trust registry.
Credentials are living records, not static files. Suspend, reinstate, revoke with mandatory reasons, or revoke-and-reissue corrected certificates with two-way supersession links — every action anchored to the registry and visible to verifiers in real time.
Beyond the trust layer, Skios VCP is a complete operational platform — bulk issuance, holder self-service, institutional governance, integrations, reporting and defence-grade security.
Template-based single issuance, CSV batches with row-level error isolation — proven at 30,000 credentials per batch — and REST API issuance for student-information systems.
Students and teachers view, print and download their credentials, and share them via expiring, view-limited links with selective disclosure — web, mobile and EUDI Wallet ready.
Ministries, universities and colleges each operate with their own signing keys, templates and staff. Organisation suspension instantly blocks issuance network-wide.
Six-role capability matrix, TOTP two-factor authentication, account lockout, and issuer key rotation — retired keys still verify their credentials, compromised keys are hard-refused.
Scoped API keys for verify, issue, revoke and reporting, plus HMAC-signed webhooks with retry — pre-wired for student-information and HR system integration.
No PII on the trust layer. Subject export (Art. 15/20) and right-to-erasure (Art. 17) built in — personal data is erased while proof-of-issuance hashes remain valid.
Dashboards for issuance and verification volumes, per-institution and per-template breakdowns, SLA usage metering, and CSV/JSON compliance exports.
A second hash-chained log records every administrative and security action, browsable in the portal and reconcilable against the trust registry.
Credentials bind to holders through salted HMACs of the national eID number — strong subject binding with no raw identifiers stored in the credential.
Strict CSP, CSRF protection, rate limiting, encrypted keys at rest (HSM-ready), hashed session and API tokens, and defence-grade engineering standards throughout.
English and Maltese across all public and certificate surfaces, with semantic, keyboard-first, WCAG-conscious interfaces.
Cloud-native and containerised for government cloud hosting with high availability and disaster recovery — built for national-scale public infrastructure.
Define credential templates — degrees, certificates, transcripts, warrants — with schemas, validity rules and signing keys per institution.
Issue individually, in bulk from CSV, or via API from your student-information system. Every credential is signed and anchored to the trust registry.
Holders access their credentials through the self-service portal — print with QR, download the signed credential, or share selectively via expiring links.
Employers and institutions verify instantly and free — signature, integrity and live status checked against the registry, with every check audited.
Skios VCP is designed for issuers whose documents carry lifelong value — and lifelong exposure to fraud.
National-scale issuance of state examination certificates, teacher warrants and qualifications — 30,000+ credentials per year with full audit.
Degrees, diplomas and transcripts as verifiable credentials — instantly checkable by employers and admissions offices worldwide.
Course completions, skill cards and trade certifications with template-driven expiry and renewal workflows.
Licences, warrants and professional registrations with real-time suspension and revocation visible to every verifier.
High-volume certificates for short courses and CPD programmes, issued in bulk and shared by holders in one click.
Any registry issuing attestations citizens must prove elsewhere — built on the same pattern as Malta's national Fabric platforms.
See a live issuance-to-verification walkthrough with your own certificate templates, and how Skios VCP fits your identity, hosting and compliance landscape. Book a personalised demo with our team.