What Is a Credential Format, and Why Does It Matter Which One You Choose?
The format of a digital credential may seem like a technical detail, but it can shape interoperability, privacy, and flexibility for years to come.
When a government program issues a verifiable digital credential, the work does not end at delivery. A verifiable digital credential is created, used, updated, and eventually retired, and each of those stages involves different systems, different agencies, and different responsibilities. Getting clear on who owns what, at each point in that arc, is one of the more practical things a program can do to protect residents and build durable public trust.
The Lifecycle Stages
Enrollment and identity proofing: Before a credential is issued, the applicant's identity needs to be verified to the level of assurance the program requires. This stage belongs to the issuer, or to a proofing service acting on their behalf. The quality of this step shapes everything downstream: a credential is only as reliable as the proofing that preceded it. What Is Identity Proofing and Why Does It Matter for Government Services? covers what different proofing levels involve and what they are designed to establish.
Issuance: Once identity has been established, the issuer signs the credential and delivers it to the holder's wallet. This stage involves key management, format selection, schema compliance, and secure delivery. The issuer is responsible for the accuracy of the credential's contents and for maintaining the signing keys used to issue it. Getting the details right at this stage (such as data accuracy, expiry dates, required attributes) matters, since corrections typically require going back to the holder for reissuance.
Active use: The holder stores the credential and presents it to verifiers as needed. The wallet preserves secure storage and enforces any presentation constraints the issuer has specified. The verifier is responsible for confirming that the credential is valid (checking the signature, expiry date, and revocation status) before relying on it. This is the stage residents experience most directly, and the one where design choices around selective disclosure and presentation governance shape what data actually moves. How Do Verifiable Digital Credentials Work? A Non-Technical Explanation walks through what verification involves at this stage.
Revocation and status management: When a credential needs to be invalidated before its natural expiry (because circumstances changed, an issuance error was identified, or a security event occurred) the issuer is responsible for updating the credential's status and ensuring verifiers can access current status information promptly. How revocation is implemented affects both how quickly a revoked credential stops being accepted and whether the revocation mechanism itself creates privacy risks. Choosing a revocation approach that preserves resident privacy is as much a program decision as a technical one. Digital Identity Beyond Credentials: What Governments Actually Need addresses how these operational choices shape whether a program serves residents well in practice.
Expiry and renewal: Every credential has an expiry date, a point after which it is no longer considered valid. When a verifiable digital credential expires, the holder goes through some form of re-verification or renewal to receive a new one. The issuer is responsible for communicating expiry timelines clearly, designing a renewal process that does not require full re-enrollment where that is not warranted, and ensuring that the transition from an expired credential to a new one does not create service gaps for residents.
The Handoffs Between Stages
Each stage is manageable on its own. The complexity tends to surface at the boundaries.
A proofing stage that does not clearly pass enrollment data to the issuance system can introduce credential errors downstream. A revocation system without a clearly designated maintainer may drift out of date. A renewal process that requires residents to restart full enrollment (where a lighter re-verification would suffice) can create friction that erodes trust in the program over time.
Thinking through these handoffs early, rather than treating them as implementation details to resolve later, tends to make the overall program more straightforward to operate and easier to improve.
Governance Across Agencies
For programs that span multiple agencies, such as a federal proofing authority, a state issuing agency, or a network of local service verifiers, clarity about who owns each stage protects both residents and program managers when questions arise.
When a resident presents a credential that is not accepted and needs to understand why, the program's ability to help them depends on whether the right contacts and processes are in place for each stage. Documenting lifecycle responsibilities across agencies is how programs stay accountable to the people they serve.
SpruceID works with agencies at every stage of the credential lifecycle, from proofing and issuance through revocation and renewal. If you are designing or reviewing a credential program and want to think through lifecycle responsibilities, get in touch.
Building digital services that scale take the right foundation.
About SpruceID: SpruceID builds digital trust infrastructure for government. We help states and cities modernize identity, security, and service delivery — from digital wallets and SSO to fraud prevention and workflow optimization. Our standards-based technology and public-sector expertise ensure every project advances a more secure, interoperable, and citizen-centric digital future.
