Rethinking Learner and Earner Credential Verification

When a learner earns a credential, whether it's a workforce certificate, micro-credential, or degree, they deserve to share it with the same trust, control, and clarity that we expect in any other critical verification process.

As Learning and Employment Records (LERs) gain traction across education, training, and workforce systems, we're facing a pivotal challenge: Why aren't these credentials built on the same principles of transparency, consent, and interoperability as other verified information in our digital lives? If LERs continue to rely on fragmented standards, formats, and verification practices, learners are left navigating a maze while employers and institutions struggle to interpret records consistently and securely.

To build trust in the LER ecosystem, we need credentialing infrastructure that meets users where they are: portable, verifiable, and understandable across contexts.

The Existing Model: Simple but Limited

In many implementations, the credential is uploaded to a central service after issuance. The learner shares a static URL or QR code, and anyone with access can view the full contents and verification status, no wallet or special tools are needed on the verifier's side. This ease of access is a clear benefit.

However, the model is generally more centralized than might be desired, which comes with some challenges. First is control of and access to data. The verification experience relies on the availability and integrity of a third-party service (or, commonly, services tied to the issuer) that holds the credential data. If the user is removed from that system, they lose the badge information stored in that system. This makes the holder dependent on the issuer to maintain the service and credential info for them. Next is reliability - if the badge-holding system goes offline or is compromised, the verification capabilities are also lost. Lastly, there is the question of privacy. If the verifier must visit a central service, particularly one managed by the issuer, then the issuer knows who is verifying what information about every badge. That is a powerful set of tracking data.

When the entire credential is shared and made broadly available for verification at a public or semi-public address, there's no opportunity for selective disclosure, either to choose not to share certain information or to give consent per verification request. Even when this type of badge sharing is revocable, these links generally are “all or nothing” and lead to overexposure. 

We want to evolve these solutions as we move towards a more privacy-preserving, user-controlled world of digital data sharing. 

A New Approach: Privacy-Preserving, Standards-Based Verification

At SpruceID, we’ve taken a new approach to building Learning and Employment Record (LER) credentials, one that gives learners more control and privacy. We use the Open Badges 3.0 standard, which defines a common way to describe learning achievements so they can be recognized across different platforms. Open Badges 3.0 specifies the Verifiable Credentials Data Model (VCDM) 2.0 for structuring these credentials, enabling cryptographic security, portability, and tamper resistance. This approach gives learners more control over how their credentials are shared and verified while aligning with emerging ecosystem standards.

For issuing and presenting credentials, we use OID4VC (OpenID for Verifiable Credentials) and OID4VP (OpenID for Verifiable Presentations), which allow credentials to be securely shared in real-time, with the holder’s consent rather than stored on a central server. To support selective disclosure, we package the credential using SD-JWT VC, a format that lets the holder reveal only specific pieces of information rather than the entire credential.

Altogether, this approach lets learners store credentials in their secure digital wallet and decide exactly what they share, when, and with whom, providing stronger privacy, less reliance on intermediaries, and better alignment with data protection laws.

In this model:

• Credentials live with the holder, not on a hosted server
• Verification is interactive, happening in real time between the holder and verifier
• Only necessary information is shared, thanks to selective disclosure and user consent flows
• Standards like GDPR and FERPA are easier to support by design

This approach preserves portability: learners can use their credentials across platforms and systems, even if the original issuer or platform disappears. It's also designed for longevity, supporting lifelong learning records that the holder truly owns and controls.

Why This Matters

We believe credential holders deserve the same control over their achievements that they are learning to expect from their identity data. That means user consent, data minimization, and resilience against vendor lock-in.

For issuers, this means credentials that are portable and can be used across systems and platforms.

For verifiers, it means a more secure, tamper-resistant way to confirm qualifications, with standards-based integrations that can plug into existing HR or admissions workflows.

For learners, this means credentials they truly own, not just access to a link but full control over how their accomplishments are shared and seen.

A Familiar Yet More Secure UX

Although this model introduces more real-time interactions, the user experience remains intuitive. For example, when an employer wants a job applicant to verify their appropriate credential, they can embed a QR code for the learner to scan with their credential wallet. This allows the learner to review the request, simply scan the QR code, and tap “approve” when prompted. As more systems begin to use open standards, any compliant wallet or verifier would be able to participate in building out or adopting these solutions. Broad compatibility is critical for long-term ecosystem success.

Verifiers will likely need to adapt their existing processes to a small extent. Instead of reviewing a credential on a webpage, a recruiter or admissions officer might need to share an OID4VP QR code and save the results from that request instead. Although this is a shift, it offers more security and reduces fraud, and simple integrations with verifier products will evolve over time.

Supporting Optionality

We also recognize that one size doesn't fit all. Some credentials are meant to be widely shared and carry less sensitive data. For some use cases, public links will always make sense. These scenarios can still support individuals by adding short-lived presentation tokens or creating one-time verification experiences that can be shared with a key or code. 

Our goal is to offer institutions and holders flexibility to choose between high-trust, high-control models and simpler, open-sharing options depending on what’s appropriate for their business needs.

Building LER Credentials for the Future

As digital credentials become a foundational layer of how we recognize learning and achievement, it's time to evolve the way we verify them. Static links and centralized systems have their place, and have been a baseline and necessary first step, but there are exciting improvements to these expectations that we are beginning to see around privacy, control, and interoperability. 

At SpruceID, we believe that by embracing open standards, centering learner privacy and consent in these processes, and empowering users with modern, secure digital credential wallets, we can create a verification experience that is simultaneously intuitive, resilient, and trustworthy.

About SpruceID: SpruceID is building a future where users control their identity and data across all digital interactions.