OTENTIK

Join

Visible Digital Seal

What is Visible Digital Seal (VDS)?

How can you be sure the information you see – whether presented digitally or on a physical item like paper – is real and hasn’t been faked or altered? The Visible Digital Seal (VDS) provides the answer.

VDS is a powerful technology based on open, international standards, governed by the VDS International Council (VDSIC). Think of it like a high-tech, tamper-proof digital seal that guarantees the authenticity (who it came from) and integrity (that it hasn’t changed) of specific information. This secure digital data is often carried visually using a 2D barcode (like a QR code) printed on documents, but the VDS itself can exist and be verified purely electronically.

Because the digital signature typically comes from the issuing organization’s secure systems (rather than an individual), it’s often referred to as a ‘seal’ to distinguish it from a personal electronic signature.

You might encounter VDS securing:

  • Travel Documents (like visas or border crossing information)
  • Health Certificates (like vaccination records)
  • Identification Badges and Credentials
  • Official Documents (like proofs of residence, diplomas, or permits)
  • Product Authentication Labels (combating counterfeits)

Origins and Development of VDS

The first interoperable implementation of VDS, known as “2D-Doc,” emerged from a practical security need identified by France’s Ministry of the Interior—to secure proof-of-residence documents for passport issuance. The vulnerability intensified with digitization, as documents became easily modifiable by users.

In response, the French National Agency for Secure Documents (ANTS) collaborated with AriadNEXT, a specialist in digital identity verification, creating the “2D-Doc” solution. Today, widely adopted examples include EDF contract certificates.

Initially developed to enhance security, the ecosystem rapidly expanded, involving stakeholders such as French Committee for Banking Organization and Standardization (CFONB), Ministry of Economy and Finance, National Delegation for Fraud Prevention (DNLF) or Trusted industry partners (Groupe La Poste, FNTC, AriadNEXT, Lex Persona, Dhimyotis, etc.).

Today, the VDSIC coordinates governance, ensuring clear definitions of data formats, rigorous standards for certification authorities, technical server seal profiles, electronic signature formats, and stakeholder certifications. Through collective governance, the VDSIC supports ongoing global standardization, guaranteeing robust and trusted use of Visible Digital Seals worldwide.

How Does VDS Work?

VDS combines several key elements, built on open standards, to create verifiable trust:

Secure Data Package (“Seal”)

At its heart, VDS is a block of digital data containing the specific information being secured (e.g., name, date, document type, expiry).

  • It includes essential technical information that verification systems need (like references to the rules it follows and the issuer’s credentials).
  • It contains a digital signature – a unique, unforgeable cryptographic seal created by the authorized issuer using their private key. This seal mathematically proves the data hasn’t been tampered with and confirms who issued it.

Manifest File (“Rulebook”)

Not every VDS is the same. The data needed for a health certificate differs from that for product authentication.

  • For each type of VDS, there’s a corresponding Manifest file. This acts like a specific, authoritative rulebook or blueprint defined by the relevant governing body (Scheme Operator).
  • The Manifest tells verification systems exactly what information should be inside that type of VDS, the format and constraints it must follow, and any specific validation policies.
  • The VDS data itself contains a unique ID pointing to its correct Manifest rulebook.

Trusted Directory (“Trust Lists”)

How does a verifier know if the organization that issued the VDS was actually allowed to? And where are the rules (Manifest) and credentials found?

  • The VDS ecosystem uses Trust Lists (TSLs) – secure, digitally signed directories maintained by trusted organizations within the VDS hierarchy (governed ultimately by VDSIC).
  • These lists allow verifiers to trace back the issuer’s authority to a recognized source, confirming they are legitimate and authorized. They provide the secure links needed to find the correct Manifests and the issuer’s public key certificate for verification.

Secure Display Format (“RFF”)

Simply verifying the data isn’t enough; it needs to be presented clearly and securely to the user.

  • The Manifest defines a standardized way to display the verified information (the Response Formatting Function, or RFF), often as a secure web view.
  • It ensures users see the information consistently and prevents manipulation of the display. It’s designed to work securely, embedding all necessary components (styles, images) to function reliably, even offline.

Advantages of Implementing VDS

Implementing VDS brings significant advantages for security, trust, and efficiency:

  • Strong Authentication of Origin & Data: Provides verifiable proof that the information originated from the legitimate source and matches what was originally issued.
  • Tamper-Proof Integrity: Guarantees the core information has not been altered since the VDS was created.
  • Issuer Non-Repudiation: Provides cryptographic proof that the authorized issuer cannot deny having created the seal containing specific data at a specific time.
  • Verifiable Timestamps: Includes a secure date and time of issuance within the digitally signed data.
  • Global Compatibility (Interoperability): Based on international standards (ISO 22376, ISO 22385, ETSI TSLs), ensuring VDS can be reliably checked by different systems worldwide.
  • Enhanced Trust: Builds confidence for users and relying parties through a robust, transparent, and secure ecosystem.
  • Flexibility: Adaptable to a wide range of use cases across different industries.
  • Offline Verification: Often possible to verify a VDS without an active internet connection (if necessary trust information is cached).
  • Standardized & Open: Built on open, internationally recognized standards, fostering wide adoption and avoiding proprietary lock-in.

Beyond Security

More than just a security solution, VDS significantly enhances operational efficiency by bridging applications and reducing manual data-entry errors. Traditional enrollment processes, costly and prone to transcription errors, are simplified through automated data reading, verification, and integration enabled by VDS.

This leads to:

  • Increased Efficiency: Reduced complexity and faster data processing.
  • Cost Reduction: Lower operational expenses through automation.
  • Enhanced Accuracy: Minimized errors due to direct data verification.

From securing international travel and public health documents to verifying product origins and streamlining citizen services, VDS provides a standardized and trustworthy solution for the digital age, replacing ambiguity with verifiable certainty.