PrivySeal was started to prevent certificate and qualification fraud. We do this using data securely accessed from the Certificate Issuer’s IT platform or database in real-time.
PrivySeal’s digital certificates and seals cannot be misrepresented, are revoked and re-issued automatically by reference to the Institution’s e.g. employment data. As such they are always up to date, cannot be lost and are easily shared by the Certificate Holder (“Credentials”).
PrivySeal Digital Accreditation assists consumers and other stakeholders to more easily spot the difference between genuine and fraudulent Official with an embedded digital seal / badge.
PrivySeal creates real-time digital seals / badges and linked certificates that only display if the Certificate Issuer’s data reflects they remain valid.
See an example of the South African Qualification Authority’s Certificate of Evaluation at:
Every PrivySeal issued Credential may be easily shared online.
These digital Credentials evidence the employment and other status of the person in real-time for the purpose of reducing fraud, increasing trust and the like.
PrivySeal is of the view that the continued use of static PDF and printed certificates, as the primary means of evidencing qualifications, undermines the benefits of 4IR and facilitates ongoing fraud and difficulty for Certificate Issuers.
Specifically, paper and PDF certificates suffer from many deficiencies, including being:
- easily altered / misrepresented;
- easily lost;
- are not reflective of the current status (reflecting a historical status);
- cannot be changed dynamically by the Certificate Issuer;
- not easily shared (requiring copying, certification and delivery);
- not easily displayed;
- costly to create, print and deliver;
- not conclusively tied to the data subject (rightful certificate holder).
Paper vs Digital
Paper certificates will continue to have a place, if only as decorative items, displayed on walls. Paper certificates are inherently problematic, as detailed above.
In our view, paper Certificates are not fit for purpose in a digital context. Real-time digital credentials by contrast can be made far more secure and far can better assist Certificate Holders to showcase and conclusively prove their role, function etc. in real-time.
PrivySeal enables its clients to reduce cost, delay and risk while increasing efficiency and value to their ultimate stakeholders, the Public.
Security and data privacy considerations
PrivySeal secure all data using best IT practices. For example, PrivySeal encrypts all such data both in transit and at rest.
PrivySeal has partnered with one of the world’s foremost data hosting and security companies, Amazon Web Services. Data may therefore be securely stored at their Cape Town data centre.
PrivySeal score A+ in their SSL Lab Report. All PrivySeal generated Certificates are only ever decrypted in the web browser etc. using SSL.
PrivySeal make use of CloudFlare to mitigate Distributed Denial of Service attacks and other threats.
Certificates Issuers may choose to further safeguard access to the digital Certificate using their own password protected portal. Officials and any other Certificate Holders would then need to log-in in order to gain access to their digital Certificate.
PrivySeal’s Application Programming Interface (API) allows for:
immediate issue, revocation and re-issue of Credentials with zero delay;
limited data disclosure, as far less data is required to issue the required Credentials, in line with increased data privacy considerations.
The fees are simple and billed monthly in arrears based on the maximum number of Credentials issued in that month.
Dynamic Credentials – where the Certificates need to be issued, revoked and re-issued
We charge R1.25 excl VAT per Credential per month. The Credential consists of both the digital Seal and linked Certificate.
Static Credentials – where the Certificate is never revoked or changed
In some cases the Certificate never changes. Those static Certificates are issued in perpetuity for a once off fee of R15 excl VAT.
For Certificate volumes of less than 500,000, PrivySeal charges a monthly fee of R1.25 excl VAT per Certificate issued (“Digital Accreditation Fee”).
Self Sovereign Identity – moving towards issuing Verifiable Credentials
PrivySeal makes use of the Self Sovereign Identity (SSI) Data Model and is therefore able to migrate its clients from issuing paper based Credentials to digital Credentials, as described above, and ultimately to Verifiable Credentials, as the demand for this form of verification grows. Our platform is therefore “future proof” and well able to meet the current and future requirements of our clients.
In the SSI data model the Credential is issued to the Holder by the Issuer through an Identity Ledger, provided by a third party such as PrivySeal. Given that the Credential is requested by the Holder and signed by the Issuer and then issued on the Identity Ledger, the process enables the Credential to be verified as authentically issued by the Issuer to the correct Holder.
PrivySeal is well placed to advise clients on how to best secure and issue their Credentials using the SSI data model. Of particular interest to many Government Departments, SOE, SOC and Regulators is the ability to provide their Certificate Holders (whether they be registrants, citizens, permit holders, ratepayers, patients, scholars, students, graduates etc) with a Verifiable Credentials Wallet in which all the Holder’s Verifiable Credentials may be stored and which
allows the Holder to share aspects or all of their personal information securely, without the need to disclose sensitive personal information.
The SACPCMP had migrated from paper and PDF registration and other certificates to PrivySeal’s real-time digital Credentials and seen a reduction in fraud and growth of 102% in revenue and growth of 19% in registered persons as a direct result. The SACPCMP have published the results at http://sacpcmp.org.za/wp-content/uploads/2019/02/PrivySeal-Final.pdf.