Digital Credentials on the Blockchain – The Benefits for the Global Learner and Beyond
As a pre-millennium student and or professional, you probably remember how proudly you received
your educational achievements (degrees and the occasional certificate) and carefully put these away
in a file to avoid creases (perhaps some of you showcased your degree on the wall). However, for
most of us from that period, we most likely didn’t pick up those files again except occasionally to
photocopy or scan our educational track records for a new employer.
Fast forward to today – if you are a lifelong learner, that bulky file gathering dust is now most likely a
digital file. However, the storage, shareability and verifiability of your learning achievements remains
a cumbersome process. Especially in a world where we are increasingly global citizens. Enter
blockchain – a way of storing immutable, digital credentials on a system – a one click away from
sharing and authenticating your educational portfolio.
Since 2013, the TU Delft Extension School of Continuing Education has been dedicated to educating
the world and enhancing the quality of online education. Today we have over 3 million learners from
across the globe. Having a verifiable credential is an important part of completing a course. We
entered into a pilot to put certificates on the blockchain and explore the benefit this would bring to
an international learner – to be precise, we wanted to know how a learner who takes a course
offered by the TU Delft Extension School but who lives and works in Singapore could benefit from
Piloting a test case with Singapore
We did this pilot together with Accredify, a driver of the adoption of digital credentials in Singapore.
Accredify was introduced to us through the Blockchain program between the Netherlands and
Singapore (facilitated by Partners for International Business Blockchain Solutions). This was the first
time Accredify partnered with an institute in Europe. Accredify uses Blockchain Ethereum
technology to issue and verify tamper-proof, digital academic certificates1. As a public university that
is based in Europe, we were keen to explore what benefit it would bring the professional learner
with minimal effort from their side, provided that all General Data Protection Regulations (GDPR)
were being taken into account (Europe having one of the strictest Data Protection laws in the world).
As with any pilot or joint project, we started by signing an agreement between the respective
institutes (TU Delft and Accredify) but also with the learner. As this pilot involves learner personal
data, we had to fulfil all the obligations we have in this regard about how we would process the data
and how we would ensure the learner was aware of this. We identified a willing volunteer, a
Singaporean-based professional learner, who had successfully completed a TU Delft Professional
Blockchain technology to safeguard learner’s data
Accredify creates a unique fingerprint, or hash, for the certificate, which is generated based on the
certificate’s content. This hash is then published to the blockchain. The certificate is then issued and
distributed to learners as an OpenCert file, a format that is easily shareable and verifiable. With this
OpenCert file, the learner can instantly verify their certificate by dragging and dropping the file to an
online verifiable portal, and can decide whom they want to share their certificate with, for example
their employer or via LinkedIn.
Fingerprints and identifiers – how does it all work?
Behind the scenes of the verification process, Accredify creates a new fingerprint for the uploaded
certificate based on its content. The new fingerprint is compared with the original fingerprint
published to the blockchain. If the new fingerprint and original fingerprint match, the certificate is
verified to be a true certificate. Accredify’s system will then return a Yes / No answer as to whether
the learner’s certificate a) has not been tampered with; b) has been issued; c) was issued by an
authorised institution; and, d) is still valid at the time of verification. If the fingerprints do not match,
the certificate will fail verification. This could mean that the certificate was modified or has not been
One of the most fundamental principles of the GDPR indicates that processing of personal data must
ensure confidentiality; this means that any data made public that identifies the learner is a breach of
GDPR. Information on an educational certificate would include the full name, date of birth and in
some cases, country of birth, of the learner – all of which are personal data. Another principle
indicates that all individuals have a ‘right to be forgotten’ – this means that an individual can request
that their personal data be removed (erased) from the institute’s records. Is the application of
blockchain for credentials GDPR compliant?
Hashed data is considered as personal data on the blockchain if it can be related to a specific person.
To respond to this, the solution is to create an “intermediate” identifier. The hashes appended on
the blockchain will cease to be deemed as personal data as from the deletion of this “intermediate”
Once on the blockchain always on the blockchain?
The question of the right to be forgotten is a bit more challenging. Once on the blockchain, always
on the blockchain. From our internal systems we can ‘revoke’ the certificate. From the learner’s side,
they can choose to no longer share their certificate with anyone; however, the hashed data related
to the certificate can never be removed from the blockchain. The action of revocation means that
the certificate, if it ever goes through the verification process, will no longer be verifiable. However,
when we delete the “intermediate” identifier of the learner at their request, the hashes appended
on the blockchain will cease to be personal data. This thus provides the learner with the ‘right to be
forgotten’ as we cease to have control over the learner’s personal data. As an institute within
Europe, it is crucial to let the learner know how their data will be processed before putting their
certificate on the blockchain.
Encouraging results for future adoption
To conclude, the lessons learnt from this pilot are very encouraging. Learners and employers can
enjoy ease of shareabilty and verifiability. However, as with any (relatively) new technology, a
cultural change is required. Many universities and organisation still have their own ‘legal’ obligations
and/or outdated processes for receiving and storing certificates. With on-going initiatives in the field
of digital credentials on the blockchain and the boom in lifelong learning opportunities, we hope
that the increase in learners and institutes using this technology will be the required catalyst for
change for wider societal acceptance of these forms of digitally verifiable certificates.
TU Delft is a member of the Digital Credential Consortium – a university led initiative where 12
universities are developing infrastructure for issuing, sharing and verifying digital credentials of
academic achievement. Learn more at digitalcredentials.mit.edu
Founded in 2019, Accredify is pioneering the adoption of verifiable data by providing organisations
with an end-to-end solution to create and issue verifiable documents. Serving clients in the education
and healthcare sector and with a presence in more than five markets globally, documents issued by
Accredify have been verified close to 5 million times. With a dedicated team that embraces the
highest standards of customer service, security, and privacy, Accredify’s objective is to be the trusted
solution for managing and verifying documents anywhere and anytime. Learn more at
Partners for International Business (PIB) Blockchain Solutions. In this programme Dutch companies,
knowledge institutes and government are working together to connect the Dutch and Singapore’s
blockchain ecosystems and explore and develop blockchain solutions. Learn more at
- 8 Benefits of Verifiable Digital Certificates for Educational Institutions