Education is a key aspect in personal and societal development, and plays an ever increasing role in our society and economy. In many cases, the end of an education program is marked by the issue of a certificate, which recognises (“certifies”) the educational path undertaken and the skills/competences acquired. Education certificates are, therefore, very important; yet, the way we manage them is broken.
Based on a true story
Let me start with a personal experience. Some time ago I needed to get a copy of my PhD certificate for a small consulting contract (the original had gone lost, or so I thought, in one of the many relocations I did over the last decade). After some search, I ended up discovering that the options to get a copy were*:
- go physically to my Alma Mater offices in Padova
- use a certified email (which I didn’t have at the time)
- send a fax (a fax in 2021? Really?!)
- send a letter request via the official Poste Italiane registered mail service (nope, express courier does not work in this case…). Of course, including a double-sided copy of a valid ID card and even a revenue stamp.
*If you don’t trust me, have a look here at the official UniPD page describing the whole process.
Let’s take a step back: why does it work like this?
Why so much bureaucracy? Why should it be so complex to get a copy of a certificate which is mine – because I earned it?! Now, to understand why it is so, there is some context that needs to be accounted for.
First, in some cases certificates have a legal value, and may be a prerequisite for entering a given profession or a higher-level formal education curriculum. You typically cannot enrol in a PhD program unless you completed a master, and you cannot become a lawyer unless you have a degree in law. Forgery is a real issue, and that is why many issuers want to keep tight control on copies.
However, certificates are not limited to formal education. There are indeed plenty of training programs, which also issue certificates. In some cases, they may be mandated by law (e.g. workplace security and safety, first aid, etc.).
The digital revolution (or maybe not)
Traditionally, certificates were handed out in paper form to individuals who completed a study degree. I know this may sound remote to Millennials, but I swear you: students used to receive a piece of paper, nicely carved, included with stamps and handwritten signatures, which more or less looked like this:
(yes, at the end I found it, hidden in a paper box in my parents’ garage).
At some point, obviously, digital technologies kicked in. Many organizations moved to digital and then it seemed easier and cheaper to handle the whole certificates lifecycle. No more paper archives, easier to make copies. Seems like a perfect solution! But. There is always a “but”.
First, in many cases, certificate issuers end up trapped in solution vendor lock-in: as no common open standard for certificates was available, each solution vendor went for their own, proprietary and closed, models and formats. And this made the switch from one solution provider to another a cumbersome and very costly process. Result? No interoperability and a lot of fragmentation.
Second, besides the burden related to bureaucracy and cost of red tape, recipients are not in control of the educational certificates they receive; all is still well kept in the hands (better: folders) of the issuers.
Third, there is another important angle to consider: that of employers who want to check the credentials of applicants. How to do that? Which tools are currently available? Sad truth is that, at the moment, the only chance is to contact the issuer and ask for verification. And surprisingly (or maybe not that surprisingly), you discover that in many cases there is no actual standard procedure for doing that. What mostly happens is that the issuer refuses employers’ requests, claiming that it may break their internal regulations in terms of management of personal data.
Technology help us!
So, is there anything that can be done to tackle these problems? Can we use digital technologies to build a certificate management system that actually works? While no silver bullet is available, there are two technologies that can help in building an actual solution that works.
The first component we need is an open standard for representing certificates. If there is no common way to represent the certificate, you cannot have interoperability, and it is going to be hard to build automations on top thereof. Luckily, there is one such standard that is emerging: OpenBadges. Initially launched and supported by the Mozilla Foundation, now part of the IMS Global Learning Consortium. The model is widely used to certify that a given skill (called an ‘achievement’ in the OpenBadges lingo) has been acquired through a learning process. While not designed specifically for (formal) education certificates, it is gaining traction as a de facto standard also for such application.
The second component we need is a data infrastructure and a set of supporting tools, which:
- allows individuals to have full control over the badges they receive, including the ability to disclose part of the information contained therein
- provides prospective employers with an easy and automated way to verify the veracity of a certificate provided by an applicant
- offers guarantees in terms of integrity of the certificate issued, i.e., that it has not been tampered with/forged since it was written by a legitimate issuer.
And here is where a family of new technologies, called Distributed Ledger Technologies (DLTs in short) kick in. While DLT may sound an obscure, geek-only acronym, there is one specific technology in the DLTs family you almost certainly heard about: blockchain. Blockchain, the technology powering bitcoins and most cryptocurrencies, is indeed a ‘special case’ of DLT.
DLT: what is it and why might be handy here
DLTs are a form of a decentralised database, i.e. a system composed of different servers (called nodes) which stores data, and keeps consistent, synchronized copies in different locations. DLTs store data in a ledger, that is an append-only registry. Encryption techniques are used to ensure that it is very hard to change anything that was written on the ledger in the past: this is what we refer to as tamper resistance. To make the system even more secure and robust, nodes run an algorithm (formally known as ‘consensus protocol’) that ensures that misbehaving or malicious nodes cannot compromise the integrity of data stored on other nodes.
Now, how can this technology be useful? Well, by storing a digital copy of the certificate (represented as OpenBadge) in a DLT, the recipient would be in full control of their certificate. Nobody could tamper with them, neither the issuer nor the user, nor random hackers out there. Employers could in an easy, fully automated way check the veracity of the certificates received. And issuers could cut costs related to issuing certificates and maintaining them in their own system.
So, if we had this system in place, how would my story with the copy of the PhD certificate look like? Well, I would have shared with the agency wanting to hire me a signature of my digital certificate. They would have been able to automatically check the veracity of my certificates. And all this without a fax!
Want to know more about what we are doing at U-Hopper to make credential systems robust, secure and user-centric? Write us at firstname.lastname@example.org
Did you enjoy this article?
Enter your e-mail address to receive our newsletter!
PS: don’t worry, we hate spam just as much as you do. We’ll send you just a couple of emails a year with a collection of the most interesting articles, it’s a promise!