What is Visible Digital Seal (VDS)?
How can you be sure the information you see – whether presented digitally or on a physical item like paper – is real and hasn’t been faked or altered? The Visible Digital Seal (VDS) provides the answer.
VDS is a powerful technology based on open, international standards, governed by VDSIC. Think of it like a high-tech, tamper-proof digital seal that guarantees the authenticity (who it came from) and integrity (that it hasn’t changed) of specific information. This secure digital data is often carried visually using a 2D barcode (like a QR code) printed on documents, but the VDS itself can exist and be verified purely electronically.
Because the digital signature typically comes from the issuing organization’s secure systems (rather than an individual), it’s often referred to as a ‘seal’ to distinguish it from a personal electronic signature.
You might encounter VDS securing:
- Travel Documents (like visas or border crossing information)
- Health Certificates (like vaccination records)
- Identification Badges and Credentials
- Official Documents (like proofs of residence, diplomas, or permits)
- Product Authentication Labels (combating counterfeits)
Origins and Development of VDS
The first interoperable implementation of VDS, known as “2D-Doc,” emerged from a practical security need identified by France’s Ministry of the Interior—to secure proof-of-residence documents for passport issuance. The vulnerability intensified with digitization, as documents became easily modifiable by users.
In response, the French National Agency for Secure Documents (ANTS became “France Titres”) creating the “2D-Doc” solution. Today, widely adopted examples include EDF contract certificates.
Initially developed to enhance security, the network rapidly expanded, involving stakeholders such as French Committee for Banking Organization and Standardization (CFONB), Ministry of Interior, ANTS, Ministry of Economy and Finance or Trusted industry partners (Groupe La Poste, FnTC, Goodflag, Certigna, Conseil National de l’Ordre des Experts Comptables, Chambre Nationale des Commissaires de Justice, Conseil National des Greffiers des Tribunaux de Commerce, IN Groupe, Agence Nationale de Certification Electronique – Tunisie -, …).
How Does VDS Work?
The VDS combines several key elements, built on open standards, to create verifiable trust:
Secure Data Package (“Seal”)
At its heart, VDS is a block of digital data containing the specific information being secured (e.g., name, date, document type…).
It includes essential technical information that verification systems need (like references to the rules it follows and the issuer’s credentials).
It contains a digital signature – a unique, unforgeable cryptographic seal created by the authorized issuer using their private key. This seal mathematically proves the data hasn’t been tampered with and confirms who issued it.
Manifest File (“Rulebook”)
Not every VDS use case is the same. The data needed for a health certificate differs from that for product authentication.
For each type of VDS, there’s a corresponding Manifest file. This acts like a specific, authoritative rulebook or blueprint defined by the relevant governing body (Scheme Operator).
The Manifest tells verification systems exactly what information should be inside that type of VDS, the format and constraints it must follow, and any specific validation policies.
The VDS data itself contains a unique ID pointing to its correct Manifest rulebook.
Trusted Directory (“Trust Lists”)
How does a verifier know if the organization that issued the VDS was actually allowed to? And where are the rules (Manifest) and credentials found?
The VDS environment uses Trust Lists (TSLs) – secure, digitally signed directories maintained by trusted organizations within the VDS hierarchy (governed ultimately by VDSIC).
These lists allow verifiers to trace back the issuer’s authority to a recognized source, confirming they are legitimate and authorized. They provide the secure links needed to find the correct Manifests and the issuer’s public key certificate for verification.
Advantages of Implementing VDS
Strong Authentication of Origin & Data: Provides verifiable proof that the information originated from the legitimate source and matches what was originally issued.
Tamper-Proof Integrity: Guarantees the core information has not been altered since the VDS was created.
Issuer Non-Repudiation: Provides cryptographic proof that the authorized issuer cannot deny having created the seal containing specific data at a specific time.
Verifiable Timestamps: Includes a secure date and time of issuance within the digitally signed data.
Global Compatibility (Interoperability): Based on international standards (ISO 22385, ISO 22376, ETSI TSLs), ensuring VDS can be reliably checked by different systems worldwide.
Enhanced Trust: Builds confidence for users and relying parties through a robust, transparent, and secure environment.
Flexibility: Adaptable to a wide range of use cases across different industries.
Offline Verification: Often possible to verify a VDS without an active internet connection (if necessary trust information is cached).
Standardized & Open: Built on open, internationally recognized standards, fostering wide adoption and avoiding proprietary lock-in.
Beyond Security
More than just a security solution, the VDS significantly enhances operational efficiency by bridging applications and reducing manual data-entry errors. Traditional enrollment processes, costly and prone to transcription errors, are simplified through automated data reading, verification, and integration enabled by VDS. This leads to:
Increased Efficiency: Reduced complexity and faster data processing.
Cost Reduction: Lower operational expenses through automation.
Enhanced Accuracy: Minimized errors due to direct data verification.
From securing international travel and public health documents to verifying product origins and streamlining citizen services, VDS provides a standardized and trustworthy solution for the digital age, replacing ambiguity with verifiable certainty.
