# Verifying a DIVOC Certificate The verification component of the DIVOC certificate service checks for two things: 1. An issued certificate is valid (that is, the document is currently ‘live’ and is not a revoked document). 2. The document is authentic (that is, the document has not been tampered with). ## **For verifying authorities** ### **Offline verification:** DIVOC supports offline verification of the QR code-based digital certificates to support verification of certificates in connectivity restricted regions and make it more user-friendly. The QR code can be verified by third-party authorised verifier applications to enable domestic and cross-border verification of DIVOC-issued certificates. Use the following steps to verify a DIVOC certificate: 1. Scan to detect the QR code. 2. The verification component uses the QR code reader libraries to read the contents of the QR code embedded in the certificate. 3. Once the QR code is detected by the camera, it reads the binary data encoded in the QR code. (the binary data will be in zipped format). 4. The decompressed Json in the QR code is authenticated using a signing method mentioned in the proof section of the QR code content 5. After unzipping it, you will get a certificate.json file (certificate.json will have the signed, json-ld formatted VaccineCertificate). 6. Json-ld signature will be verified against the public key that is issued by the issuing authority. 7. On successful verification, the revoked API is called to check if a certificate has been revoked or not. 8. Once the signature and revocation are verified, the success screen is shown with beneficiary and vaccine details. 9. Since it is offline verification, the verifier will need to download the CRL within the verifier application. The verification service will also go through the CRL and check for the certificate's revoked status. 10. Please note: In addition to supporting verification by third-party verifiers, DIVOC also provides a verification portal. The portal works on a web browser as well as on a mobile phone browser, and it can be also used by verifying authorities to verify DIVOC-certificates in an “offline” capacity. ### **Online verification:** * DIVOC provides a public portal that allows verifiers (including self-verification by beneficiaries) to verify certificates. * Certificates can be scanned and verified on the following URL: [**https://demo-divoc.egov.org.in/**](https://demo-divoc.egov.org.in/) and clicking on “Verify.” ![](/files/YOcbcAYkYGjEreuyV9Qp) Next, * Scan the QR code. * On successful verification, certificate details will be shown on the screen. * On unsuccessful verification (unauthenticated/fraudulent certificates), the message will be shown as “Certificate Invalid.” ![](/files/y44GBbiWa7aZlpjt6r8d) [![Creative Commons License](https://i.creativecommons.org/l/by/4.0/80x15.png)](http://creativecommons.org/licenses/by/4.0/)*All content on this page by* [*eGov Foundation*](https://egov.org.in/) *is licensed under a* [*Creative Commons Attribution 4.0 International License*](http://creativecommons.org/licenses/by/4.0/)*.* --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://divoc.digit.org/platform/divocs-verifiable-certificate-features-2.0/verifying-a-divoc-certificate.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.