DIVOC
DIVOC 3.5
DIVOC 3.5
  • Introduction to DIVOC
    • What DIVOC is and what it's not
    • DIVOC Docs Index
  • Platform
    • Release Notes
      • DIVOC 2.0 Release Features
      • DIVOC 3.0 Release Features
      • DIVOC 3.1 Release Features
      • DIVOC 3.5 Release Notes
    • Specification
      • API Documentation
      • Setting up DIVOC development environment
    • DIVOC's Verifiable Certificate Features 2.0
      • Creating a DIVOC Certificate
        • Overview of DIVOC’s digital certificates
        • What information is included in the DIVOC certificate?
        • DIVOC’s certificate generation service: How does it work?
        • Compliance with internationally used COVID-19 certificate schemas
      • Distributing a DIVOC Certificate
      • Updating a DIVOC Certificate
      • Revoking a DIVOC Certificate
      • Verifying a DIVOC Certificate
      • DIVOC's Native COVID-19 Certificate Specification
      • DIVOC’s EU-DCC Adapter Service
      • DIVOC’s SHC Adapter Service
      • Adding a User Type in DIVOC
      • Printing Certificates at a Facility
      • Normal QR Code Versus Signed/Verifiable QR Code
      • What Information Goes Into a QR Code?
      • WHO Master Vaccine Checklist
      • EU Master Vaccine Checklist
    • DIVOC's Verifiable Certificate Features 3.0
      • How to Configure a New Tenant?
      • How to Access the VC System and Generate Tokens
      • How to Generate Certificates
      • How to Fetch Certificates
      • How to Update Certificates
      • How to Revoke Certificates
      • How to Suspend Certificates
    • DIVOC's Verifiable Certificate Features 3.1
      • How to Verify Certificates
    • DIVOC's Verifiable Certificate Features 3.5
      • How to Create New Schemas
      • How to Manage Schemas?
    • DIVOC Architecture
    • Installation
      • Skills needed to set up DIVOC
      • Implementation Checklist
      • Setting Up DIVOC in k8 Cluster
        • How to Install DIVOC
        • How to Install DIVOC for V3.0
        • Backup & Restore: Postgres, Clickhouse, Kafka, & Redis
        • Infrastructure Recovery
        • Server Hardening
    • Verifiable Credential (VC): Production Deployment
    • Configuration
      • Configuring the Certification and Verification Component
        • Generating Signed Key Pairs
        • Configuring certificates
          • Step 1: Create a certification generation request
          • Step 2: Configure the QR code content
          • Step 3: Configure the certificate template
        • How to set up the verification portal for implementation
        • How to configure the update certificate API
        • Configuring Environment Variables in 2.0
      • Configuration Management Via ETCD
        • Adding a New Vaccine and ICD-11 Mapping
          • Adding a New Vaccine and ICD-11 Mapping Using ETCD CLI
        • PDF Template Change for Vaccine Certificates
          • PDF Template Change for Vaccine Certificates via ETCD CLI
        • EU Vaccine Configurations
          • Adding a New Vaccine and its Mapping via ETCD CLI
        • Payload Changes in the QR Code
          • Payload Changes in the QR Code via ETCD CLI
    • Performance Report
  • Products
    • Issuing COVID-19 Vaccination Certificates in India
    • Issuing COVID-19 Test Reports in India
    • Issuing COVID-19 Vaccination Certificates in Sri Lanka
    • Issuing COVID-19 Vaccination Certificates in the Philippines
    • Issuing COVID-19 Vaccination Certificates in Jamaica
      • Troubleshooting
    • Issuing COVID-19 Vaccination Certificates in Indonesia
    • Open Events
      • Past Events
      • DIVOC in the Media
  • DIVOC Demo
    • Program Setup (Via Orchestration Module)
    • Facility App
    • Issue and Verify Certificates
    • Citizen Portal
    • Feedback
    • Analytics
  • Community
    • Roadmap
    • Partner Support
      • Terms and Conditions of Using the DIVOC Site
      • Privacy Policy: Short Version for Display
      • Privacy Policy: Detailed
      • Platform Policy Guidelines
      • Privacy Policy Recommendations
      • Troubleshooting Guide
    • Source Code
    • Discussion Forum
    • Issues
    • Project Repo
Powered by GitBook
On this page
  • For verifying authorities
  • Offline verification:
  • Online verification:
  1. Platform
  2. DIVOC's Verifiable Certificate Features 2.0

Verifying a DIVOC Certificate

The verification component of the DIVOC certificate service checks for two things:

  1. An issued certificate is valid (that is, the document is currently ‘live’ and is not a revoked document).

  2. The document is authentic (that is, the document has not been tampered with).

For verifying authorities

Offline verification:

DIVOC supports offline verification of the QR code-based digital certificates to support verification of certificates in connectivity restricted regions and make it more user-friendly.

The QR code can be verified by third-party authorised verifier applications to enable domestic and cross-border verification of DIVOC-issued certificates.

Use the following steps to verify a DIVOC certificate:

  1. Scan to detect the QR code.

  2. The verification component uses the QR code reader libraries to read the contents of the QR code embedded in the certificate.

  3. Once the QR code is detected by the camera, it reads the binary data encoded in the QR code. (the binary data will be in zipped format).

  4. The decompressed Json in the QR code is authenticated using a signing method mentioned in the proof section of the QR code content

  5. After unzipping it, you will get a certificate.json file (certificate.json will have the signed, json-ld formatted VaccineCertificate).

  6. Json-ld signature will be verified against the public key that is issued by the issuing authority.

  7. On successful verification, the revoked API is called to check if a certificate has been revoked or not.

  8. Once the signature and revocation are verified, the success screen is shown with beneficiary and vaccine details.

  9. Since it is offline verification, the verifier will need to download the CRL within the verifier application. The verification service will also go through the CRL and check for the certificate's revoked status.

  10. Please note: In addition to supporting verification by third-party verifiers, DIVOC also provides a verification portal. The portal works on a web browser as well as on a mobile phone browser, and it can be also used by verifying authorities to verify DIVOC-certificates in an “offline” capacity.

Online verification:

  • DIVOC provides a public portal that allows verifiers (including self-verification by beneficiaries) to verify certificates.

Next,

  • Scan the QR code.

  • On successful verification, certificate details will be shown on the screen.

  • On unsuccessful verification (unauthenticated/fraudulent certificates), the message will be shown as “Certificate Invalid.”

PreviousRevoking a DIVOC CertificateNextDIVOC's Native COVID-19 Certificate Specification

Last updated 2 years ago

Certificates can be scanned and verified on the following URL: and clicking on “Verify.”

All content on this page by is licensed under a .

https://demo-divoc.egov.org.in/
eGov Foundation
Creative Commons Attribution 4.0 International License
Creative Commons License