This article has been adapted from the full research report, Blockchain for Education: Lifelong Learning Passport published in: W. Prinz & P. Hoschka (Eds.), Proceedings of the 1st ERCIM Blockchain Workshop 2018, Reports of the European Society for Socially Embedded Technologies, 2018.
Visit also the Blockchain for Education Webpage.
Certificates play an important role in education and in professional development in companies. Individual learning records become essential for people’s professional careers. It is therefore important that these records are stored in long-term available and tamper-proof ledgers. A blockchain records transactions in a verifiable and permanent way; therefore it is very suitable for storing fingerprints of certificates or other educational items. Blockchain reveals forgery of certificates and it supports learning histories. This article presents the Blockchain for Education platform as a practical solution for issuing, validating, and sharing of certificates
Paper vs. digital certificates
In education, certificates confirm the achievement of certain learning outcomes and continue to be mostly issued on paper or other physical formats. Paper certificates with built-in security features are difficult to forge. In addition, recipients can easily store paper certificates or can show them to any person and for any purpose. However, there are some disadvantages, such as the mainly manual activity for third parties to verify the certificate, or the need for certification authorities to maintain a registry or database for certificates for a long period of time. 
An alternative to paper certificates are digital certificates that are cryptographically signed. Compared to paper certificates, exchange and use of such digital certificates is simplified. However, more effort is needed to secure the registry for certificates and an open standard for digital signatures has to be used; otherwise the global verification of digital certificates is not possible.
In particular, in the area of educational certificates, there exists the serious problem of fake degrees. Ezell and Bear report about fraudulent practices and the billion-dollar industry behind it . Hence, blockchain technology seems ideal to solve many of the problems of current paper or digital certificates and fake degrees.
Blockchain as tamper-proof solution for educational certificates
In the context of education and certification, blockchain technology supports protection against counterfeit certificates, easy verification of certificates even if the certification authority no longer exists, and automation of monitoring processes for certificates with a time-limited validity. When we look at certification processes from a blockchain perspective, we identify three main tasks. Firstly, identities of certification authorities have to be created and maintained. Secondly, these certification authorities have to issue certificates to learners. The third main task is the verification of certificates by employers, for example. These three tasks have to be supported adequately by a blockchain-based infrastructure including the sharing of certificates by learners.
The Blockchain for Education platform aims to support counterfeit protection as well as secure access and secure management of certificates according to the needs of learners, companies, educational institutions, and certification authorities.
Developing a Minimal Viable Product for Blockchain in Education
Several workshops and meetings with our application partners, educational institutions, and two personnel certification authorities were performed to elicit the requirements for our system and to derive the minimal viable product. Starting from the requirements, we conceptualized for each user group features for the minimal viable product.
Features for Certification Authorities
The import of data and examination results from legacy systems is a first important feature for certification authorities. After importing the data, certification authorities can browse the generated certificates. In addition, certification authorities need means to search for learners or to gain an overview of learners and their examination results according to learning courses. The overview enables certification authorities to print all certificates of a learning course at once. The second main feature for certification authorities is signing of certificates and storing them in the blockchain. Both actions are easily carried out simultaneously for all the learners in the previously mentioned overview.
Acknowledgement of validity and authenticity of a certain certificate is a further feature for all user groups of the minimal viable product. Furthermore, certification authorities need a means to revoke certificates. This could be necessary when plagiarism has been detected or misconduct of the certified learner was proven. Usually revocation occurs mainly for certificates with time-limited validity when the necessary actions have not been taken.
Features for Learners
At present, learners mostly receive paper certificates with built-in security features. Learners send or email copies or certified copies, sometimes digitized (scanned), to prospective employers. Hence, the importing of certificates and creation of an application portfolio is a major feature for the minimal viable product. Furthermore, learners need means to manage application portfolios as well as means for sharing them.
After sharing application portfolios, learners are supported with information about the employer’s activities on their certificates such as reading or verifying, i.e. notifications for learners are a further feature of the minimal viable product. Similarly, monitoring of certificates with a time-limited validity support learners and is an additional feature of the minimal viable product. Note that monitoring is also relevant for certification authorities but implies different actions. Certification authorities could remind learners and revoke certificates, if the conditions for renewal are not met.
Features for Employers
Currently, employers only receive copies, sometimes notarized, of the learner’s paper certificates. In the first case, employers can prove the validity of the copies only by asking the issuing organization for the authenticity and validity of the certificate. This is a time-consuming and expensive process. Therefore, reading and verifying certificates is an important feature of the minimal viable product.
The derived features for certification authorities, learners, and employers have been exploited to develop the conceptual system architecture. This process was supported by the use case canvas for blockchain described in  and the engineering framework presented in .
Conceptual System Architecture
An overview of the prototype architecture is shown in Figure 1. It comprises the blockchain, including smart contracts, a public storage system holding profile information of certification authorities, a document management system managing the actual payload of certificates tracked by the blockchain, and the parties involved in the system, namely accreditation and certification authorities, certifiers, learners, and employers. In the prototype implementation, only the document management system is a centralized system component.
Bootstrapping the Platform
Initially, two smart contracts are submitted to the blockchain by the accreditation authority (1). The first smart contract (IdentityMgmt) supports management of identities in the Blockchain for Education platform and the second one (CertMgmt) manages the lifecycle of certificates issued over the blockchain. Once the contracts are deployed (2a), it is the accreditation authority’s task to register the public keys of certification authorities as the legitimate issuer of certifiers in the IdentityMgmt contract (3a) and to submit public and non-personal profile information to the public storage (2b). It is important to note that the profile information is read-only and publicly readable, i.e. it is not subject to the access control mechanisms of the IdentityMgmt contract. It merely holds long-term profiles of certification authorities, such as their name and country, but does not include any personal information of certifiers or even learners.
Figure 1: Conceptual Architecture © Fraunhofer FIT
Registered certification authorities then add the public keys of certifiers to the registry of the IdentityMgmt contract (3b) and thereby delegate the right to issue certificates. That is, a holder of a private certifier key will typically be an employee of a certification authority who is entitled to issue certificates and signs them in the name of the certification authority.
The certifier collects all information that a certificate consists of. The dataset comprises qualification or title, name and address of the certification authority, name of the certifier, name of the learner, and the date. Then the certificate is signed by the certifier and stored on the document management system (4a) and its fingerprint is written into the blockchain (4b).
Creation and management of application portfolios
Learners are supported in the creation and management of application portfolios by a service of the document management system. Firstly, the learner has to register with the document management system. Then, a service for the flexible creation of application portfolios supports the learner (5). Completed application portfolios can be shared with potential employers who can verify the validity of these certificates.
A service of the minimal viable product supports employers, for example, in verifying single certificates or all certificates of an application portfolio (6a, 6b).
Implementation of the Blockchain for Education Prototype
We implemented a prototype of the Blockchain for Education platform based on the Ethereum blockchain. Two smart contracts written in Solidity codify access control mechanisms (IdentityMgmt) and manage certificate records (CertMgmt) stored in the blockchain. The Interplanetary Filesystem (IPFS) is used as a public distributed read-only storage for profile information of certification authorities. Finally, the BSCW document management system stores and validates certificates.
Identity Hierarchy and Rights Delegation
Identities in Blockchain for Education are managed in a hierarchy. On top is a set of accreditation authorities who are entitled to approve certification authorities. For instance, members of the European Co-operation for Accreditation could comprise the set of accreditation authorities in the Blockchain for Education platform. In Figure 2, we summarize the whole set of accreditation authorities to a single authority for the sake of simplicity and to reflect the current prototype setup. An accreditation authority is the owner of the smart contracts of an instance of the Blockchain for Education platform. It creates the initial smart contracts on the Ethereum blockchain. The IdentityMgmt contract allows accreditation authorities to create, update, and remove certification authorities.
Certification authorities reside one level below accreditation authorities in the identity hierarchy. They are identified by their Ethereum address, which is derived from a cryptographic hash of their public keys. The address of a certification authority is mapped to its profile information stored on IPFS. Certification authorities cannot issue certificates themselves. They can only entitle employees to do so by delegating the respective right to them. To do so, a certification authority calls up the respective function of the IdentityMgmt contract and enters the Ethereum address of its certifier. The smart contract ensures that only accredited certification authorities may delegate the right and automatically assigns the certifier to the delegating certification authority. Just as the right to issue certificates can be issued at any time to any certifier, it can also be revoked by the certification authority. This deauthorization could, for example, occur if a certifier leaves a certification authority or should otherwise lose the right to issue further certificates.
Figure 2: Identity hierarchy © Fraunhofer FIT
Certifiers cannot delegate their rights further and cannot manipulate the access permissions. The role of certifiers is limited to the management of certificate records on the blockchain.
Certifiers can create, revoke, and delete references to certificates stored in the Blockchain for Education platform. This is implemented in the smart contract CertMgmt.
The accreditation authority instantiates the CertMgmt contract together with the IdentityMgmt contract. The CertMgmt contract requires the address of the IdentityMgmt contract to enforce access control. Any manipulative operation on the CertMgmt contract, such as adding a certificate, requires that the caller is a registered certifier of an accredited certification authority. Everyone can retrieve certificate records given the address of the CertMgmt contract and a hash of the certificate.
The CertMgmt contract uses certificate records to store certificate information in the blockchain. Currently, this information consists of the SHA256 hash of the certificate, the starting and expiration date, and a status field (onHold) to indicate if a certificate is on hold. Dates are represented as UNIX timestamps and, for future proofing, are stored as 256-bit unsigned integers. Similarly, the onHold status field stores a UNIX timestamp if a certificate is on hold. Thus, one can check when the onHold status was set for a certificate.
IPFS as a Public Tamper-Proof Read-Only Profile Storage
On the Ethereum blockchain, entities such as accreditation authority, certification authorities, and certifiers are identified by their Ethereum addresses, i.e. a hash of their public keys. This provides anonymity and protects personal information, especially of the certifiers, as it is not easily possible to correlate an Ethereum address to a real person.
Certification authorities, however, must provide identifiable profile information to allow anybody who is verifying a certificate to verify the certification authority as well. Without this profile information, certifications would remain completely anonymous and would consequently not be suited to the purpose of building a well-reputed track record for a learner. Therefore, every certification authority must provide an IPFS address where interested parties can look up the profile.
This is not only a requirement resulting from the European General Data Protection Regulation (GDPR), which objects to any undeletable storage of personal information in a blockchain, but is also an important feature for certification authorities who do not want to reveal personal information of their employees to competing authorities. In addition, actual storage on the blockchain is comparatively expensive. Therefore, profiles of certificate authorities are stored on the IPFS.
IPFS provides tamper-proof, secure, and distributed storage. The massively distributed block storage system handles entries by their hashes stored as a Merkle tree. The specifics of IPFS are abstracted away by numerous clients for different programing languages that allow client programs to access IPFS as they would any other block storage. Whenever an accreditation authority registers a new certification authority, it will first write the certification authority’s profile information into IPFS and then submit the certification authority’s public key and the IPFS address to the IdentityMgmt’s registry. Afterwards, both the Ethereum transaction and the IPFS block with the profile information are synchronized across all nodes in the network. It is thus the accreditation authority’s responsibility to ensure that it does not register fake profiles and that it validates profile information of certificate authorities before they are added to the blockchain.
The use of IPFS in the Blockchain for Education platform provides two advantages. First, no personal data is stored on the blockchain while providing proof of authenticity resulting from the immutable IPFS addresses. This allows the use of Blockchain for Education in fulfillment of data protection laws. For example, the GDPR would in general object to any undeletable storage of personal information in a blockchain. Second, storing the profile information of certification authorities externally in an immutable way saves storage on the blockchain.
Use cases for blockchain-based certification
The Blockchain for Education platform enables tamper-proof archiving of certificates and their correct and permanent allocation to learners, as well as verification of certificates. In addition, three different scenarios are mainly supported. In the first scenario, a learner is interested in creating an application portfolio that contains selected certificates. The underlying groupware BSCW allows the creation of application portfolios. The learner adds the documents necessary for the application to the respective portfolio and shares it with a potential employer. The employer can then verify the contained certificates by using the platform’s verification service or other verification services that could cope with our extended Open Badges and that could call up the specified smart contract.
In a second scenario, a learner has successfully passed an examination for a basic course on usability engineering. Later, the learner takes an additional qualification course on interaction and information design. After successfully passing this course, the learner automatically receives the qualification of senior usability engineer. A smart contract is used to determine this new qualification. In a third scenario, a self-employed person presents master craftsman in the area of high quality fitting as a professional qualification on the Web. Potential customers can verify the validity of the qualification as well as the issuing certification authority using a verification service.
The authors would like to thank all members of the Blockchain for Education project team for their support. We also gratefully acknowledge the insights from external application partners, educational institutions and certification authorities.
1. Alexander Grech and Anthony F. Camilleri. 2017. Blockchain in Education. No. JRC108255. Joint Research Centre (Seville site).
2. Allen Ezell and John Bear. 2005. Degree mills: The billion-dollar industry that has sold over a million fake diplomas. Pyr Books.
3. Sandra Klein, Wolfgang Prinz, and Wolfgang Gräther. 2018. A Use Case Identification Framework and Use Case Canvas for identifying and exploring relevant Blockchain opportunities.
4. Thomas Osterland and Thomas Rose. 2018. Engineering Sustainable Blockchain Applications.
Please note: The opinions expressed in Industry Insights published by dotmagazine are the author’s own and do not reflect the view of the publisher, eco – Association of the Internet Industry.