Trust you can verify, not just claim
Skippy is built so a credential proves its own integrity. Here is how we keep issuance and verification trustworthy — and how we handle your data.
How credentials stay trustworthy
Cryptographically tamper-evident
Every credential is cryptographically signed. Any change after issuance is instantly detectable on verification — there is no "trust us", the maths proves it.
Revocation & expiry
Issuers can suspend, revoke, or expire a credential at any time. Verifiers check status at the moment of verification, so a withdrawn credential fails cleanly.
Privacy-preserving verification
Verification confirms a credential is genuine without Skippy holding the holder’s personal data. The holder controls what they share, and with whom.
Built on open standards
Open standards mean no lock-in: credentials you issue with Skippy can be verified by anyone, with any conformant tooling.
W3C Verifiable Credentials
Implements the W3C Verifiable Credentials data model — portable, interoperable credentials.
OpenID4VC
Implements OpenID for Verifiable Credentials, so credentials work with any conformant wallet.
Decentralised Identifiers (DIDs)
Uses DIDs for issuer identity, so verification does not depend on a single central directory.
Platform security practices
Encryption in transit & at rest
Traffic is served over TLS; data is encrypted at rest. Signing keys are protected and never exposed to clients.
Least-privilege access
Internal access to systems and data follows least-privilege principles, with credentials scoped to what each role needs.
Audit logging
Issuance, verification, and revocation events are logged automatically, giving you a defensible record for compliance and review.
Data residency
Data is processed in secure data centres in the US and EU. See our Privacy Policy for how international transfers are safeguarded.
We're early-stage and building toward formal certifications. If your team needs specific assurances or documentation for a pilot, ask us — we'll be straight with you about where we are.
Responsible disclosure
Found a security issue? Please email contact@skippy.id with the details. We'll acknowledge your report and keep you updated as we investigate.