not.bot Use Cases: Credentials
This document covers verifiable credentials: marks of distinction, qualifiers, self-attested claims, and age verification. It is part of the not.bot use cases catalog; the Use Cases Index holds the full catalog and the mechanism definitions the use cases draw on.
The unifying property
The user holds credentials issued by third parties via Business DIDs and presents them to verifiers on a selective basis. The credential is a signed claim about the holder, with its own validity window, scope, and revocation rules.
Today's analog is the wallet of physical IDs and certificates, the resume that nobody verifies, and the LinkedIn profile that anyone can fill with anything. Verification services exist for narrow slices; they are slow and expensive. Most claims people make about themselves go unchecked.
The not.bot credential model gives each credential cryptographic backing while keeping privacy properties (selective disclosure, no PII surrender for routine checks) that the physical and online analogs lack.
Marks of distinction
Achievements the holder accumulates and presents for credit. Most are unverifiable claims today.
Diplomas and degrees
The issuing university signs a credential to the graduate's identity. The employer verifies without contacting the registrar. The credential survives institutional changes, mergers, and shutdowns better than centralized verification databases.
The business value: Diploma fraud costs employers and institutions billions in misallocated hiring decisions, reputational damage, and downstream liability. The centralized clearinghouse model processes tens of millions of verification requests per year, each taking days. Instant cryptographic verification replaces multi-day processes with a single check, cuts verification costs to near zero, and makes diploma mills non-viable because employers can distinguish verified credentials from fabricated ones.
Professional certifications
PMP, CFA, CISSP, AWS, Cisco, Microsoft, medical board certifications, bar admission. The certifying body issues credentials with renewal cycles and revocation paths. Continuing education hours, recertification windows, and lapsed-status flags all carry through the credential lifecycle.
The business value: Certifying bodies spend significant resources running verification hotlines and web portals. Employers spend days waiting for verification responses. Lapsed certifications go undetected for months or years. Verifiable credentials with built-in expiration and revocation automate the lifecycle, reduce the certifying body's operational cost, and give employers real-time confidence that a certification is current rather than stale.
Industry and academic awards
Pulitzers, Oscars, Grammys, industry recognitions, scholarly honors. The awarding body signs a credential to the recipient's identity. The recipient presents the credential as proof rather than as a citation.
Conference attendance
Proof-of-attendance for continuing-education credit, networking validation, and ticket transfer protection. The conference organizer signs credentials to attendees.
Course completions
Coursera, Udemy, edX, internal corporate training programs. The course provider signs completion credentials. Useful for skill-based hiring where formal degrees matter less than specific competencies.
The business value: The skills-based hiring movement is shifting employer attention from degrees to demonstrated competencies. Verifiable course completions let candidates prove specific skills without depending on the platform to keep a verification portal running forever. Employers hiring for cloud engineering, data science, or cybersecurity roles can verify claimed Coursera or AWS training credentials in one check rather than taking the candidate's word for it.
Athletic achievements
Race finish times, belt rankings in martial arts, scuba certifications, climbing certifications, sailing licenses. The certifying body signs credentials with appropriate validity windows for skills that lapse without practice.
Video-game achievements
Ranked tiers, tournament results, speedrun records, rare completions, veteran status in long-running titles. The publisher signs achievement credentials to the player's identity. The player presents them anywhere: other games, streaming profiles, tournament registrations, communities that gate entry on demonstrated skill.
The business value: Gamers spend money and thousands of hours earning achievements that today live inside one publisher's account system and die with it. Verifiable achievement credentials turn those accomplishments into portable property, and players will pay for that permanence. Publishers gain a revenue line (signed achievement credentials as a premium feature), a retention hook, and an anti-smurfing signal, since a player's verified history travels with them. Esports organizers gain instant verification of qualifying results, and the credential outlives the publisher's servers.
Military service records
Branch, rank, dates of service, decorations, MOS qualifications. The Department of Defense or its modern equivalent signs credentials to veterans. Reduces the recurring fraud surface where civilians claim military service for benefits, employment, or social capital.
The business value: Stolen valor is a persistent problem that costs both legitimate veterans (whose accomplishments get diluted) and organizations that extend benefits based on service claims. Verifiable military credentials give employers, benefit programs, and veteran-service organizations instant verification of service records. The VA alone processes millions of benefit claims per year; cryptographic verification of service status streamlines the intake process.
Loyalty program status
Frequent flyer tier, hotel elite status, retail loyalty levels. The program operator signs status credentials with validity windows that match earning periods. Status matching across programs becomes a credential exchange rather than a manual verification process.
The business value: Hotel chains and airlines spend millions per year processing manual status-match requests. A verifiable loyalty credential automates the process: the customer presents their signed status from one program, and the receiving program grants the match on the spot. Customer acquisition from competitor programs becomes frictionless, and the fraud risk from fabricated status claims drops to zero.
Qualifiers
Time-bound status checks that gate access. The privacy advantage matters most here. Today's pattern is wholesale data disclosure: verifying a credit score means surrendering the full credit report. With not.bot, the verifier asks "credit score above 700?" and gets a signed boolean. The verifier learns one bit and nothing else.
Background check status
Clean or not. The CRA signs the status without disclosing the underlying records. Employers, landlords, and platforms that run background checks today gain the screening property without the data-handling burden.
The business value: Background check vendors charge $30-$100 per check and take 3-7 business days. A portable, pre-verified status credential flips the model: the candidate runs one check and presents the result to multiple employers. Employers get faster hiring. Candidates avoid repeating the same check for each application. The CRA gains a recurring credential-refresh revenue model rather than a one-shot transaction.
Credit score brackets
Above 700, above 750, above 800. The credit bureau signs the bracket without disclosing the score or report. Lenders, landlords, and high-value transaction counterparties get the signal they need.
The business value: Apartment applications require full credit reports, exposing Social Security numbers, account details, and payment histories to every landlord and property manager in the applicant's search. A signed bracket credential (e.g., "credit score above 720") satisfies the landlord's screening need while eliminating the PII exposure that makes apartment hunting a data breach risk. Property management companies reduce their regulatory burden under the Fair Credit Reporting Act while maintaining screening quality.
Income and employment verification
Above threshold, employed at named institution, length of tenure. The employer or income verification service signs. Eliminates the wholesale disclosure of pay stubs and W-2s for routine apartment applications.
The business value: Apartment applications, mortgage pre-qualifications, and loan applications all require income verification. The current process (upload pay stubs, authorize employment verification calls) exposes detailed financial information to parties who need only a threshold answer. A signed "income above $80,000" credential satisfies the requirement without the exposure. Lenders and landlords get faster verification; applicants gain privacy.
Bondability
A surety bond company signs a credential confirming the holder is bondable for a specified amount. Useful for contractors, financial services workers, and others where bondability is a hiring or licensing requirement.
Insurance coverage
Auto, professional liability, contractor general liability, malpractice. The insurer signs proof of coverage. Verifiers confirm coverage in force without requiring policy disclosure.
The business value: Contractors spend hours per week providing proof-of-insurance to general contractors, property owners, and platforms. General contractors verify subcontractor insurance by hand for each project. A signed coverage credential automates the verification loop, reduces project onboarding timelines, and eliminates the risk of accepting expired or fraudulent certificates of insurance.
Professional license status
Medical, legal, real estate, contractor, electrician, plumber, CPA. The licensing board signs the status with validity windows. Patients, clients, and customers verify before engaging.
The business value: Patients searching for a new doctor, clients hiring an attorney, and homeowners hiring a contractor have no efficient way to verify professional licenses. State licensing board websites are inconsistent, hard to navigate, and sometimes months behind. A signed license credential gives consumers instant confidence and gives licensed professionals a competitive advantage over unlicensed operators.
Driver's license validity
State DMV signs a credential confirming valid license, class, restrictions, and endorsements without disclosing the full record.
The business value: Rental car companies, fleet managers, and ride-share platforms verify driver's licenses millions of times per year. Each verification requires manual review of a physical or photographed document. A signed credential automates the check, reduces rental counter wait times, and eliminates the PII exposure of sharing a full license with each verification party.
Security clearance levels
Confidential, Secret, Top Secret, SCI compartments. The clearing authority signs the level without disclosing the underlying investigation. Defense contractors and cleared facilities verify without running their own clearance lookups.
The business value: Cleared personnel are in constant demand across the defense and intelligence sectors. Hiring a cleared candidate today requires weeks of verification through JPAS/DISS. A portable clearance credential lets cleared professionals demonstrate their status to prospective employers on the spot, compressing hiring timelines for roles where clearance is the primary bottleneck.
Self-attested credentials
The user signs claims about themselves that no third party verifies. The signature is the value. Profile information that reaches a recipient through an intermediary, a platform database, a data broker, an aggregator, may no longer say what the user said. A signed self-attested credential settles it: the end recipient validates the signature and knows the claim reads as the user wrote it, unaltered by anything in between. The information represents the user the way the user chose to present themselves. Consistency and portability follow: the user signs once and presents to many platforms.
Avatar and bio
A consistent user-controlled identity image and description that travels across platforms. Eliminates the per-platform setup friction that often causes users to abandon profile completeness.
Pronouns
User-attested pronouns that the user signs once and presents to many platforms. The platform gets a consistent declaration; the user controls the claim and updates it once rather than per platform.
Sexual orientation
Useful in dating contexts. Signed once, presented when the user chooses. Selective disclosure means a user can present orientation to dating apps without surrendering it elsewhere.
Hobbies and interests
Cross-platform interest profiles that the user controls rather than each platform inferring through tracking. Privacy advantage and signal advantage at the same time.
Relationship status
Single, partnered, married. The user controls the claim and can update it. Useful for dating contexts and for any platform where relationship context matters.
Lifestyle claims
Vegetarian, smoker, drinker, parent, pet owner. Useful in dating, roommate matching, and community contexts.
Portable profile data
Any "about me" information the user wants to maintain across platforms without re-entering. The user gets profile portability; platforms get consistent claims that the user has signed.
The business value of self-attested credentials as a category: Services that receive user data through intermediaries inherit the intermediaries' defects: stale copies and mangled broker records that no longer match the person. A signed credential gives the end recipient proof that the profile data matches what the user wrote, which makes the data worth acting on. Portability compounds the value: users join an average of 7+ social platforms, and re-entering the same profile information on each one creates friction that reduces engagement and profile quality. Portable signed credentials let users carry their profile data to a new platform in one action, which improves the new platform's onboarding completion rate and gives the user a consistent identity across their digital life. For platforms, higher profile completion drives better matching, higher engagement, and stronger network effects.
Age verification
Age verification earns its own treatment because of regulatory tailwinds and because the mechanism leverages multiple not.bot capabilities at once.
Driving forces include KOSA, COPPA 2.0, the SCREEN Act, and the GUARD Act at the US federal level, Texas HB1181 and the parallel state laws, the state-level AI age-verification acts, the UK Online Safety Act, EU age-verification mandates, and existing alcohol, tobacco, and gambling compliance regimes. The regulatory pressure is increasing in every major market.
Existing approaches and their failure modes
Document-scanning vendors capture full identity to verify age. This violates the principle of minimal disclosure and creates breach surface.
Credit cards as a weak proxy. Cards get borrowed and prove nothing about age.
Self-attestation. Users lie.
How not.bot delivers age verification
Age claims are MPC-derived from the passport during enrollment. Julia Social never learns the user's birthdate, and Praxis (the independent escrow agent that operates the Escrow Server) does not store in in a way that can be recovered. Age credentials expire monthly and refresh through the same MPC process. As the user crosses age thresholds, new credentials get issued without either party learning when the crossing occurred.
The user presents only the threshold the verifier asks for. AgeOver18 returns a signed boolean, not a date. The verifier learns one bit. No PII transfers. No breach surface accumulates.
Each age presentation is biometric-gated and bound to a passport-verified human. A verified adult cannot pass their age proof to a child the way they can with a credit card.
The full age claim set covers AgeOver13 through AgeOver25, AgeOver100, and 5-year and 10-year range brackets. Verifiers pick the threshold appropriate to their use case.
The business value: Age verification is becoming a legal requirement in multiple jurisdictions at the same time. Companies that sell age-restricted products or host age-restricted content face a compliance obligation with no good solution today. Document-scanning vendors create data-breach liability. Credit cards don't verify age. Self-attestation satisfies no regulator. not.bot gives these companies a compliance mechanism that satisfies regulatory requirements while protecting user privacy, a combination no competing product delivers. For alcohol, tobacco, and cannabis retailers operating online, age verification is a license-to-operate requirement. For social media platforms facing KOSA and UK Online Safety Act obligations, it determines whether they can serve younger audiences at all. The company that offers compliant, private age verification captures a market that regulation is forcing into existence.