Trust architecture Platform How it works neuralai.mt Contact us
Verifiable credentials · powered by Neural AI

Certificates that verify themselves

Neural VCP replaces forgeable PDF certificates with tamper-proof, ledger-anchored digital credentials. Built for ministries, universities and awarding bodies who need every certificate to stay provable — for life, wherever it travels.

W3C Verifiable Credentials · eIDAS 2.0 · EUDI Wallet · EDC for Learning
Bachelor of Science (Honours), ICT
University of Malta
Cryptographically verified — issuer identity confirmed
HolderElena Vassallo
IssuedNov 2025
Expires
ClassificationFirst Class Honours
Proofdid:web:um.edu.mt
Hash0x7c1e…94af
1,260/s
Bulk issuance throughput
30,000 credentials in 23.7s
54ms
Verification latency, p95
against a <500ms target
30k+
Annual issuance volume
national-scale capacity
0
Personal data on-ledger
GDPR-safe by design
See it in action

One platform, four vantage points

01 — PUBLIC VERIFICATION PORTAL

Verification anyone can run, in seconds

Scan the QR code or type in the verification code — no account required. The portal checks the cryptographic signature, the integrity hash and the live status, then shows exactly what was attested, by whom, and when.

Neural VCP public verification portal showing a Secondary Education Certificate confirmed as valid, with full trust-registry details
02 — REGISTRY OPERATIONS DASHBOARD

Issuance and verification, at a glance

Track issuance volumes, verification activity and SLA usage in one view — alongside a live registry-integrity check that proves the entire trust chain is intact every time someone looks at it.

Neural VCP staff dashboard showing issuance totals, a registry integrity chain check, an issuance chart and live verification activity
03 — CREDENTIAL LIFECYCLE MANAGEMENT

Every credential, fully accountable

Each certificate carries its complete trust-registry history, a printable QR verification page, certificate PDF and SD-JWT exports — plus one-click lifecycle actions that always require an audited reason.

Neural VCP credential detail view for a Secondary Education Certificate, with trust-registry history, QR code and export actions
04 — REPORTING & SLA METERING

Compliance reporting that reconciles itself

See SLA usage against the annual allowance, issuance trends by month and per-institution breakdowns — then export a one-click compliance report that's reconciled against the ledger.

Neural VCP reports view showing SLA usage metering, an issuance-by-month chart and compliance report export options
Trust architecture

Four layers behind every unforgeable certificate

Neural VCP keeps what a credential says separate from how it's trusted. Personal data never touches the ledger — instead, a tamper-evident trust registry anchors every credential's authenticity and status, checkable by anyone, indefinitely.

01 · Ledger-anchored trust registry

A record nobody can quietly edit

Every issuance, suspension, revocation and reissue is written to an append-only, hash-chained trust registry, designed to sync onto a permissioned Hyperledger Fabric ledger. Any retroactive edit, deletion or relink is immediately detectable — verifiers confirm authenticity on their own, without ever contacting the issuer.

  • Append-only, hash-chained anchor for every lifecycle event
  • Chain verification proves the registry has never been altered
  • Blockchain-sync-ready, built for permissioned Hyperledger Fabric
  • No personal data at the trust layer — salted hashes, IDs and status only
02 · Standards-native credentials

Verifiable across the EU, for life

Certificates are issued as W3C Verifiable Credentials, signed with Ed25519 over canonicalised JSON, and aligned to eIDAS 2.0, the EUDI Wallet and the European Digital Credentials for Learning framework — so a credential issued today stays verifiable across Europe for the holder's lifetime.

  • W3C Verifiable Credentials with Ed25519 signatures (eddsa-jcs-2022)
  • Aligned to eIDAS 2.0, the EUDI Wallet and EDC for Learning
  • Dual output: human-readable certificate PDF plus machine-readable VC
  • Published issuer trust list for independent key verification
03 · Instant public verification

Trust, confirmed in under a second

Employers, universities and authorities can verify any certificate — by QR code, verification code, URL or REST API — free of charge and without registering. Every check validates the integrity hash, the issuer's signature and the live lifecycle status against the trust registry.

  • QR code, short code, URL and API verification paths
  • Checks signature, integrity hash, status and validity window
  • Sub-second responses — p95 of 54ms under concurrent load
  • Every verification logged for analytics and audit
04 · Full lifecycle control

Living records, not static files

Suspend, reinstate or revoke a credential with a mandatory reason, or revoke-and-reissue a corrected certificate with a two-way supersession link — every action anchored to the registry and visible to verifiers in real time.

  • Suspend, reinstate or revoke — always with an audited reason
  • Revoke-and-reissue with linked supersession history
  • Template-driven validity windows and expiry
  • Hash-chained audit log of every administrative action
Platform capabilities

Everything a national-scale credentialing operation needs

Beyond the trust layer, Neural VCP is a complete operational platform — bulk issuance, holder self-service, institutional governance, integrations, reporting and defence-grade security.

Bulk & API issuance

Template-based single issuance, CSV batches with row-level error isolation — proven at 30,000 credentials per batch — and REST API issuance from student-information systems.

Holder self-service portal

Students and staff view, print and download their credentials, and share them via expiring, view-limited links with selective disclosure — web, mobile and EUDI Wallet ready.

Multi-institution issuing

Ministries, universities and colleges each operate with their own signing keys, templates and staff. Suspending an organisation blocks issuance across the network instantly.

RBAC, MFA & key management

A six-role capability matrix, TOTP two-factor authentication, account lockout and issuer key rotation — retired keys still verify past credentials, compromised keys are hard-refused.

REST API & webhooks

Scoped API keys for verify, issue, revoke and reporting, plus HMAC-signed webhooks with retry — pre-wired for student-information and HR system integrations.

GDPR by design

No personal data at the trust layer. Subject export (Art. 15/20) and right-to-erasure (Art. 17) are built in — data is erased while proof-of-issuance hashes remain valid.

Reporting & SLA analytics

Dashboards for issuance and verification volumes, per-institution and per-template breakdowns, SLA usage metering, and CSV/JSON compliance exports.

Tamper-evident audit

A second hash-chained log records every administrative and security action, browsable in the portal and reconcilable against the trust registry.

Pseudonymous identity binding

Credentials bind to holders through salted HMACs of the national eID number — strong subject binding with no raw identifiers stored in the credential itself.

Hardened security posture

Strict CSP, CSRF protection, rate limiting, encrypted keys at rest (HSM-ready), hashed session and API tokens, and defence-grade engineering throughout.

Multilingual & accessible

English and Maltese across every public and certificate surface, with semantic, keyboard-first, WCAG-conscious interfaces.

Sovereign deployment

Cloud-native and containerised for government cloud hosting, with high availability and disaster recovery built for national-scale public infrastructure.

How it works

From results day to a lifetime of proof

Template

Define credential templates — degrees, certificates, transcripts, warrants — with schemas, validity rules and signing keys per institution.

Issue

Issue one at a time, in bulk from a CSV, or via API straight from your student-information system. Every credential is signed and anchored to the trust registry.

Hold & share

Holders access their credentials through the self-service portal — print with a QR code, download the signed credential, or share selectively via an expiring link.

Verify

Employers and institutions verify instantly and for free — signature, integrity and live status checked against the registry, with every check logged.

Built for

Issuers whose certificates can't afford doubt

Neural VCP is built for issuers whose documents carry lifelong value — and lifelong exposure to fraud.

Ministries of Education

National-scale issuance of state examination certificates, teacher warrants and qualifications — 30,000+ credentials a year, fully audited.

Universities & higher education

Degrees, diplomas and transcripts issued as verifiable credentials, instantly checkable by employers and admissions offices worldwide.

Vocational & further education

Course completions, skill cards and trade certifications, with template-driven expiry and renewal workflows.

Professional & awarding bodies

Licences, warrants and professional registrations, with real-time suspension and revocation visible to every verifier.

Training providers

High-volume certificates for short courses and CPD programmes, issued in bulk and shared by holders in one click.

Government registries

Any registry issuing attestations that citizens must prove elsewhere — built on the same pattern as Malta's national Fabric platforms.

Ready when you are

Ready to make your certificates unforgeable?

Book a walkthrough using your own certificate templates, and see how Neural VCP fits your identity, hosting and compliance requirements.