Yes, our digital wallet is designed to be intuitive and accessible. The interface has been optimized so that any user can manage their digital self in an intuitive and secure way, including digital credentials; authentication based on QRs and NFC; payment of fines and services; and redemption of benefits and coupons, among other functionalities.

Yes, Blerify Wallet is available as an application for mobile devices on iOS and Android. The mobile app allows users to store their data, credentials and cryptographic keys securely on their cell phone. This model finally enables a user-centered identity, where the user can have control of their digital self.

If you change devices, you can restore your credentials through our recovery process. Blerify Wallet allows you to make backup copies in the cloud that are encrypted with a key that you establish and that only with that key can be recovered from a new cell phone.

Yes, you can sync your profile across multiple devices as long as you register and verify them beforehand. If one of your devices is stolen or lost, you can perform an "identity migration" process that allows you to unlink all your data and value from the Blerify Wallet on the compromised device, keeping it only on the new device.

Yes, you can log in to a device temporarily and then delete your profile when you no longer need it. Once deleted, no trace of your identity will remain on that device, ensuring your information stays private.

Yes, Blerify stores your credentials securely on your device, allowing you to use them without an internet connection. This is particularly useful for presentations in areas with no coverage or in airports, government offices, and events where connectivity may be limited.

Blerify uses blockchain for purposes of integrity, verifiability and transferability.

• We use blockchain to guarantee the integrity and verifiability of digital credentials without compromising user privacy. Unlike other solutions that store personal data on the blockchain, which can create risks of exposure, Blerify records only cryptographic fingerprints (hashes) of the credentials. This means that no sensitive information is publicly exposed, but it is still verifiable by any entity or person, whether or not they have Blerify. These fingerprints also serve as cryptographic time stamps, which serve to ensure that a credential has not been altered since its issuance. For example, if a university issues a digital diploma in January 2025, the time stamp allows verification that the diploma has not been modified in the future, ensuring its authenticity. We also record on the blockchain the status changes of credentials (for example, to revoked status).
• We use blockchain to guarantee the verifiability of the issuers of credentials, using public lists of verified on-chain issuers that can be easily resolved.
• We use blockchain for the transferability of coupons or vouchers that represent value, in the form of tokens.
• We use blockchain for the transferability or migration of identities, allowing people with lost, stolen or compromised devices to migrate their keys and their value under the same original identifier, leaving the corrupted device without access to the identity.

If your phone is stolen, your information in Blerify remains protected thanks to our multiple layers of security. Here’s how to prevent unauthorized access, revoke compromised credentials, and start the recovery process:

1. Biometric and PIN Protection: To access the Blerify Wallet, the device must be unlocked using biometrics (fingerprint or facial recognition) or a secure PIN. Even if someone has your phone, they cannot access your credentials without these authentication methods.
2. Device Data Encryption: All credentials stored in the wallet are encrypted with advanced algorithms, preventing access without the decryption key.
3. Cloud Backups: Cloud backups are protected by a secret key chosen by the user, ensuring that even if an attacker accesses the cloud, they cannot decrypt the data.
4. Notification to the Issuing Entity: If your credential was issued by an institution (e.g., a university or company), you can notify them to take additional measures, such as revoking or reissuing the credential.
5. Remote Credential Revocation and Logout from Compromised Devices: From another trusted device, you can revoke specific credentials that may be compromised and unlink the stolen phone by performing an "identity migration." This ensures that even if an attacker gains access to your device, the revoked credentials cannot be used, and the assets or value cannot be controlled.
6. Identity Recovery: If you need to restore your wallet on a new device, simply install Blerify Wallet and follow the restoration process with your encrypted backup. If you do not have access to a backup, you will need to complete an identity verification process (KYC).
7. Secure Identity Migration and Recovery on a New Device: If any of your devices have been compromised, such as through loss or theft, you must perform an "identity migration" from a non-compromised device. In this process, all old public keys are replaced with new ones, ensuring only the new device has access.
8. Periodic Recovery Key Confirmation: To prevent users from forgetting their encryption key, Blerify periodically requests confirmation within the wallet. We are also exploring the use of biometrics to encrypt backups and further enhance security.

By following these steps, we ensure that your personal information and digital credentials remain secure even in the event of device loss or theft.

Yes, thanks to our verifiable credentials and decentralized authentication, Blerify eliminates the possibility of a third party falsifying your identity. Each digital credential is cryptographically signed by its original issuer and by you when presenting it to a third party, meaning it cannot be altered or replicated without detection.

A critical issue in biometric-based identity verification is that traditional systems can be vulnerable to artificial intelligence (AI) attacks. Advanced algorithms, such as FaceShifter, have been shown to evade "liveness" checks in over 95% of attempts since 2022. This means cybercriminals can use hyper-realistic deepfakes to deceive traditional biometric systems, facilitating identity theft and unauthorized access to accounts and services. Blerify solves this problem by eliminating the need to share biometric data openly on the web, instead implementing verifiable digital credentials that only require cryptographic authentication. This means that even if an attacker manages to fake a biometric image or video, they cannot generate a legitimate credential without the cryptographic key issued by the original verifying entity.

Blerify's digital credentials are stored exclusively in the user's digital wallet, meaning only the owner has access to them. Depending on the configuration, data can be stored in the following ways:

1. Local Storage on the Device: Information is stored encrypted on the user's phone, ensuring it can only be accessed through biometric or PIN authentication.
2. Backup in the User's Personal Cloud: To avoid losing credentials in case of device change or loss, the user can opt to store an encrypted copy in their personal cloud (Google Drive, iCloud, or other compatible options).
3. Record at the Issuing Entity: The credential issuer generally maintains an encrypted record of issued documents in their own infrastructure or a secure cloud.

Unlike other solutions, Blerify does not store personal information on centralized servers or blockchain, avoiding exposure risks and ensuring user privacy.

Blerify facilitates the use of zero-knowledge proofs (ZKPs) to allow third parties to verify certain attributes of a user's credentials without the user having to reveal the complete information. This technology is activated if the verifier enables it at their Point of Verification (POV). For example, if you need to prove that you are of legal age to access a service, instead of sharing your full date of birth, Blerify allows you to generate a cryptographic proof that only confirms whether you meet the requirement without revealing any other data. This mechanism enhances user privacy by ensuring that only the strictly necessary information is shared for each verification, without exposing unnecessary personal data. This is especially useful in environments where security and confidentiality are priorities, such as identity verification processes or online authentication.

Blerify's credentials are highly programmable thanks to their integration with smart contracts and advanced cryptographic validations. Unlike other standards that focus on issuing digital badges with static metadata, Blerify's credentials can include dynamic rules such as expiration, conditional permissions, and automated revocation. This allows for greater flexibility and control for institutions and users. For example:

• An event access credential can be programmed to be valid only between certain dates and automatically expire after the event.
• A professional certification may require periodic renewals and be revoked if update requirements are not met.
• Companies can issue credentials with associated benefits, such as store discounts, that are activated only if the user meets certain criteria.

Blerify has implemented post-quantum cryptography (PQC) algorithms that protect credentials against potential quantum computing attacks. Currently, traditional encryption systems like RSA and ECC could become vulnerable in the future if a sufficiently powerful quantum computer manages to break their keys. To mitigate this risk, Blerify uses NIST-approved post-quantum algorithms, which are specifically designed to resist quantum attacks. Additionally, we implement a key rotation process, meaning users can update the cryptographic keys associated with their identity without losing information, further enhancing security.

Blerify allows companies to manage credentials through a digital platform, where they can issue, update, or revoke credentials in real time. If an employee changes roles, acquires new certifications, or leaves the company, digital credentials can be issued and revoked flexibly. Organizations can integrate Blerify with their internal systems (e.g., ERP, CRM, or HRM) using our APIs to automate these processes and ensure credentials always reflect the employee's current status.

Yes, Blerify allows configuring credentials with predefined expiration dates. This is ideal for temporary access, event passes, short-term work permits, or certifications with limited validity. Upon expiration, the credential is automatically revoked and can no longer be used, preventing unauthorized access.

Credentials can be revoked in real time from the Blerify platform. When a credential is revoked, it becomes invalid immediately, and any attempt to use it will fail during the verification process. For added security, Blerify allows manual revocation from an administrative panel or integration with identity management systems that automate the process when a user is deactivated.

Yes, Blerify allows assigning differentiated permissions to administrators, supervisors, and signers. This facilitates decentralized management within an organization without compromising system security. For example, an HR department may have permissions to configure, sign, and issue employee credentials, while the security team can only oversee them.

Yes, credentials issued with Blerify can include multiple configurable attributes, such as name, role, access level, special permissions, validity dates, and more. Each company can define what information to include based on their needs and internal policies.

Blerify offers advanced auditing and monitoring tools that allow tracking when, where, and by whom credentials have been verified. Through an administration panel, companies can generate usage reports, detect fraud attempts, and ensure regulatory compliance.

Credentials can be verified by scanning a QR code or through automated Points of Verification (POV). POVs are programmable verification rules that allow instant validation of digital credentials in different environments. There are two main types:

• Web Point of Verification: Integrated into websites to allow authentication and access without passwords or biometrics. For example, you can use a web POV to restrict access to web pages with exclusive information for accredited users, without requiring a username, password, biometrics, or multi-factor authentication.
• Mobile Point of Verification: Used in physical environments such as events, offices, or points of sale to pay and redeem a benefit on a purchase, such as a discount.

Each credential in Blerify has a unique cryptographic signature that allows its authenticity to be verified without contacting the issuing entity. POVs facilitate programmable authentication for web access, identity validation in payments, and physical access control.

Yes, Blerify allows linking credentials and specific attributes to benefits such as discounts, preferential access, or exclusive memberships. This is achieved through programmable validation rules within our platform.

Companies can configure these benefits in the following ways:

1. Benefits Based on Credential Attributes: For example, a user with a student credential can automatically receive discounts in stores, transportation, or services without needing to present additional documentation.
2. Integration with Points of Verification (POV): In an online or physical store, a Web Point of Verification can validate if the credential meets the requirements to apply a discount at checkout. Similarly, a Mobile Point of Verification can enable exclusive access or preferential rates at events and physical spaces.
3. Dynamic and Customizable Conditions: Credentials can be programmed to activate benefits only under certain conditions, such as specific dates, membership levels, or geographic locations.

Through the Blerify platform, companies can easily manage these configurations, ensuring benefits are applied automatically and verifiably in any digital or physical environment.

Blerify's credentials comply with international standards such as W3C Verifiable Credentials and OpenID4VP. This allows any entity that adopts these standards to verify credentials interoperably.

Yes, credentials can be integrated with access control systems for buildings, offices, events, and digital platforms. For example, a credential can be used to enter an office via a QR scanner or to log in to a corporate platform without a password.

Yes, Blerify allows including advanced electronic signatures in credentials, giving them legal validity in multiple jurisdictions for use cases requiring an advanced electronic signature. This is particularly useful for digital contracts, professional certifications, and official documents.

Blerify offers a complete set of APIs and SDKs that enable seamless integration with enterprise systems. Available functionalities include:

• Automated credential issuance from third-party infrastructure.
• Instant verification through secure endpoints that validate credential authenticity in real time.
• Identity management with compatibility with OpenID4VP, ISO 18013, and W3C Verifiable Credentials.
• Monitoring and auditing with detailed usage and validation logs for regulatory compliance.

If a company stops paying for Blerify's service, this does not affect users or credentials that have already been issued. Digital credentials remain verifiable and usable, as they are stored in the user's wallet and have cryptographic signatures that guarantee their authenticity without relying on Blerify's infrastructure.

Users can continue using their Blerify Wallet to manage and present their credentials without interruption. However, the company will lose access to certain key functionalities, such as:

• Issuance of New Credentials: The company will no longer be able to generate or distribute additional credentials.
• Revocation or Updating of Credentials: They will not be able to modify or revoke previously issued credentials.
• Access to Auditing and Administration Tools: The company will not be able to monitor credential usage or generate reports from the platform.

However, before losing access, the issuing entity can download an Excel file with historical data of all issued credentials, ensuring the information is stored locally. This allows the organization to maintain a record of relevant data without relying on Blerify's platform.

Previously issued credentials will remain verifiable in any system compatible with W3C Verifiable Credentials and OpenID4VP, meaning users will not lose access to their digital documents or the services where these credentials are accepted.

Blerify is designed to be compatible with international standards, such as OpenID4VP, ISO 18013, W3C Verifiable Credentials, and we follow the secure digital wallet framework under the eIDAS2 framework in Europe. This allows our credentials to be used globally without significant restrictions.

Digital credentials do not expire automatically. They will remain accessible in your wallet unless the issuing entity sets an expiration date or decides to revoke them.

We offer flexible plans based on issuance volume, verification, and the number of users. We have pay-as-you-go options and annual subscriptions to suit different needs.

We provide priority technical support, detailed documentation, and personalized assistance. Users can contact our team via chat, email, or phone.

Yes, Blerify offers month-to-month plans with no long-term commitments. You can cancel your subscription at any time and retain full access to the portal until the end of the billing period.

If you are looking for advanced security, international compatibility, and ease of use, Blerify is the best option. We invite you to schedule a demo with our team to learn how our solution can benefit your organization.