Status Service

Credential revocation is one of the hardest problems in digital identity. Revoke too slowly and compromised credentials remain in circulation; reveal too much during status checks and you create a surveillance vector that tracks every time a holder presents a credential. The BaseID Status Service solves both sides of this equation by combining the W3C StatusList2021 bitstring approach with an infrastructure layer optimized for real-time, privacy-preserving queries at scale.

When an issuer revokes or suspends a credential, the change is written to a compact bitstring status list and propagated to edge caches within seconds. Verifiers fetch the status list rather than querying individual credential identifiers, which means the service cannot determine which specific credential a verifier is checking. This architectural choice provides herd privacy by design: every status check looks the same at the network level, eliminating the correlation attacks that plague naive revocation schemes.

The Status Service is currently in beta and integrates directly with credentials issued through the BaseID Managed Services Platform. It supports both revocation and suspension semantics, allowing issuers to temporarily disable a credential and later reinstate it without reissuance. For organizations operating under Canadian privacy legislation, the service’s privacy-by-design architecture provides a defensible position when regulators ask how credential status verification protects the personal information of holders.