Digital Conformity Credential (DCC)
A DCC attests to a conformity assessment — a certification, test result, audit finding, or other evaluation performed by a qualified body.
DCC issuance through the DPP Kit UI is under active development. This page describes the planned functionality and data model.
What DCCs Represent
DCCs answer the question: "Has this product or facility been independently verified?"
Examples:
- ISO 14001 Environmental Management certification
- Organic certification from an accredited body
- Lab test results for chemical composition
- Supply chain audit findings
DCC Data Model
| Field | Description |
|---|---|
| Assessment Name | Human-readable name (e.g., "ISO 14001 Certification") |
| Assessment Type | Category of assessment (certification, testing, inspection, audit) |
| Conformity Topic | What the assessment covers (environment, quality, safety, etc.) |
| Assessor | The organization performing the assessment |
| Subject | The product or facility being assessed |
| Result | Pass/fail/conditional |
| Valid From / To | Assessment validity period |
How DCCs Link to Products
DCCs reference products through the signed credential's conformityClaim JSON array. This means:
- The relationship is embedded in the signed credential itself
- No separate database junction table is needed
- The link is cryptographically sealed — it can't be altered after signing
When viewing a DPP, any associated DCCs are displayed alongside it.
Identifiers
DCCs use GTIN-14 identifiers, following the same scheme as DPPs. The identifier represents the conformity credential itself.
External DCCs
Organizations can also ingest DCCs from external sources:
- A DCC issued by an external conformity body
- Imported via URL reference
- Marked with
is_external: trueandsource_urlpointing to the original - External DCCs don't count against your tier's credential limits
Encrypted DCCs
Some conformity information may be sensitive. DCCs support encrypted variants:
- A public version with summary information
- An encrypted version with full details, accessible only with the decryption key
- Both versions are linked via
encrypted_link_urlandencrypted_link_name