Conformity Credential

info

Please note that this content is under development and is not ready for implementation. This status message will be updated as content development progresses.

Artifacts

Are maintained at https://test.uncefact.org/vocabulary/untp/dcc/0/about

Stable Releases For Implementation

Version 1.0 stable release for production implementation is due in June 2026 after formal public review

Release for Pilot Testing

Conformity Credential version 0.6.0 release artifacts can be used for pilot testing.

• JSON-LD @context
• JSON Schema
• Sample Instance

Latest Development Version

Latest development versions are used to reflect lessons learned from pilots but should not be used for either pilot testing or production purposes.

Ontology

The ontology for the Conformity Credential is available in JSON-LD format and can be retrieved via content negotiation from:

https://test.uncefact.org/vocabulary/untp/dcc/0/

Example:

curl https://test.uncefact.org/vocabulary/untp/dcc/0/ -H 'Accept: application/ld+json'

Version History

History of releases is available from the Version history page.

Default Render Template

A UNTP conformity credential may be rendered in any format desired by the issuer. However a default Template Design is provided here and includes mapping of visual rendering elements to the Logical Data Model.

Sample Credential

URL	QR	Description
Sample Battery Performance and Safety Certificate		A sample digital conformity credential as a JWT envelope signed Verifiable Credential. The URL (or QR scan) resolved to a hosted verifier that displays a human readable version. Raw JSON data can be viewed via the JSON tab and the full credential can be downloaded via the download button.

Overview

A product passport may make various separate claims (eg emissions intensity, deforestation free, fair work, etc), each of which may be linked to a specific conformity credential As well as providing details of assessment standards used to substantiate a claim, the conformity credential may also reference an assurance credential that attests to the authority of the party to perform the specific ESG assessments.

Conformity assessment bodies (CABs) undertake assessments for the purpose of determining whether products, processes or organisations meet specified requirements. The joint UNIDO/ISO publication Building Trust - The Conformity Assessment Toolbox represents a useful resource for understanding conformity assessment and its role in international trade.

The conformity credential data model was originally developed by a separate UN/CEFACT project on digital conformity.

Conceptual Model

Requirements

The digital conformity credential (DCC) is designed to meet the following detailed requirements as well as the more general UNTP Requirements.

ID	Name	Requirement Statement	Solution Mapping
CC-01	Signed	The issuer of the CC, typically a conformity assessment body (CAB), MUST be verifiable	CC MUST be issued as a digital verifiable credential signed by the CAB
CC-02	Assurance level	The CC MUST identify the nature of assurance over the assessment process, , such as formal recognition by a Governmental authority or an Accreditation Body	Attestation.authorisation property
CC-03	Object of conformity	The CC MUST unambiguously identify the object of the conformity assessment, whether a product, facility or organisation.	ConformityAssessment.assessedProduct, ConformityAssessment.assessedFacility, ConformityAssessment.assessedOrganisation
CC-04	Reference standard or regulation	The CC MUST identify the reference standard(s) and/or regulation(s) that specify the criteria against which the conformity assessment is made. If appropriate this must include specific measurable thresholds (eg minimum tensile strength)	ConformityAssessment.referenceStandard, ConformityAssessment.referenceRegulation, ConformityAssessment.assessmentCriteria
CC-05	Conformity Attestation	The CC MUST unambiguously state whether or not the object of the assessment is conformant to the reference standard or regulation criteria	ConformityAssessment.conformance
CC-06	Measured metrics	The CC SHOULD include actual measured values (eg emissions intensity, tensile strength, etc) with the conformity assessment	ConformityAssessment.declaredValue
CC-07	Evidence	The CC MAY include references to audit-able evidence (eg instrument recordings, satellite images, etc) to support the assessment. If so then the hash of the evidence file-set SHOULD be included (so that an auditor can be sure that the evidence data has not changed). The evidence data MAY be encrypted with decryption keys provided on request	Attestation.auditableEvidence

Logical Model

The Digital Conformity Credential is an assembly of re-usable components from the UNTP core vocabulary.

Core Vocabulary

The UNTP core types vocabulary defines the uniquely identified Linked Data entities such as Product, Location, Facility, Party, Standard, Regulation, Criteria, Declaration, Attestation, Endorsement. These entities provide the building blocks for construction of Digital Product Passports and Conformity Credentials.

CC Documentation

The CC class & property definitions provide a technology-neutral definition of classes, properties and code lists in the CC model.

Implementation

Verifiable Credential

Conformity Credentials are issued as W3C Verifiable Credentials. Please refer to DPP VC Guidance for information about the use of the verifiable credentials data model for UNTP.

Conformity Attestation

The ConformityAttestation type is the root content of the credentialSubject of the DCC. It is best thought of as the digital version of the paper product or facility conformity certificate.

• The type property is mandatory and must be populated with the value ConformityAttestation, Attestation indicating the JSON-LD type of the data.
• The id MUST be a globally unique identifier (URI) for the attestation. Typically a certificate number with the CAB web domain as a prefix.
• The name property should contain a human readable text string that describes the attestation.
• assessorLevel (“what is the level of independence for the party doing the assessment?”), assessmentLevel (“what level of assurance exists for the process by which the object product/facility is being assessed?”) and attestationType (is this a test report, a certificate, or some other type?) are coded values that help to classify the type and integrity of the attestation.
• description is a human-readable explanation of the attestation being made.
• issuedToParty identifies the entity to who the conformity attestation is issued - usually the product manufacturer or facility operator.
• authorisation describes a list of accreditations that a competent authority (such as a government agency or a national accreditation authority or a trusted global standards body) has issued to the conformity assessment body that is issuing this attestation. It provides trust that the certifier is properly accredited to issue certificates.
• conformityCertificate is a Link object to the full version (eg a PDF document) of this attestation, with optional content integrity verification via digestMultibase.
• auditableEvidence is a Link object to an unstructured collection of files which provided the original evidence basis for the conformity assessments made by this DCC. The evidence files are usually commercially sensitive but are an important information source for audits.
• scope defines the conformity scheme under which this attestation is issued. A scheme is a high level framework describing the context for the entire attestation. Each individual assessment included in this attestation will usually reference more fine grained criteria within any standards or regulations that are part of the scheme.
• assessment is an array of detailed conformity assessments made about an identified product or facility - against a specific criteria contained in a standard or regulation.

 "credentialSubject": {
    "type": ["ConformityAttestation", "Attestation"],
    "id": "https://exampleCAB.com/38f73303-a39e-45a7-b8b7-e73517548f27",
    "name": "Carbon Lifecycle assessment 12345567",
    "assessorLevel": "3rdParty",
    "assessmentLevel": "authority_mandate",
    "attestationType": "certification",
    "description": "Assessment of battery products against the GHG Protocol.",
    "issuedToParty": {..},
    "authorisation": [{..}],
    "conformityCertificate": {..},
    "auditableEvidence": {..},
    "scope": {..},
    "assessment": [{..},{..}]
 }

Authorisations (Endorsements)

Authorisations are endorsements or other credential issued by a competent authority (such as a government agency or a national accreditation authority) has issued to the conformity assessment body that is issuing this attestation. It provides trust that the certifier is properly accredited to issue certificates.

• The id is a URI providing a unique ID of the endorsement / accreditation.
• The name is the name of the accreditation.
• trustmark is a base64 binary file that is typically shown on paper accreditations or endorsements.
• The issuingAuthority object defines the identity details of the competent authority that issued the endorsement.
• endorsementEvidence is a Link object to the actual accreditation details. This link SHOULD point to a trusted source of evidence such as a web page on the accreditation authority site (example) or a digital verifiable credential. The digestMultibase property may optionally be included to ensure content integrity.

It should be noted that this authorisations structure is part of the attestation issued by the conformity assessment body. As such it is only an unverified claim until confirmed via the endorsementEvidence link.

    "authorisation": [
      {
        "type": [
          "Endorsement"
        ],
        "id": "https://authority.gov/schemeABC/123456789",
        "name": "Accreditation of certifiers.com under the Australian National Greenhouse and Energy Reporting scheme (NGER).",
        "trustmark": {
          "fileName": "NGER Accreditation",
          "fileType": "image/png",
          "file": "iVBORw0KGgoAAAANSUhEUgAAADkAAAA2CAYAAAB9TjFQAAAABGdBTUEAAi/9H3pWy6vI9uFdAAAAAElFTkSuQmCC"
        },
        "issuingAuthority": {
          "id": "https://abr.business.gov.au/ABN/View?abn=72321984210",
          "name": "Clean Energy Regulator",
          "registeredId": "72321984210",
          "idScheme": {
            "type": [
              "IdentifierScheme"
            ],
             "id": "https://business.gov.au/ABN/",
             "name": "Australian Business Number"
          }
        },
        "endorsementEvidence": {
          "type": ["Link"],
          "id": "https://files.example-authority.com/1234567.json",
          "name": "NGER conformity certificate",
          "mediaType": "application/ld+json",
          "linkType": "https://test.uncefact.org/vocabulary/linkTypes/dcc"
        }
      }
    ]

Conformity Certificate and Auditable Evidence (Link)

The conformityCertificate and auditableEvidence objects are both the same Link type. The purpose is to provide a verifiable link to further details about the attestation (the certificate) or the auditable evidence (eg test results) that informed the attestation.

• id points to the external certificate or evidence described by name.
• name provides a human-readable description of the linked content.
• digestMultibase should equal the multi-base encoded digest of the target content. This provides an integrity measure to ensure that the external certificate or evidence has not been tampered since the DCC was issued.
• mediaType specifies the media type of the linked content.
• linkType is an optional identifier that, if present, should be drawn from a controlled vocabulary of link types (example).

    "conformityCertificate": {
      "type": ["Link"],
      "id": "https://files.example-certifier.com/1234567.json",
      "name": "GBA rule book conformity certificate",
      "digestMultibase": "abc123-example-digest-invalid",
      "mediaType": "application/ld+json",
      "linkType": "https://test.uncefact.org/vocabulary/linkTypes/dcc"
    },
    "auditableEvidence": {
      "type": ["Link"],
      "id": "https://files.example-certifier.com/1234567.json",
      "name": "GBA rule book conformity certificate",
      "digestMultibase": "abc123-example-digest-invalid",
      "mediaType": "application/ld+json",
      "linkType": "https://test.uncefact.org/vocabulary/linkTypes/dcc"
    },

Scope (Conformity Assessment Scheme)

scope defines the conformity scheme under which this attestation is issued. A scheme is a high level framework describing the context for the entire attestation. many individual assessments can be made under one scheme, and each may reference different standards or regulations.

• the id and name identifies the scheme. issuingParty identifies the scheme owner.
• the issueDate defines when the scheme was created and the trustMark is a binary file representing the mark or logo of the scheme.

    "scope": {
      "type": [
        "ConformityAssessmentScheme",
        "Standard"
      ],
      "id": "https://www.globalbattery.org/media/publications/gba-rulebook-v2.0-master.pdf",
      "name": "GBA Battery Passport Greenhouse Gas Rulebook - V.2.0",
      "issuingParty": {
        "id": "https://kbopub.economie.fgov.be/kbopub/toonondernemingps.html?ondernemingsnummer=786222414",
        "name": "Global Battery Alliance",
        "registeredId": "786222414",
        "idScheme": {
          "type": [
             "IdentifierScheme"
           ],
          "id": "https://kbopub.economie.fgov.be/",
          "name": "Belgian business register"
        }
      },
      "issueDate": "2023-12-05",
      "trustmark": {
        "fileName": "GHG protocol trust mark",
        "fileType": "image/png",
        "file": "iVBORw0KGgoAAAANSUhEUgAAADkAAAA2CAYAAAB9TjFQAAAABGdBTUEAAi/9H3pWy6vI9uFdAAAAAElFTkSuQmCC"
      }
    }

Assessment (Conformity Assessment)

One conformity credential may include many assessments. Each assessment includes:

• a unique id and human-readable name for the assessment
• a textual description of the assessment’s purpose or scope
• subjects of the assessment (ie what was assessed) which may reference one or more products, facilities, or organisations. For example a 300Ah Lithium battery.
• a reference standard and/or regulation against which the assessment was made. For example the global battery alliance rulebook.
• one or more specific criteria within the referenced standard or regulation which may include benchmark or threshold values. For example the industry benchmark carbon intensity of lithium batteries
• one or more actual declared values. For example the actual carbon intensity of the assessed battery.
• an indicator of conformance against the regulation or standard. For example, the battery conforms to the GBA rulebook.
• a category classifying the assessment’s sustainability or compliance focus. e.g. environment.emissions
• the date when the assessment was conducted
• the ID and name of the auditor if different to the issuer of the conformity credential.

    "assessment": [
      {
        "type": [
          "ConformityAssessment",
          "Declaration"
        ],
        "assessmentDate": "2024-03-15",
        "id": "https://exampleCAB.com/38f73303-a39e-45a7-b8b7-e73517548f27/01",
        "name": "GHG Emissions Intensity Assessment",
        "description": "A standardised disclosure of the battery's greenhouse gas emissions intensity, calculated in accordance with the Global Battery Alliance Battery Passport Greenhouse Gas Rulebook V.2.0.",
        "referenceStandard": {
          "type": [
            "Standard"
          ],
          "id": "https://www.globalbattery.org/media/publications/gba-rulebook-v2.0-master.pdf",
          "name": "GBA Battery Passport Greenhouse Gas Rulebook - V.2.0",
          "issuingParty": {...},
          "issueDate": "2023-12-05"
        },
        "referenceRegulation": {...},
        "assessmentCriteria": [
          {
            "type": [
              "Criterion"
            ],
            "id": "https://www.globalbattery.org/media/publications/gba-rulebook-v2.0-master.pdf#GHGEmissions",
            "name": "GBA GHG Emissions Intensity Calculation",
            "description": "Calculation of greenhouse gas emissions intensity for battery production, expressed in kg CO2e per kWh.",
            "conformityTopic": "environment.emissions",
            "status": "active",
            "subCriterion": [],
            "thresholdValue": {
              "metricName": "GHG emissions intensity",
              "metricValue": {
                "value": 10,
                "unit": "KGM"
              },
              "score": "BB",
              "accuracy": 0.05
            },
            "performanceLevel": "\"Category 3 recyclable with 73% recyclability\"",
            "tags": ""
          }
        ],
        "declaredValue": [
          {
            "metricName": "GHG emissions intensity",
            "metricValue": {
              "value": 10,
              "unit": "KGM"
            },
            "score": "BB",
            "accuracy": 0.05
          }
        ],
        "conformance": true,
        "conformityTopic": "environment.emissions",
        "assessedProduct": [
          {
            "product": {
              "id": "https://example.com/id/9520123456788",
              "name": "EV battery 300Ah",
              "registeredId": "9520123456788",
              "serialNumber": "12345"
            },
            "IDverifiedByCAB": true
          }
        ],
        "assessedFacility": [...],
        "assessedOrganisation": {...},
        "auditor": {...}
      }
    ]

To help understand the difference between a Scheme that defines the scope of the overall attestation and the Criterion that defines the rules for a specific conformity assessment, an example can help.

• ACRS operates a structural steel product certification scheme which is a methodology for performing conformity assessment, which references specific assessment criteria for different steel product types. For example one criteria could be about minimum tensile strength of a concrete reinforcing steel bar under criteria defined by standard AS/NZS 4671: 2019.

Assessment Assurance

Formal processes for substantiating claims made about products, processes or services represent a fundamental concept within UNECE Recommendation No.49 and within UNTP. However, for such processes to be reliable, it is essential to define the basis for confidence in such processes.

The UNTP approach embraces the objectives and design principles of UNECE Recommendation No. 49, by emphasising the concepts of verifiability, independence, international standards and the role of recognised authorities.

In this context, three categories of assurance have been defined, as follows.

Assurance Category	Description
Authority-derived assurance	Assurance is available via one of the listed pathways that assessment credibility has been established and maintained in alignment with the objectives and design principles of UECE Rec. 49 and international conformity norms.
Scheme-derived assurance	Care is recommended as credibility derives from assurances provided by the referenced scheme, which may not represent suitable assurance that assessment credibility has been established in alignment with the objectives and design principles of UNECE Rec. 49 and international conformity norms.
No UNTP-recognised assurance	Available assurances are not recognised as representing suitable assurance that assessment credibility has been established in alignment with the objectives and design principles of UNECE Rec. 49 and international conformity norms.

Describing assurance over the conformity assessment chain of results necessarily requires consideration of both the CAB processes and the scheme (or program) under which the assessment is delivered. However, assurance over a scheme and assurance over the conformity assessment processes (relating to that scheme) may, in some cases, be established by different processes and by different parties and it is the combination of these that provides a more complete understanding of assessment assurance.

Defined assessment assurance levels are summarised below. Note that these relate to assurances over a scheme and the scheme processes implemented by CABs. They do NOT relate to assurances that arise from a scheme, for example, approval or certification of manufacturers, suppliers or products/processes/services covered by a scheme.

Eligibility for a given assessment assurance level can be digitally verified through data points linked to a conformity credential and/or scheme representation. Any recognitions indicated are to be maintained as current, with currency defined by the party providing such recognition.

SCHEME EVALUATION ALTERNATIVES	Self-declaration by scheme owner See Note 1
	Or		Evaluation of scheme suitability by a recognised authority See Note 2
	Or			Government-owned scheme or government-mandated scheme See Note 3
	Or					Benchmarking of scheme See Note 4
+
CONFORMITY ASSESSMENT ASSURANCE TYPE See Note 5	Scheme owner recognition of other parties assessing against the scheme standards See Notes 6 & 7	Scheme owner directly conducting conformity assessment activities See Note 6	Independent peer assessment for accredited CAB See Notes 8 & 9	Peer assessment process managed by government See Note 3	Accreditation of CAB under global mutual recognition arrangement by a body peer-evaluated to ISO/IEC 17011 See Note 10	Government mandate for conformity assessment activity See Note 3	Benchmarking of scheme by an organization approved to UNIDO benchmarking principles and process See Note 11
=
RESULT: ASSESSMENT ASSURANCE LEVEL	Scheme-derived assurance: Recognition of CAB by registered scheme	Scheme-derived assurance: Self-declaration by registered scheme	Authority-derived assurance: Peer assessment body recognition for accredited CAB	Authority-derived assurance: Recognition by a governmental peer assessment authority	Authority-derived assurance: Global accreditation mutual recognition arrangement	Authority-derived assurance: Recognition by government mandate	Authority-derived assurance: Recognition by approved benchmarking organisation

Notes to Table:

1. The form of the self-declaration will be in accordance with a UNTP template reflecting relevant international standards.
2. This refers to evaluation of a scheme by the Global Accreditation Cooperation Incorporated or through this body’s regional accreditation cooperation members or member bodies of its Mutual Recognition Arrangement for such scope - this supersedes the role of the former International Accreditation Forum (refer www.globalaccreditationcooperationincorporated.org).
3. Ownership or mandate provided by national government or intergovernmental entity.
4. Scheme benchmarking organisations shall ensure that a scheme suitability assessment has been conducted for the candidate scheme.
5. A CAB issuing UNTP conformity credentials may also be the scheme owner.
6. The linked scheme self-declaration can be used to assist in judging credibility of the scheme.
7. Users of conformity credentials issued by a CAB recognised under a scheme may refer to the linked scheme self-declaration for details of the CAB-approval process used by the scheme owner.
8. This pathway applies to CABs acccredited under the Mutual Recognition Arrangement of the Global Accreditation Cooperation Incorporated
9. Schemes used by CABs may be owned by the peer assessment body but the CAB itself shall not be owned by or otherwise related to the peer assessment body.
10. Scheme evaluation is a prerequisite for accreditation of CABs by bodies that are signatories to the Global Accreditation Cooperation Incorporated Mutual Recognition Arrangement.
11. UNIDO Global Best Practice Framework for Organisations Performing Benchmarking Activities for Certification-related Conformity Assessment Schemes 2026. The process for approval of benchmarking organisations to the UNIDO principles is still to be defined.

In terms of the processes that must be applied for the listed assurance pathways, it is important to recognise that all of the following need to be addressed (except in the case of government-owned schemes, or direct government approval of CABs).

1. Scheme Governance

   Meet applicable international standards* which address scheme governance and integrity.

2. Development of scheme

   Meet applicable international standards* which address scheme development.

3. Standards Development

   Meet applicable international standards* which address the development of scheme standards.

4. Competency of personnel

   Demonstrate that personnel are trained and/or certified as competent in the following activities:

   • Development of standards and schemes
   • Governance, management, design, development, validation of the scheme, implementation and monitoring the integrity of the conformity assessment scheme through ethical and impartial requirements for those engaging in the process

5. Conformity assessment

   Meet applicable international standards* for management of conformity assessment processes.

*All references to ’international standards’ in the above list mean standards that are globally accepted and published for the purpose of standardising the management and delivery of conformity assessment schemes (or programs) of relevance to the product/process/organisation attributes for which assurance is to be demonstrated. Refer to the ‘International Standards’ table in the next section for examples of relevant standards.

Examples of international standards supporting assurance pathways are provided in the table below.

Name	Description
Scheme - Governance	Example standards: IAF MD-25, ISEAL Good Practice Guide for Sustainability Systems (GPGSS), ISEAL Credibility Principles, ISSA 5000, ICVCM CCP Assessment Framework, ICROA, UNFCCC – CDM, ISO 14030 , SBTi, ISO/IEC 17060, ISO/IEC 17067, ISO/IEC 17026, ISO/IEC 17032, ISO/IEC 17028, ISO /IEC17029, GFSI, SSCI, GSSI, ASC, PEFC, MSC, RSPO, SAC , FSC, RJC, ICMM, GEN, GLOBALG.A.P, ISO 14065, ISO/IEC 17020, ISO/IEC 17021-1, ISO 19011, GSTC, ISO 21401, ISO 21621, ISO 21902, IMDRF, ITU Conformity assessment and interoperability program, Global Certification Forum (GCF), PTCRB, CTIA, GSMA, IRMA, ICROA, ISSB, Cloud Security Alliance (CSA).
Scheme - Development of scheme	Example standards: IAF MD-25, ISO/IEC 17007, ISO/IEC 17060, ISO/IEC 17065, ISO/IEC 17067, ISEAL GPGSS, ISO Guide 82, ISO 14019- Parts I, 2 and 4, ISO 14020, ISO 14021, ISO 14024, ISO/IEC 14025, ISO 14067, ISO 14068, ISO 14064 - Parts I, 2 and 3, GHG Protocol: Note: In the case of peer assessment or benchmarking pathways, alternative standards may be nominated (such as WRI, GRI, IFRS/ISSB, FAO- CODEX Alimentarius, USGBC) for use within the specific context of the peer assessment or benchmarking program
Scheme - Standards Development	Example standards: ISO/IEC 17007, ISEAL GPGSS, ISO Guide 2, ,ISO Guide 59, ISO Guide 78, ISO Guide 64, ISO Guide 76, ISO Guide 82
Scheme - Competency of personnel	Principles for defining competence of personnel may be found in ISO/IEC 17024 as well as supplementary references such as IAF MD 25, ISO/IEC 17021-1, ISSA 5000, ISEAL GPGSS, ISO Guide 82, ISO IWA 48, ISO 14019- Parts I, 2 and 4, ISO 14020, ISO 14021, ISO 14024, ISO/IEC 14025, ISO 14030, ISO 14067, ISO 14064 - Parts I, 2 and 3, ISO 14065, ISO 14068, IPC VVB Verifier/validator, SBTi, UNFCCC Article 6 - CDM
Conformity assessment	Example standards: ISO CASCO toolbox of standards. Note: In the case of peer assessment or benchmarking pathways, alternative standards may be nominated (such as ISEAL, IECEE Conformity Assessment Systems, GRI, The International EPD System, ICVCM CCP Assessment Framework, ICROA, ISO 14030, SBTi, GEN, UNFCC&IPCC, OECD, FAO&WHO, GSSI or SSCI standards, IFOAN, SMIIC, UNFCCC Article 6 - CDM, UNIDO, WRI) for use within the specific context of the overall peer assessment or benchmarking program.