Welcome to Origin
  • Platform Documentation
  • Perspectives
    • Origin for Clients
    • Origin for Service Providers
      • Service Provider Directory
    • Origin for Developers
  • Tasks
    • Sign with a vLEI
  • Concepts
    • PII
    • Credentials and Verifiable Data
      • Formats
      • Issuing
      • Verifying
      • vLEIs
        • Why We Need vLEIs
        • Types of vLEIs
        • The vLEI Journey
        • Ways to Use vLEIs
    • Glossary
Powered by GitBook
On this page
  • LE vLEI
  • OOR vLEI
  • ECR vLEI
  • QVI vLEIs
  1. Concepts
  2. Credentials and Verifiable Data
  3. vLEIs

Types of vLEIs

PreviousWhy We Need vLEIsNextThe vLEI Journey

Last updated 8 months ago

LE vLEI

The prototypical example of a vLEI is one issued to a legal entity (e.g., a company, government, or non-profit). It declares the LEI of that entity and tells what cryptographic evidence constitutes strong proof of ownership for it. This is the Legal Entity vLEI or LE vLEI for short, and it is top of mind in most vLEI discussions. If you hear someone talking about a vLEI without specifying a type, the LE vLEI is probably what they intend.

OOR vLEI

Another type of vLEI is issued to people whose roles at an organization include rights or responsibilities that are defined in the legal code where the legal entity is incorporated. For example, in many jurisdictions, a CEO and CFO — and not different corporate roles like Head of Accounting — must sign quarterly reports to government financial regulators. In fulfilling this duty, the CEO and the CFO accept legally mandated accountability for their individual and corporate actions.

This is the Official Organizational Role vLEI or OOR vLEI for short. OOR vLEIs are issued to specific individuals who have undergone strong identity assurance, meeting or exceeding the requirements of , and whose roles with a company are declared in a way that is legally provable to the public. The roles in a given organization that might need an OOR vLEI are largely defined in the ISO 5009 standard, and are . Some roles that are associated with OOR vLEIs in many jurisdictions include CEO, CFO, Board Chair, Chief Counsel, and Shareholder.

OOR vLEIs chain back to the LE vLEI of the organization with which the individual is associated.

ECR vLEI

The most abundant type of vLEI is issued to people whose roles at an organization are defined by the organization itself, without reference to any legal requirements. These roles are not necessarily less important than OOR roles; they are just more flexible. Director of IT, Senior Vice President of Human Resources, Chief Scientist, Product Manager, Quality Assurance Engineer, Senior Detective, Tech Evangelist, and many other job titles are likely to fit into this category.

This is the Engagement Context Role vLEI or ECR vLEI for short. ECR vLEIs are essentially employee credentials, but unlike many other employee credential schemes, they are only issued to individuals who have undergone strong identity assurance, and they chain back to the LE vLEI of the organization with which the individual is associated. This rigor makes them far better sources of proof that an individual with a particular legal identity has a named role at a given organization.

QVI vLEIs

Who issues all these credentials?

GLEIF defined a certification program for organizations that want to perform issuance under the stringent guidelines of their ecosystem governance framework. Organizations who pass annual certification are called Qualified vLEI Issuers, and are given a Qualified vLEI Issuer vLEI or QVI vLEI for short, to prove this status.

QVIs are the only organizations that are allowed to issue LE vLEIs or OOR vLEIs. QVIs may also issue ECR vLEIs, but legal entities may also issue ECR vLEIs themselves, without a QVI, as long as they follow GLEIF rules when doing so.

NIST IAL2
published on GLEIF's website