US Patent 9391782 Validation of user credentials

In one implementation, a client device obtains data associated with a credential. The client device then obtains a first version of a representation for the credential and a second version of the representation for the credential, the first version being configured for validation by a validation entity via concurrent network communication, and the second version being configured for validation by a validation entity without concurrent network communication, wherein the second version of the credential comprises a digital signature derived from a private key of a credential grantor and a portion of the data associated with the credential. The client device receives a request to output a representation for the credential. Then the client device outputs the second version of the representation for the credential in a manner that enables a validation entity to validate the credential by accessing a public key of the credential grantor to authenticate the digital signature.