Prove it. Don't hand it over.
Selective disclosure and zero-knowledge proofs let a verified user share only the specific facts a verifier needs — over 18, EU resident, KYC tier 3, one of them or several — without exposing the document, the date of birth, or anything else underneath it.
Shipped and live in the Hypersign KYC widget and dashboard today.
Feature Overview
Data Minimisation, Built Into the Consent Screen
Every verification asks for consent by default. Selective disclosure makes that consent granular — down to the individual attribute, or a single yes/no proof.
Per-Credential Consent Toggles
Each credential requested in a flow personhood, document, age proof gets its own switch. Users can grant some and decline others in the same screen.
Per-Attribute Selection
Inside a credential, individual fields name, document number, gender each carry their own checkbox. Only checked fields are disclosed.
Threshold & Range Proofs
Prove age above a configured minimum, or a numeric attribute above/below a value, without revealing the underlying number.
Verifier-Configurable Requests
Businesses choose which attributes their integration requests from the dashboard. Anything not requested is never part of the response.
BBS+ Selective Disclosure
A single signature over the full credential lets the holder derive a proof of any subset of attributes cryptographically, not by redaction.
Criteria Transparency
Before authorising, the user can inspect exactly what's being proven attribute, operator, and threshold value in plain terms.
The Consent Screen
Every credential, its own switch.
Before anything is shared, the user sees exactly which credentials a verifier is asking for — and can turn any of them off. A personhood check, a document credential, and an age proof can be granted independently, in the same flow.
Nothing is bundled by default. If a verifier only needs proof of age, that's the only switch that has to be on.
Attribute-Level Transparency
"View all" means all.
Tapping into a credential shows the individual fields it contains — document type, name, document number, gender — each with its own checkbox. Only the checked fields leave the device.
A face image or document number can sit in the credential without ever being part of what's disclosed for a given check.
Identity attributes from DocumentCredential will be shared
Zero-Knowledge Age & Threshold Proofs
Prove "over 18." Not the birthdate.
Beyond field-level disclosure, Hypersign supports threshold proofs: the verifier configures a minimum age, and the user's credential proves the comparison is true — without the date of birth, or even the exact age, ever crossing the wire.
The same predicate model extends to jurisdiction ("EU resident: yes/no") and KYC tier ("verified at Level 2 or above") checks.
Enable users to prove a minimum age requirement without sharing their exact date of birth.
Criteria for ProofOfAge
Verifier-Side Attribute Control
Ask for less. Get less liability.
The request side is configurable too. From the dashboard, a business chooses which identity attributes it actually needs for a given flow — the rest are never requested, so they're never part of the verification response to store, secure, or eventually delete.
Fewer requested attributes means a smaller breach surface if anything ever goes wrong downstream.
Choose which verified identity attributes your app receives after verification. Unselected attributes stay private and are never included.
Why Now
Regulation is catching up to the idea.
eIDAS 2.0 requires every EU Digital Identity Wallet to support selective disclosure by the end of 2026 — not as an optional feature, but as the baseline sharing model. GDPR Article 5 already requires data minimisation; this is the mechanism that makes it enforceable at the protocol level instead of a policy promise.
Age-verification mandates spreading across the US and UK have made the opposite approach — uploading a government ID to prove you're over a threshold — a visible source of user distrust. Selective disclosure is the answer to "why do you need my whole passport for this."
Why Hypersign vs. Document-Only KYC
Beyond Pass/Fail Verification
Most KYC vendors verify the whole document, then hand a business the whole result. Hypersign lets the disclosure be as narrow as the requirement.
Use Cases
Where Narrow Disclosure Pays Off
Age-Gated Platforms
iGaming, dating, and social apps prove a user meets the age threshold without ever seeing a birthdate or document image.
Marketplaces
Sellers and buyers prove verified status to a counterparty without exposing the document that verification was based on.
Fintech Onboarding
Share only the KYC tier a product requires Level 2 onboarding doesn't need the same disclosure as a Level 4 transaction.
Web3 & DAOs
Prove personhood or jurisdiction for sybil resistance and gating without linking a wallet to a full identity document.
Healthcare & Telehealth
Share a specific eligibility attribute a coverage tier, an age bracket rather than a full patient record.
Cross-Border Compliance
Align with eIDAS 2.0 and EUDI Wallet expectations ahead of the 2026 mandate without re-architecting your onboarding flow.
FAQ
Selective Disclosure & Zero-Knowledge Proofs
Ask for the fact.
Not the file.
Turn on attribute-level consent and zero-knowledge age proofs in your existing Hypersign integration — no new vendor, no new contract.
Selective Disclosure API · Zero-Knowledge Age Proofs · BBS+ Credentials · eIDAS 2.0 Ready