Blockcerts is a standard for verifiable claims, which is currently separate from Identity. Current implementations rely on the Issuer to know/validate the recipient in the first place. And while the Blockcerts mobile wallet has some security mechanisms in place, others can be added. For instance, in the MIT deployment, students had to login through MIT’s identity system (Touchstone) as part of the key exchange process.
As specification for Decentralized Identifiers (DIDs) becomes more established via the W3C, Blockcerts will evolve to stay aligned with that standard.
Since you brought up a number of other vendors in regard to identity, here is a blog post (written for Learning Machine) that attempts to map out the space and highlight some of their relationships.