Trend analysis: Digital identity & trust frameworks — where the value pools are (and who captures them)

The global digital identity market reached $42.6 billion in 2025, yet McKinsey estimates that extending comprehensive digital ID coverage to underserved populations worldwide could unlock economic value equivalent to 3-13% of GDP by 2030, a prize worth $4.7-14.1 trillion annually. The question confronting founders, investors, and policymakers is no longer whether digital identity infrastructure will be built, but who captures the value when it is.

Why It Matters

Digital identity has transitioned from a niche cybersecurity concern to foundational economic infrastructure. The EU's revised Electronic Identification and Trust Services Regulation (eIDAS 2.0), which entered force in 2024, mandates that all EU member states offer citizens a European Digital Identity Wallet by 2026-2027. This single regulatory action creates a captive market of 450 million potential users and forces every bank, telecom, healthcare provider, and government agency in the bloc to accept wallet-based credentials. The UK, following Brexit, has pursued a parallel but distinct path through the UK Digital Identity and Attributes Trust Framework (DIATF), now in its operational phase with 50+ certified providers.

Beyond regulation, commercial pressures are accelerating adoption. Online fraud losses exceeded $48 billion globally in 2024 (Juniper Research), with synthetic identity fraud growing 35% year-over-year. Traditional knowledge-based authentication (passwords, security questions) fails at rates exceeding 20% for legitimate users while providing minimal protection against sophisticated attackers. The business case for stronger digital identity is compelling: Mastercard estimates that merchants and financial institutions spend $25-30 billion annually on manual identity verification processes that digital credentials could automate.

For founders in particular, the digital identity landscape presents a structural opportunity comparable to cloud computing in 2010 or mobile payments in 2015. The technology stack is maturing, regulatory tailwinds are strengthening, and incumbent institutions are investing heavily, but no single player has consolidated the market. Understanding where value concentrates, and where it dissipates, is essential for strategic positioning.

Key Concepts

Self-Sovereign Identity (SSI) places individuals in control of their own identity credentials, stored in personal wallets rather than centralized databases. SSI architectures use decentralized identifiers (DIDs) and verifiable credentials (VCs) conforming to W3C standards. The holder receives cryptographically signed credentials from issuers (governments, employers, universities) and selectively presents them to verifiers (banks, landlords, employers) without the issuer needing to be online at the point of verification. This eliminates the single-point-of-failure vulnerability inherent in centralized identity providers and reduces ongoing operational costs for credential issuers.

Verifiable Credentials are tamper-evident, cryptographically secured digital attestations that prove specific attributes (age, citizenship, professional qualification, credit score) without revealing unnecessary personal data. A verifiable credential proving someone is over 18 need not disclose their exact date of birth, address, or name. This selective disclosure capability, enabled through zero-knowledge proofs or selective disclosure JWT (SD-JWT) schemes, represents a fundamental architectural improvement over physical documents and centralized database lookups.

Trust Frameworks establish the governance rules, technical standards, and legal liability structures that enable interoperable identity ecosystems. The EU's eIDAS 2.0 trust framework defines levels of assurance, accreditation requirements for credential issuers, and liability provisions for relying parties. The UK's DIATF takes a market-driven approach, certifying commercial providers against a common standard while maintaining competitive dynamics. Trust frameworks determine who can participate in the ecosystem and under what terms, making them the primary mechanism through which value capture is shaped.

Decentralized Identifiers (DIDs) are globally unique identifiers that enable verifiable, decentralized digital identity. Unlike traditional identifiers (email addresses, phone numbers) controlled by service providers, DIDs are created and controlled by the identity holder. DID methods specify how DIDs are registered, resolved, and managed, with implementations ranging from blockchain-anchored methods (did:ion, did:web) to peer-to-peer methods that require no distributed ledger.

Where the Value Pools Are

Identity Verification and Onboarding ($18-24 Billion)

The largest immediate value pool sits in Know Your Customer (KYC) and identity verification processes. Financial institutions, regulated entities, and online platforms spend $18-24 billion annually on identity proofing, document verification, and biometric matching. Current processes are expensive ($5-25 per verification), slow (24-72 hours for enhanced due diligence), and frustratingly repetitive for consumers who must re-verify their identity with every new service provider.

Reusable digital credentials collapse this cost structure. Once a user's identity is verified to a high assurance level, subsequent verifications can occur in seconds at near-zero marginal cost. Onfido, a UK-based identity verification provider, processes over 10 million verifications monthly and reported that clients using its reusable identity product reduced verification costs by 60-70% while improving conversion rates by 15-20%. The value here accrues primarily to verification orchestrators and trust framework operators who facilitate credential reuse across relying parties.

Fraud Reduction ($12-18 Billion)

Synthetic identity fraud, account takeover, and social engineering collectively cost businesses $35-48 billion annually. Digital identity infrastructure that binds strong credentials to authenticated sessions can prevent 60-80% of these losses. Mastercard's identity verification network, which links biometric authentication to payment authorization, reduced fraudulent transactions by 74% across participating merchants in 2024-2025 pilot programs.

The fraud reduction value pool is captured differently across the ecosystem. Financial institutions retain savings directly through reduced loss provisions. Merchants benefit through lower chargeback rates and reduced manual review costs. Insurance providers offering cyber and fraud coverage can price risk more accurately. Platform operators and fintechs that integrate strong identity into their user flows capture value through improved unit economics and lower customer acquisition costs.

Credential Issuance and Management ($4-8 Billion)

Governments, educational institutions, professional bodies, and employers all issue credentials that require ongoing management, revocation, and renewal. Digitizing these processes creates a recurring revenue opportunity tied to the lifecycle management of credentials. The European Commission estimates that eIDAS 2.0-compliant credential issuance and management will generate EUR 3.8-6.2 billion in annual economic activity across the EU by 2028.

Companies like Dock (credential issuance APIs), Spruce (enterprise identity infrastructure), and Lissi (wallet and credential management) are positioning to capture this layer. The economic model typically involves per-credential or per-verification fees, creating predictable recurring revenue streams that scale with ecosystem adoption.

Data Monetization and Consent Management ($3-6 Billion)

Digital identity wallets that give users control over their data create new consent-based data sharing models. Rather than surrendering personal information to intermediaries, users can selectively share verified attributes with service providers in exchange for value. This inverts the surveillance advertising model and creates opportunities for privacy-preserving personalization.

The UK's Open Banking framework demonstrated this dynamic: consumers who authorized data sharing through regulated APIs received better financial products (lower interest rates, higher credit limits) while maintaining control over their information. Extending this pattern to broader identity attributes (verified income, employment status, health records) unlocks substantial value for both consumers and service providers willing to pay for high-quality, consent-based data.

Who Captures the Value

Wallet Providers

Digital identity wallets are the consumer-facing layer of the stack and represent the primary interface through which users interact with the ecosystem. Apple, Google, Samsung, and Thales are all building wallet infrastructure, leveraging existing device distribution and secure hardware (TEE/SE) capabilities. The EU's mandate for member state wallets creates a public-sector counterweight, but private wallet providers retain advantages in user experience, device integration, and global reach. Wallet providers capture value through ecosystem lock-in, data orchestration fees, and premium service tiers.

Trust Framework Operators

Organizations that define and govern trust frameworks occupy a structurally powerful position. The UK's DIATF, operated by the Department for Science, Innovation and Technology (DSIT), sets the rules that commercial providers must follow. In private-sector frameworks, companies like GLEIF (managing the Legal Entity Identifier system) and the Sovrin Foundation (governing the Sovrin Network) extract value through membership fees, certification services, and transaction-based charges. Trust framework operators benefit from network effects: as more issuers and verifiers join, the framework becomes more valuable, creating winner-take-most dynamics.

Verification Orchestrators

Companies that sit between credential holders and relying parties, routing verification requests, managing trust decisions, and aggregating compliance requirements, capture substantial margin. Onfido (acquired by Entrust in 2024), Jumio, and iProov in the UK market exemplify this model. Their value proposition is reducing integration complexity for relying parties who would otherwise need to build connections to multiple credential issuers and wallet providers. Orchestrators typically charge per-transaction fees of $0.50-3.00, generating high-margin recurring revenue that scales with ecosystem volume.

Infrastructure and Standards Bodies

W3C, the Decentralized Identity Foundation (DIF), OpenID Foundation, and ETSI develop the technical standards that underpin interoperable identity systems. While these bodies are typically non-profit, the companies that contribute to and implement standards first gain competitive advantages. Microsoft's early investment in ION (a DID network built on Bitcoin) and its subsequent integration of verifiable credentials into Entra positioned it as a default enterprise identity provider. Standards participation is a strategic investment in market shaping.

What's Working

UK DIATF Certification

The UK's trust framework has certified over 50 identity service providers since becoming operational, creating a competitive market for digital identity services. Post Office, Yoti, and OneID have each processed millions of identity verifications under DIATF certification. The framework's success lies in its market-driven approach: rather than mandating a single government wallet, it establishes interoperability standards that allow private providers to compete on user experience and pricing while maintaining consistent assurance levels. Early data shows DIATF-certified checks cost 40-60% less than traditional in-person verification.

EU Digital Identity Wallet Pilots

Large-scale pilots across the EU involving over 250 organizations and 26 member states have tested wallet-based credential exchange for banking onboarding, travel document verification, prescription management, and professional credential verification. Germany's Bundesdruckerei and France's ANTS have developed reference wallet implementations that demonstrate sub-second credential verification and cross-border interoperability. Pilot participants reported 85% user satisfaction rates and 90%+ successful verification completion.

What's Not Working

Interoperability Across Jurisdictions

Despite shared standards (W3C DID, Verifiable Credentials), practical interoperability between national identity ecosystems remains elusive. A 2025 assessment by the European Digital Identity Cooperation Group found that only 3 of 15 tested cross-border credential exchange scenarios completed successfully without manual intervention. Protocol-level compatibility exists, but differences in assurance levels, attribute schemas, and legal recognition frameworks prevent seamless cross-border use. This fragmentation limits the network effects that would accelerate adoption and value creation.

Consumer Adoption and Awareness

Even where infrastructure is available, consumer uptake lags expectations. Sweden's BankID, one of the world's most successful digital identity systems, took 12 years to reach 80% population penetration. India's Aadhaar achieved rapid enrollment through government mandate, but voluntary adoption of wallet-based credentials in the UK and EU has been slower. A 2025 Eurobarometer survey found that only 28% of EU citizens were aware of the forthcoming EU Digital Identity Wallet, and just 14% expressed strong willingness to adopt it immediately upon launch.

Key Players

Thales provides digital identity and security solutions to governments and enterprises globally, with wallet infrastructure deployed in 30+ countries.

Onfido/Entrust combines AI-powered identity verification with enterprise credential management, serving over 800 clients including HSBC and Revolut.

iProov delivers biometric facial verification technology used by the UK Home Office, US Department of Homeland Security, and major banks.

Yoti operates as a DIATF-certified identity provider in the UK, offering age verification, identity checks, and digital credential services.

Spruce builds open-source enterprise identity infrastructure for verifiable credentials and decentralized identifiers, with adoption by government and financial sector clients.

MATTR provides a credential issuance and verification platform supporting W3C standards, used by New Zealand's government and financial institutions in the Asia-Pacific region.

Action Checklist

• Map which trust frameworks (eIDAS 2.0, UK DIATF, national schemes) apply to your target market and customer base
• Assess current identity verification spend and model cost reduction potential from reusable credential adoption
• Evaluate wallet integration requirements and timeline for your sector's regulatory obligations
• Identify high-value use cases where digital credentials reduce friction, fraud, or compliance costs in your value chain
• Build partnerships with certified identity providers in your target jurisdictions before ecosystem lock-in occurs
• Develop a privacy-by-design data strategy that leverages selective disclosure capabilities
• Monitor standards development (W3C, DIF, OpenID) to ensure technical architecture aligns with emerging interoperability requirements
• Quantify the fraud reduction business case specific to your customer segments and transaction patterns

FAQ

Q: Where should founders focus to capture the most value in the digital identity stack? A: The highest-margin opportunities sit in verification orchestration and vertical-specific credential solutions. Orchestrators capture per-transaction fees while avoiding the regulatory complexity of credential issuance and the commoditization risk of wallet infrastructure. Vertical specialists (healthcare credentialing, professional licensing, supply chain identity) can build defensible positions by deeply integrating with industry-specific workflows and compliance requirements.

Q: How does the UK DIATF compare to eIDAS 2.0 for market opportunity? A: The UK DIATF offers a more commercially accessible market because it relies on private-sector competition rather than government-operated wallets. Certified providers can innovate freely within the framework's assurance standards, creating opportunities for differentiated products. eIDAS 2.0 creates a larger addressable market (450 million vs. 67 million) but channels much of the infrastructure investment through public-sector procurement, which is slower and more price-sensitive. Founders targeting enterprise sales may find the UK market easier to penetrate initially.

Q: What is the timeline for meaningful revenue generation in digital identity? A: Identity verification and fraud reduction use cases are generating revenue today and growing 25-35% annually. Verifiable credential-based revenue streams are earlier stage, with meaningful volumes expected in 2027-2028 as eIDAS 2.0 wallets launch and relying parties integrate credential acceptance. Long-duration opportunities in consent-based data monetization and decentralized reputation systems are 3-5 years from material revenue. Founders should build for the credential economy while generating near-term revenue from identity verification and compliance services.

Q: What are the primary risks for startups entering the digital identity space? A: Platform risk is the dominant concern. Apple and Google control the mobile device layer and could integrate identity wallet capabilities that displace third-party providers. Regulatory risk exists where government policy shifts could mandate public-sector solutions or change certification requirements. Interoperability fragmentation across jurisdictions may limit addressable market size and increase integration costs. Finally, privacy regulation (GDPR, UK Data Protection Act) creates compliance overhead that disproportionately burdens smaller companies.

Q: How significant is the sustainability dimension of digital identity? A: Digital identity infrastructure reduces the environmental footprint of verification processes by eliminating physical document production, postal delivery, and in-person verification travel. The UK's Government Digital Service estimated that shifting identity checks from in-person to digital channels reduces per-transaction carbon emissions by 80-90%. At scale, digital credential ecosystems also enable verified sustainability claims (certified carbon offsets, supply chain provenance, ethical sourcing attestations) that support broader ESG objectives.

Sources

• McKinsey Global Institute. (2025). Digital Identification: A Key to Inclusive Growth, Updated Assessment. New York: McKinsey & Company.
• European Commission. (2024). eIDAS 2.0 Impact Assessment: Economic Analysis of the European Digital Identity Framework. Brussels: European Commission.
• Juniper Research. (2025). Online Payment Fraud: Market Forecasts, Emerging Threats & Segment Analysis 2025-2030. Basingstoke: Juniper Research.
• UK Department for Science, Innovation and Technology. (2025). UK Digital Identity and Attributes Trust Framework: Annual Review. London: DSIT.
• Mastercard. (2025). Identity Verification Network: Performance Report 2024-2025. Purchase, NY: Mastercard.
• Eurobarometer. (2025). European Citizens' Attitudes Toward Digital Identity: Flash Survey Results. Brussels: European Commission.
• World Economic Forum. (2025). Reimagining Digital Identity: A Strategic Imperative. Geneva: WEF.