We have evolved to three identity models. A colleague of mine in a complex IT project, along time ago, stated “We have three options, one of them must be right”. Fortunately he was right – I hope the same holds for Identity.

The Problem

Let’s just remind ourselves that Identity is a problem due to poor solutions and a lack of solutions:

1. Accessing online services is a painful Multi-Factor Authentication (MFA) hell.

2. Account opening requires the use of complex and time-consuming Identity Verification solutions (i.e. Anti-Money Laundering, Countering the Financing of Terrorism solutions).

3. Simple legal approval processes (e.g. approve a bank signatory for a charitable trust) face the same requirements.

4. Fraudulent scams exist as there are limited ways to authenticate an organization.

5. A lack of age assurance causes social harm (social media, alcohol sales, adult content, and gambling).

And Reusable Digital Identity (RDI) could solve them all. While we have Digital Identity (all those servers with all that data on you), we struggle to re-use it and often we fall back on physical documents. So what are we doing about it?

Three National RDI Models

As the great Identity evolution rolls on, there are three promoted national RDI models:

1. Networked Identity

2. Decentralized Identity

3. Credential Identity

Networked Identity

In this model, identity data is held in central registries and is made available through networks.

Networked Identity is operational to varying degrees for 50% of the planet’s population. The major players are in Asia with Aadhaar in India and the Chinese solution. Other high-profile solutions exist in Scandinavia and Estonia.

This model has emerged in countries with strong personal national identity number structures because Networked Identity is just easier if everyone has a number. But, that does not mean Networked Identity is impossible in countries without personal national identity numbers (my approach, General Identity Protocol, solves that problem).

Note that governments all over the world provide access to government services through a networked model, but they do not necessarily extend this to be an RDI which is more a quantum leap over simply offering your own services online.

Networked Identity, by volume the most successful model, is evolving incrementally. India is a useful example – Aadhaar, an amazing accomplishment that registered a population including biometric data, is beginning to develop services based on the established data.

A common and completely erroneous criticism of Networked Identity is the ‘conspiracy theory’ that Networked Identity must result in population surveillance and some sort of dystopian society in which all personal freedoms are lost. Yes, China controls its population, data breaches occur, and social media giants misuse information. But India is a wonderful example of a country that effectively guards against such abuses, governments rarely, if ever, lose their population’s data, and data misuse has been minimized through privacy laws.

Central registries are a core component of tax systems that finance countries, welfare systems that provide pensions, education systems that record qualifications, and health systems that monitor people’s well-being over time. These are necessary and useful tools for a functioning society that wishes to avoid anarchy. Lambasting them as the cause of all societal problems is just silly.

Networked Identity is established and working – the questions are how far can it go functionally and will it extend to other jurisdictions?

Decentralized Identity

Decentralized Identity is both an ideological movement and a technology model. Ideologically, Decentralized Identity means putting power into the hands of the individual rather than relying on the state or commercial entities. This is the Self-Sovereign Identity (SSI) approach in which every individual, presumably, is their own sovereign. While the name itself begs the question ‘who wants to be the sovereign in a land of a single individual?’, the movement has attracted support for 20 years at least. The Internet Identity Workshop formed in 2005 is a leading player, as is W3C, and the Sovrin Foundation.

The movement had a lot of impetus at the time when blockchain solutions were emerging, and utilizes cryptography to support the decentralized model. Initially DIDs, or Decentralized IDs, were the answer but were overtaken somewhat by Credential Identity (see below).

Now Decentralized Identity seems to be having a sort of revival. The State of Utah has legislated State-Endorsed Digital Identity described in this overview from 17 October 2025:

“This reflects the founding idea of the United States, that all just powers of government derive from the consent of the governed. SEDI recognizes it is the role of the state to act as a trusted endorser, verifying an individual’s asserted identity and then issuing an endorsed credential mathematically bound to a digital identifier that the individual alone controls.”

That is, government powers derive from the consent of the people, so the state should cryptographically sign an individual’s identity data. The leap from the basis of government to a technical solution is quite something, but is not uncommon in Decentralized Identity.

Whether SEDI is truly decentralized will become apparent in the future, but it certainly looks like quite a different approach from Credential Identity considered below.

Credential Identity

I call this movement Credential Identity for brevity as it could be more correctly called Verifiable Credentials / Digital Wallet Identity. The major movement is the EU that embarked on its EU Digital Identity Wallet (EUDIW) project in 2021 with large scale pilots rolling out from 2023 onwards. Now this approach is being followed in many countries, including New Zealand where I live.

Credential Identity focuses on, well, Credentials. Credentials are both verified and verifiable. That is, some reliable party signs cryptographically and other parties can then verify the signature.

Even though on hugely different scales, the EU and New Zealand are following similar paths of building the infrastructure to issue credentials and store them in a smartphone wallet in the hope that, in the future, parties will develop solutions to utilize these stored credentials.

The challenge for Credential Identity are manifold (see my previous newsletter Seven Challenges for Credential Identity). One of these challenges is how to authenticate a person. I have asked leading proponents of Credential Identity this question, and they either recognize the issue or suggest that it is all being designed. As I have previously written, there is a distinct possibility that authentication will not make it into the solution which will devolve in Distributed Digital Documents (DDD). And DDD is not RDI (I promise).

Summary

So there it is, after twenty years a big problem and three options!

Personally, as per my previous newsletter, Identity Starts with People, I think that people want utility, people trust governments, and that therefore we should deliver identity through Networked Identity. It seems the only pragmatic solution given that we have centralized personal digital identity data which we can re-use.

Instead we pursue a immensely complex and probably unimplementable Credential Identity or an ideological-based Decentralized Identity that is simply a theoretical pipe dream.

But the tech world wants to play, so the story will go on!

regards

Alan