Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Decentralised identity for mega-events: what should IAM teams watch?


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 10745
Topic starter  

TL;DR: Mega-events are moving toward reusable digital identity wallets and verifiable credentials to reduce fraud, resale abuse, phishing and repeated identity checks across ticketing, travel, hospitality and payments, according to Uniken. The governance shift is not about collecting more data, but about proving ownership, eligibility and transfer rights with less exposure and more continuous assurance.

NHIMG editorial — based on content published by Uniken: Decentralised Identity for Mega-Events: A New Model for World Cup Trust

Questions worth separating out

Q: How should security teams use decentralised identity for event ticketing?

A: Use decentralised identity to prove ownership and eligibility without building a large central record of personal data.

Q: Why do verifiable credentials matter for IAM teams?

A: Verifiable credentials matter because they let organisations trust a signed claim rather than repeatedly collecting and storing the underlying data.

Q: What breaks when ownership and access are not continuously rechecked?

A: When ownership and access are only checked once, stale credentials, transferred tickets and compromised devices can remain trusted long after conditions change.

Practitioner guidance

  • Map every fan interaction to a minimum-proof requirement Define the smallest set of claims needed for ticket purchase, transfer, travel, hotel check-in and restricted access.
  • Treat ticket transfer as a lifecycle control Build revocation and re-issuance into authorised resale and transfer flows so the old credential cannot remain usable after ownership changes.
  • Add continuous verification at high-risk transitions Re-check credential validity, device trust and entitlement status at border crossings, venue entry, premium areas and partner handoffs.

What's in the full article

Uniken's full blog post covers the operational detail this post intentionally leaves for the source:

  • A deeper walkthrough of how wallet-based ticket ownership would work across issuance, transfer and revocation.
  • More detail on how selective disclosure could be applied to age checks, travel authorisation and hospitality access.
  • Additional discussion of continuous trust across border control, venue entry and post-event fan engagement.
  • The article's full fan-journey model showing how digital credentials could extend beyond ticket scanning.

👉 Read Uniken's analysis of decentralised identity for mega-event trust →

Decentralised identity for mega-events: what should IAM teams watch?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 10300
 

Decentralised identity is really a trust distribution problem, not a ticketing feature. The article describes a model where ownership, eligibility and transfer rights move into cryptographically verifiable claims held by the user. That reduces dependence on centralised accounts and duplicated records, which is the core governance shift practitioners should notice. The implication is that identity control moves closer to the moment of proof, not the moment of registration.

A question worth separating out:

Q: Who is accountable when a transferable credential is misused?

A: Accountability depends on the transfer rules, revocation timing and verifier design. If a system allows authorised transfer, the organiser must be able to prove when the old credential stopped being valid and who accepted the new one. Without that lifecycle evidence, disputes over misuse become hard to resolve.

👉 Read our full editorial: Decentralised identity for mega-events is changing trust models



   
ReplyQuote
Share: