Notifications
Clear all
Topic starter
10/06/2026 10:44 pm
TL;DR: Digital identity is spreading across regulated onboarding, reusable identity, and cross-border trust models, but SumSub’s guide shows adoption remains fragmented because infrastructure, privacy, security, and interoperability requirements are still unevenly understood. The practical issue is governance: identity teams need a clearer model for where verification ends and ongoing trust begins.
NHIMG editorial — based on content published by SumSub: Digital Identity guide covering adoption, risks, and reusable identity
Questions worth separating out
Q: How should organisations govern reusable digital identity across multiple services?
A: Treat reusable digital identity as a governed trust decision, not a convenience feature.
Q: Why do digital identity programmes fail when interoperability is weak?
A: Digital identity programmes fail when systems cannot exchange identity assertions consistently, because the organisation loses a reliable basis for trust.
Q: When should teams use step-up verification instead of relying on reusable identity?
A: Use step-up verification when the transaction is higher risk than the original proofing event, when the credential is stale, or when the relying party cannot verify revocation and binding with confidence.
Practitioner guidance
- Separate proofing assurance from access policy Document which digital identity assertions can be reused and which must trigger fresh verification, especially for regulated onboarding and high-risk transactions.
- Define your trust boundaries for reusable identity Assign ownership for issuer trust, relying-party acceptance, revocation handling, and consent so reuse does not become an unowned control gap.
- Stress-test interoperability before scaling Validate identity flows across wallets, issuers, and relying parties using the same data minimisation and assurance requirements you expect in production.
What's in the full article
SumSub's full guide covers the operational detail this post intentionally leaves for the source:
- A closer breakdown of centralized, federated, and decentralized identity models for implementation planning
- Practical discussion of reusable identity across fintech, crypto, iGaming, and enterprise onboarding
- Infrastructure and governance requirements for making digital identity portable without over-sharing data
- Guidance on choosing a trusted partner and evaluating the next step in a digital identity strategy
👉 Read SumSub's guide on digital identity, reusable identity, and trust models →
Digital identity, reusable identity, and the governance gap?
Explore further
11/06/2026 2:53 am
Digital identity is becoming a governance problem before it is a technology problem. The guide’s real message is that adoption, trust, and infrastructure are now intertwined, so identity teams cannot treat digital ID as a front-end onboarding feature. Once identity proofing is reused across services, the organisation is also reusing assumptions about assurance, consent, and relying-party trust. Practitioners should therefore assess digital identity as a lifecycle governance decision, not a standalone experience layer.
A few things that frame the scale:
- NHIs outnumber human identities by 25x to 50x in modern enterprises, according to Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which is why identity programmes fail when ownership and lifecycle data are incomplete.
A question worth separating out:
Q: What should security and compliance teams agree on before launching digital identity at scale?
A: They should agree on who owns the trust model, what data is shared, how long assertions remain valid, and what happens when a credential must be revoked. Those decisions need to be explicit before scale arrives, because digital identity failures are usually governance failures first.
👉 Read our full editorial: Digital identity is fragmenting faster than trust models can adapt
