Jerry Fishenden

The quiet rise of digital identity: Convenience, control and the new social contract

Governments are rapidly expanding digital identity systems, promising greater convenience and faster access to services, but concerns around privacy, trust, surveillance and inclusion continue to grow

Digital identity is becoming part of everyday life in the UK, often with little public debate. Millions of people already use digital identity systems to access government services, prove their age, verify their right to work or manage financial accounts online. What once felt experimental is rapidly becoming mainstream. 

The UK governments Gov.uk One Login platform now has more than 11 million users across over 80 public services. Industry forecasts from Juniper Research suggest digital identity adoption could rise from 6.9 million users in 2025 to 25.5 million by 2029. Policymakers are also targeting adoption rates of up to 80% by 2030.

At the same time, the commercial ecosystem around digital identity is expanding quickly. The UK digital identity sector generated £2.1bn in revenue in 2023-24, while Europes identity verification market is projected to grow from $3.53bn in 2025 to $7.72bn by 2030.

The momentum behind digital identity is easy to understand. Digital services promise fewer paper forms and easier access to both public and private services. Yet the rapid roll-out of these systems is also raising difficult questions about privacy, inclusion, surveillance and trust.

Public opinion reflects this tension. While many citizens value the convenience digital identity offers, according to polling from YouGov, 63% of Britons say they do not trust the government to keep digital ID data secure. And Ipos indicates that around 46% oppose a national digital identity scheme altogether.

The debate is no longer simply about technology. It is increasingly about the relationships between citizens, governments and private platforms in a digital society.

Convenience is driving adoption

The strongest argument in favour of digital identity remains convenience. Verifying identity online can remove many of the delays and frustrations associated with traditional paperwork-based systems.

Stephen McDermid, EMEA chief security officer at Okta, said governments need to explain the practical value of digital identity in everyday life. Government transparency is key to ensuring the success of any digital ID initiative,” said McDermid. Instead of asking for trust, they should offer clear, measurable and real-world examples of how this will make the citizen experience better.”

He said that digital identity could simplify interactions across multiple services. It should focus on how this new digital ID will simplify communications with the government, where the citizen tells them once, and health, transport, tax and services functions are all updated within minutes rather than weeks,” said McDermid.

Digital identity frameworks across the UK and Europe are built around this promise of simplicity. Emerging systems such as the UKs Gov.uk Wallet and the EUs eIDAS 2.0 framework aim to give citizens a more consistent way to prove who they are online.

There is often an assumption that if a digital identity system is technically secure, citizens will automatically trust it,” said Ian Roberts, managing director at Granicus. In reality, trust is shaped by transparency, clarity of purpose and everyday experience.”

He pointed to the rapid adoption of the NHS App during the Covid-19 pandemic as evidence that citizens will embrace digital systems when the benefits are obvious. People are far more willing to adopt digital identity solutions when the benefit is clear and immediate,” said Roberts.

The convenience argument also extends into the private sector. Banks, retailers and financial services firms increasingly rely on digital identity verification to ensure swift, frictionless payments and prevent fraud.

Phil Cotter, CEO of SmartSearch, told Computer Weekly that digital identity systems can dramatically streamline verification processes. The big one is granularity,” he said. Once your identity is verified digitally, it can be verified everywhere, all the time. That is brilliant for convenience.”

The challenge is that convenience alone may not be enough to sustain long-term public trust.

Trust and transparency remain fragile

Digital identity systems depend heavily on public confidence. Without trust, even technically secure systems may struggle to gain widespread acceptance.

The UKs experience already reflects this uncertainty. Concerns over privacy and surveillance continue to shape public attitudes towards digital identity. Alex Laurie, go-to-market chief technology officer at Ping, said policymakers cannot assume citizens will automatically accept digital identity systems.

There is a pervasive assumption that the convenience of a single source’ of identity is enough to win public buy-in,” said Laurie. But trust is fragile.”

He argued that transparency is essential if governments want citizens to feel comfortable using digital identity systems. True trust is built on transparency, like the Estonian model, where citizens can see exactly who accessed their data,” said Laurie.

The issue of visibility repeatedly appears in expert concerns. Citizens often have little understanding of when their identity data is being shared or reused across different services. Roberts said transparency around data usage is critical.

Citizens may not always realise how often their identity is being verified, shared or reused across services,” he said. That is why it is critical to be clear about what data is collected, why it is needed and how it is protected.”

Several experts also warn that digital identity systems risk becoming too complex for ordinary users to fully understand.

Read more about digital identity

  • UK government plans for a national digital identity scheme risk embedding further inequalities and barriers to public services for the 19 million people currently experiencing digital exclusion.
  • The King’s Speech has outlined plans for a Digital Access to Services Bill, establishing a legal framework for the use of digital identity, which has received mixed responses. 
  • Back-to-front policy and a rushed launch destroyed public confidence, as Home Affairs Committee is sceptical government has capacity to implement the digital ID programme

Ash Gawthorp, co-founder and chief technology officer, Ten10, commented: Trust is tested at the point of failure, not at the point of launch,” he said.

Gawthorp explains that digital identity systems rely on multiple data sources that may not always align. When those systems do not align, the burden tends to fall on the user to resolve it, which quickly erodes confidence,” he said.

The technical architecture behind digital identity systems also influences public trust. Many newer frameworks increasingly favour decentralised models, where credentials are stored on a users device rather than in a single central database. Laurie said this model can improve privacy protections. Storing identity data on the users own device – not a government database – is the ultimate safeguard,” he said.

Selective disclosure technologies are becoming an important part of these discussions. Rather than sharing full personal records, citizens can verify only the information needed for a transaction. For example, an individual could prove they are over 18 without revealing their full date of birth or home address.

Steve Pannifer, senior vice-president of digital identity at Fime and Consult Hyperion, said these technologies are central to modern digital identity frameworks. What many citizens may not understand is that verifiable credential technology, which sits at the heart of the EU eIDAS initiative and is leveraged in mobile driving licences, addresses both of these challenges with cryptographically secure, hard-to-counterfeit credentials, and in-built privacy controls such as consent-based selective disclosure of personal data,” said Pannifer.

Despite these safeguards, concerns around surveillance and misuse continue to shape public debate.

The risk of surveillance and exclusion

One of the biggest concerns surrounding digital identity is the risk of function creep. Systems designed for one purpose can gradually expand into broader forms of monitoring and control.

Function creep rarely stems from a single decision,” said Ten10’s Gawthorp. It emerges gradually as systems are extended, integrated and reused over time.”

He pointed to Indias Aadhaar system as an example of how digital identity infrastructures can expand far beyond their original purpose.

It started as a welfare identifier and now sits under banking, mobile connections, tax records and school admissions,” said Gawthorp.

Cotter also warned that increasing digital verification creates detailed metadata trails about individuals’ activities. A system built to let you access the NHS or buy age-restricted goods online can become a tool for tracking where you go, what you spend, what the state considers risky behaviour,” he said.

Alex Laurie, go-to-market chief technology officer at Ping, added that every digital verification potentially generates records that could reveal patterns of behaviour. Every time you tap to prove your right to work or rent, an event log is created,” he said. If not managed via privacy by design, these logs become a map of a citizens life.”

The growing involvement of artificial intelligence further complicates the landscape. Laurie said identity systems must evolve to address new forms of fraud linked to AI agents and automated services. We cannot solve 2026s problems with 2010s static identity checks,” he said.

Alongside privacy concerns, digital identity also raises significant inclusion challenges. Globally, around 800 million people still lack any official form of identity, according to the World Bank. Even in developed economies, many citizens struggle to access devices, reliable internet connections, or formal documentation.

Think about elderly people, rural communities, people experiencing homelessness, refugees, those fleeing domestic abuse,” said Cotter. These groups often do not have the documentation or devices that digital systems assume as standard.”

He also warned that biometric systems can perform unevenly across different groups. Facial recognition and fingerprint systems do not work as well for certain groups, older people, people with darker skin, people with disabilities,” said Cotter.

Also, the managing director of Granicus, Ian Roberts, emphasised that communication and accessibility are essential to prevent exclusion. Digital identity can improve access, but only if it is designed inclusively,” he said. If systems assume everyone has the same level of digital access, skills, understanding or documentation, they risk excluding some of the most vulnerable groups.”

The risk is that digital identity could become mandatory in practice even if it remains technically voluntary.

Building a fair digital social contract

The long-term success of digital identity may depend less on technology itself, and more on accountability and public confidence. Experts consistently argue that citizens need meaningful control over their data to maintain trust.

McDermid said transparency must become a core feature rather than a marketing message. When a person can see who has accessed their data and why, the black box’ of government disappears,” he said.

Cotter said citizens also need stronger rights around portability and consent. If I do not trust one provider, I should be able to move my verified identity somewhere else without starting from scratch,” he said.

Several experts argue that digital identity systems should collect only the minimum information necessary for each interaction. Data minimisation needs to be technical, not just something you say in a policy document,” said Cotter.

Gawthorp agreed that user control needs to be built directly into system architecture. The technical mechanism that makes this real is verifiable credentials and selective disclosure,” he said.

The role of the private sector also remains a sensitive issue. Governments increasingly rely on technology providers, banks and telecoms companies to help build digital identity infrastructure. Laurie said private companies should support delivery rather than dominate it. Governments should set the standards, but the private sector – banks and telcos – should provide the plumbing,” he said.

Ultimately, the debate around digital identity is becoming a broader discussion about democratic accountability in a digital society.

A fair digital social contract will require systems that are transparent, inclusive and accountable. Citizens need to understand how their data is used, how decisions are made and what safeguards exist when systems fail.

Digital identity may reduce fraud and simplify access to services, but its long-term legitimacy will depend on whether citizens feel empowered by these systems or monitored through them.

As governments continue to accelerate the adoption of digital identity, the central question is no longer whether it will reshape society; it’s whether those systems strengthen trust between citizens and institutions, or quietly weaken it over time.

Read more on Identity and access management products