Digital ID isn’t the problem. Trust is.

Digital ID isn’t the problem. Trust is.

< Back to all Posts

Published:

Digital ID is having a big moment in the UK. Between government proposals, industry conversations and growing public scrutiny, identity has moved from a niche technical topic to a mainstream concern. The conversation around Digital ID is fraught with divisiveness and has been significantly overshadowed by political debate. But strip away the politics, and the momentum behind digital ID is coming from something much simpler: creating trust on both sides, giving individuals confidence in how their identity is used, and giving organisations confidence in the actions tied to that identity.

People are tired of friction, and they’re tired of the inconvenience that comes with it. 

Repeated forms, scanned documents and uploading the same information again and again can prove taxing on those who interact with the public sector. At the same time, technology has evolved, and passkeys, verifiable credentials, and smarter authentication methods are now widely available. Layer on the rise in fraud, and it’s no surprise the conversation is accelerating into action.

And yet, despite all of this, something is missing. 

While how identity is mishandled is improving, trust is not keeping pace.

That gap, between verifying who someone is and proving what they agreed to, is where many digital experiences still fall short. We are so used to the digital world across most industries, but the public sector still feels so slow on that front. People hate having to fill out forms repeatedly, and there’s so much admin. 

This inefficiency in the public sector is mainly due to excessive administrative tasks required in its daily operations and inefficient processes for proving identity. What is needed here, therefore, is a streamlined digital environment. A digital ID could be just the thing to solve this problem.

“We are so used to the digital world across most industries, but the public sector still feels so slow on that front.”

From a product perspective, identity should never be one-size-fits-all.

The reality is that most digital transactions are risk-based. Situations in which this is low risk should also involve low information being required. There should be a priority of convenience rather than over-engineering the process. Low-value actions should be quick and frictionless. High-risk or legally binding agreements require stronger verification.

But here’s where the confusion starts:

Many assume that identity verification alone creates trust.

It doesn’t.

Trust in a digital transaction comes from a combination of signals:

  • Authenticity: Was this person really who they claimed to be?
  • Intent: Did they knowingly and willingly agree?
  • Evidence: Can this be proven later?

Digital ID can support the first of these; it does far less for the second and third.

That’s one aspect of the trust gap affecting those who would be using Digital ID to facilitate transactions within their business or organisation. The larger trust gap stems from public perceptions of what Digital ID means for society as a whole.

The misconception problem

One of the biggest misconceptions about digital ID systems is that they are inherently invasive or designed for surveillance. There is a lot of talk of an overarching fear that data may be misused or utilised for nefarious purposes.

In reality, digital ID is just a tool. No tool is inherently good or bad; its use ultimately determines its impact. Whether it empowers users or undermines them depends entirely on how it’s designed in the first place.

Concepts like:

  • Minimal data disclosure: The sharing of only the necessary information in a transaction or verification process.
  • Revocable credentials: The ability to revoke or withdraw access to their identifying information after it has been shared.
  • Selective sharing: The ability to share specific parts of their identifying information in a transaction or verification process.

All of the above can make identity systems far more privacy-preserving than today’s fragmented alternatives.

But none of that matters if the experience doesn’t feel trustworthy. It is the usage that defines the impact of a Digital ID system. If users own (and feel they own) their data and it’s well protected, Digital ID could be as simple and secure as a driver’s license. 

“In reality, digital ID is just a tool. No tool is inherently good or bad, and its use ultimately defines its impact.”

What actually proves identity in a digital agreement?

When someone signs a document digitally, identity isn’t proven by a single step.

It’s built from a stack of signals, including:

  • Cryptographic signatures: A signature created with a private key that is used to verify the authenticity and integrity of a digital message or document.
  • Verified attestations: An authoritative entity verifying that the information provided by the user is accurate and legitimate.

As well as Device or authenticator data, contextual information (time, IP, behaviour) and timestamped audit trails.

Together, these create something far more powerful than a simple “ID check”.

They create defensible evidence that regulators, courts and businesses actually rely on.

The balance between friction and trust

Balancing security and convenience is crucial in verification systems. Too much verification can drive users away, while too little exposes them to risk. The best systems adapt to find that balance through progressive verification:

Start with Low Friction: Use minimal verification for low-risk transactions to streamline the user experience, especially for routine interactions with minimal fraud risk.

Step Up Checks with Increased Risk: For higher-value transactions or access to sensitive information, implement multi-factor authentication or additional identity verification to ensure security measures align with risk.

Match Assurance to Value: The level of identity assurance should correspond with the transaction’s value or sensitivity. This helps manage risk while maintaining user trust and satisfaction.

Modern digital products should focus on this approach to identity verification, fostering user confidence in the process.

Why UX is where trust is won or lost

Trust isn’t just technical, it’s experiential. The biggest turn-off for someone using a digital product is how language is used to address them. Legal or technical jargon often doesn’t work to persuade someone that your product is trustworthy.

It may be completely watertight from your point of view, but I put this to you: When is the last time you actually read the terms and conditions of a product or a website’s cookie policy?

The information should be available so you can understand what’s being done with your data, where it’s going, and how it’s being used. Although this is a legal requirement in practice, it is also a good UX tool at your disposal, so the end user doesn’t feel you are hiding behind complex language and implicitly understands the “what” and the “why”.

A few additional ways to establish trust through UX:

  • Visible proof (receipts, audit logs, confirmation states): A way to track documents after signing, transactions after purchase, and the status of a process makes the intangible tangible. Transparency here is key.
  • Obvious recovery paths if something goes wrong: A way to double back or right a wrong in a workflow makes the tangible not permanent. Forgetting a password, recovering an account, or re-verifying identity should be easy but secure.

What destroys trust?

  • Sudden, unexplained data requests: Users being asked to provide sensitive information without justification will leave them uneasy about proceeding with your workflow.

If people don’t understand what’s happening or feel trapped, they disengage.

Or worse, they comply blindly without confidence.

Neither outcome is good.

“The information should be available so you can understand what’s being done with your data, where it’s going, and how it’s being used.”

Transparency is the real trust signal

There is one overarching principle that underpins trust in digital identity: transparency.

Users need to know the following:

What data is being collected?
Why is it needed?
How long has it been stored?
Who has access?
How can they revoke it?

Transparency goes beyond good UX. Especially if we apply this best practice of Digital ID implementation to the public sector.

It becomes the foundation of the social contract between users and systems. Without it, even the most secure solutions feel untrustworthy.

Where policy fits, and where it doesn’t

The UK’s ongoing exploration of digital ID frameworks presents a real opportunity for digital transformation.

Estonia implemented a successful Digital ID model on the back of the country’s post Soviet rebuilding efforts and a sentiment amongst the population to not only rebuild but reimagine systems.

As a result, Estonia has become known as the digital state of Europe and has created a highly accessible and inclusive digital environment that has not only enabled faster services but also shorter wait times and greater efficiency in the public sector.

A similar level of standardisation in the UK could reduce duplicated verification work, lower business costs, create consistent assurance levels, and ultimately speed up services across sectors. But while the structural benefits are clear, policy alone won’t solve the underlying trust problem.

Real adoption depends on voluntary participation, clear governance, visible safeguards and user-first design. Without those elements in place, even the most robust technical frameworks will struggle to gain traction, and that’s the part that doesn’t change.

Without that, even the best technical frameworks will struggle.

“The success of Estonia’s digital ID system lies in its commitment to efficiency and direct benefits for its people.”

Digital ID is evolving as technology advances and discussions around it grow. The real opportunity lies in developing interconnected ecosystems where identity, intent, and evidence integrate seamlessly. Trust is built not just through user verification, but by ensuring users understand and feel confident in the process while businesses provide data with clarity and assurance.

A sceptical optimism

I am a sceptical optimist. While I have concerns about the potential misuse of identity systems and do not support mandatory ID, I recognise the genuine benefits that can come from voluntary, privacy-preserving systems designed with real people in mind. 

If we focus on the right incentives, governance, and user experience, we can save people hours of administrative work, reduce fraud, and allow individuals to engage in more meaningful tasks, all without sacrificing their autonomy. It needs to be done with buy-in, responsibly, and the benefits really need to be shouted about.

Digital ID isn’t the destination, it’s the plumbing. What really matters is what it enables, and whether people trust it enough to actually use it. Because in the end, trust isn’t created by identity alone; it’s built through the combination of evidence, experience, and thoughtful design.

Olly Jobling
Product Manager

Olly Jobling is a Product Manager focused on building intuitive digital experiences. He has led product and transformation projects across multiple industries, spanning everything from MVP design to scaling platforms. With a background in engineering, he’s particularly interested in using AI to reduce friction and improve how users interact with software.