The evolution of digital identity in financial services
Recent data breaches and the rise in transactional fraud highlight critical lessons and underscore the need for companies to have a multi-layered approach to security.
This involves combining policies, technology and the human element to protect digital identities. Furthermore, new developments in open finance frameworks have increased the urgency around creating digital identities to prevent unauthorised access to large amounts of personal data online, which is spearheading the development of digital identity frameworks.
Different types of digital ID services
For many years, there were only a few overarching standards or protocols governing how fintech companies or large banks create their technology stacks and choose which solutions to use. Therefore, it was up to them to develop their own proprietary systems in-house or partner with third-party vendors. Today, digital identity services designed to verify, authenticate and manage digital identities across different platforms, applications and other use cases are vast, spanning industries across financial services, healthcare and the government.
The image below shows the different types of digital identity services ranging from identity verification and authentication to identity management and governance.
Types of digital identity services. Source: Omdia
Data privacy regulations are enhancing security and access in open banking and finance
Organisations must follow various data protection regulations to secure personal information. Key examples include Europe’s General Data Protection Regulation (GDPR), which dictates handling personal data; Australia’s Privacy Act, which ensures digital identity programmes follow national laws; and the California Consumer Privacy Act (CCPA), which grants residents rights over their personal information.
These regulations are closely linked to the development of open banking and open finance initiatives, which aim to enhance consumer access to financial services while ensuring strong security and data privacy protections. For example, in Australia, open banking has gained traction through the rollout of the Consumer Data Right framework in 2019, which also marked an important step toward open finance. Regulators in the EU and the UK are also working towards enabling the sharing of open banking-like data with a wider range of financial sectors (for example investments, insurance and pensions).
These developments have increased the urgency for digital identities, enabling users to access large amounts of personal data online securely and in one place. I believe that the availability of private sector solutions will drive the evolution of digital identity, with financial institutions also being able to issue digital identities for others to use, boosting volume and daily usage. However, investment in trust frameworks and governance are paramount. Organisations need business models in place to benefit from the opportunity and to incentivise users and other parties to adopt and use digital identity solutions.
From the perspective of financial services businesses, the product design challenge is to create a technology stack that is scalable across global jurisdictions, which are proximate but not the same. Over time, one might expect regulations in different jurisdictions to converge toward singular standards, but that is likely some distance away. Therefore, technological and design questions exist around products for institutions working in multiple jurisdictions.
EU and UK initiatives are spearheading the development of digital identity frameworks
The EU’s Electronic, Identification, Authentication, and Trust Services 2.0 (also known as eIDAS 2.0) regulation includes the introduction of EU digital identity wallets (EUDIW) issued by EU member states. These wallets enable consumers to store and share their personal and financial information securely across borders. It sets a world standard for managing and using digital identity services and is poised to significantly enhance the framework within which open banking works, promoting a more secure and integrated digital financial ecosystem.
The UK government is actively working on the Digital Identity and Attributes Trust Framework to create a secure and reliable environment for digital identities. This framework outlines the standards and guidelines for organisations offering digital identity services, ensuring they adhere to high levels of privacy, security and data protection. Additionally, the Data (Use and Access) Bill includes measures to establish a statutory basis for digital verification services without creating a mandatory digital ID system or introducing ID cards.
Despite these developments, not all consumers will want to use them, which currently poses risks to widespread adoption. The EU has prioritised inclusion in payment transactions, supported by the new Payment Service Regulation and the Accessibility Act regulations. Consequently, payment service providers (PSPs) must make their offerings as universal and accessible as possible for all user groups. The industry is also exploring ways to make strong and user-friendly authentication accessible to a broader audience. This may involve integrating digital authentication channels, such as proving ownership of desktop PCs, laptops or wearables.
Digital identity services utilising open banking are gaining traction
According to Omdia’s Market Landscape: Digital Identity report, providing digital identity services is among the top five open banking opportunities in 2025. This also indicates that open banking requires more extensive data than just transaction-level or account-level to deliver better quality financial services.
For example, Lloyds Bank in the UK partnered with Yoti in October 2023 to release a new digital ID app using open banking known as Lloyds Bank Smart ID. The app allows users to control and manage their identity data. The launch of this app came after Lloyds Banking Group invested £10 million in Yoti to support the development of a reusable digital identity app aimed at combatting identity fraud. Most recently, three digital ID apps from Yoti, Lloyds Bank and the Post Office have been accredited by the UK’s national Proof of Age Standards Scheme (PASS).
Top open banking opportunities for payment issuers and acquirers. Source: Omdia
Open banking provider Plaid recently launched a new identity verification experience, “Verify once, verify everywhere,” which allows consumers to fast-track verifications across Plaid-powered apps, simplifying onboarding and reducing fraud while remaining KYC-compliant. This system has seen high success rates for many companies, significantly improving user acquisition and reducing onboarding friction and offering an improved user experience without compromising security. By leveraging open banking, Plaid can offer a seamless and efficient verification experience, reducing the need for users to repeatedly verify their identities across multiple Plaid-powered apps and services.
Solution providers must innovate continuously to meet evolving digital identity requirements
While different regions are at different stages of establishing frameworks that allow for secure, accessible and interoperable digital identity systems, these new developments in digital identity services are expected to continue playing out over time.
The outlook for digital identity involves the continuous integration of technological advancements with human factors, such as digital wallets and self-sovereign identity systems. Furthermore, the move towards an open data economy and the rapid evolution of finance (with the development of CBDCs, tokenised deposits and so on) will change how consumers interact with financial services providers. This necessitates the evolution of digital identity systems into more capable solutions in the future, and staying ahead of regulatory changes and developments related to CBDCs will be crucial for building trust and ensuring relevancy.
I believe the only long-term way of addressing risks around the number of gaps between different technologies and products while they are being designed and adopted is to work to a set of high and overarching standards. Solution providers need to innovate continuously to meet evolving digital identity requirements. By doing this, they can enable companies to use modern technologies in order to enhance security, streamline processes and offer personalised services in the future.
About the author
Ouliana Smith is a senior research analyst in Omdia’s Enterprise IT Financial Services Technology team and has 10 years’ experience in financial services. Since joining Omdia in 2022, she has focused on digital transformation in retail banking and fraud solutions with a strong interest in alternative payments.
Ouliana started her career as an associate analyst with Datamonitor, now GlobalData, a global market intelligence provider, where she specialised in cards and payments before later moving into wealth management.
Ouliana holds a first-class honours degree in mathematics from Coventry University and an upper-second-class honours degree in art history from the Open University.
All opinions are her own – feel free to debate and comment below!
