Digital Identity & Trust Infrastructure

Overview

Executive Summary

The EU’s eIDAS 2.0 regulation requires every member state to provide at least one European Digital Identity Wallet (EUDI Wallet) to citizens and businesses by the end of 2026. From 2027, banking, telecoms, healthcare, and education must accept it.
The decentralised identity market is projected to reach $7.4 billion in 2026, growing at 50%+ CAGR. Large enterprises captured 67% of market revenue in 2025.
The technology stack — Decentralised Identifiers (DIDs), Verifiable Credentials (VCs), and digital wallets — has matured from proposals to binding regulation and enterprise deployment.
68% of Fortune 500 companies were piloting blockchain-based identity by Q3 2025 for employee onboarding, supply chain verification, and contractor checks.
The convergence with AI is creating a new infrastructure layer: verifiable credentials as a trust and permission system for autonomous AI agents operating across organisational boundaries.

Market

Market Snapshot

$7.4B

Decentralised Identity Market 2026

50%+ CAGR through the decade

67%

Large Enterprise Market Share 2025

Weaving DIDs into existing IAM

68%

Fortune 500 Piloting

By Q3 2025

End 2026

EUDI Wallet Deadline

Every EU member state

$28B

ZKP Total Value Locked 2025

Enterprise ZKP adoption growing

37%

Jurisdictions with Clear Rules

As of Q3 2025

Architecture

How Decentralised Identity Works

Issue

A trusted authority (government, university, employer) issues a Verifiable Credential, digitally signed in a tamper-proof container.

→

Hold

The user stores the credential in their digital wallet. They control what they share and with whom. No central database holds the data.

→

Verify

A relying party verifies the credential using cryptography alone. No callback to the issuer. Instant, privacy-preserving, tamper-proof.

Components

The Three Pillars

Decentralised Identifiers (DIDs)

Globally unique identifiers on a blockchain, independent of any organisation.
W3C DID v1.1 Candidate Recommendation published March 2026.
Users create multiple DIDs for different contexts (work, education, government).
Controller proves ownership without permission from any other party.

Verifiable Credentials (VCs)

Digitally signed containers of identity data: passports, degrees, licences, certifications.
Verified by cryptography alone. No database lookup or issuer callback needed.
Issued once, verified many times. Revocation support when status changes.
Fake diplomas alone are a billion-dollar industry. VCs solve this in seconds.

Digital Wallets

Store and manage VCs, giving users control over sharing and consent.
EUDI Wallet: most consequential deployment vehicle, reaching hundreds of millions.
Interoperability across credential types: mDL, Digital Travel Credentials, ICAO specs.
Multi-protocol support is the key differentiator for wallet platforms.

Regulation

eIDAS 2.0: Binding Law, Fixed Deadlines

May 2024: eIDAS 2.0 enters into force as binding EU law

↓

End 2026: Every member state must deploy at least one EUDI Wallet

↓

2027: Banking, telecoms, healthcare, education, large platforms must accept it

↓

Organisations serving EU markets without eIDAS assessment are already late

Global Landscape

EU: eIDAS 2.0 gives blockchain-based identities full legal standing.
Estonia: Operating decentralised identity infrastructure for over a decade. Reference implementation.
US: Fragmented. Only 17 states with specific legislation.
Global: 37% of jurisdictions have clear rules (Q3 2025). W3C DID standard pushing toward universality.

Deployment

Enterprise Use Cases

Use Case	Current Pain Point	VC/DID Solution
Customer onboarding / KYC	Repetitive uploads, high abandonment	Issue once, verify many times. Revocation on status change.
Employee credentials	Siloed IAM, re-onboarding across apps	Portable credentials verified instantly across departments.
Professional licensing	Months for verification (e.g. nursing)	QR scan, instant cryptographic confirmation.
Supply chain verification	Manual checks, inconsistent records	Tamper-proof credentials for suppliers and couriers.
Education credentials	Fake diplomas, weeks to verify	University-issued VCs verified in seconds.
Age / eligibility	Over-collection of personal data	ZKPs: prove “over 18” without revealing date of birth.

Dominant pattern: pragmatic overlay on existing OAuth/SAML stacks for specific workflows, not wholesale replacement.

AI + Identity

The AI Convergence

AI Agents Need Identity

AI agents operating across organisational boundaries need verifiable identity, delegated authority, and permissioned data access.
VCs provide a trust layer: AI systems consume authenticated data and act with provable authority.
Example: AI processing a loan application receives cryptographically signed income/employment attestations directly.
Reduces fraud risk and enables automation of workflows requiring human verification today.

Zero-Knowledge Proofs

ZKPs enable verification without data disclosure: prove a claim is true without revealing the underlying data.
ZKP sector: $28B total value locked in 2025. Market projected at $7.59B by 2033 (22.1% CAGR).
Enterprise adoption growing alongside blockchain-native applications.
Mobile-optimised ZKPs targeting sub-1-second verification on device.

Business Models

Where Value Accrues

Wallet Providers

Compete on interoperability, UX, and credential type range. EUDI Wallet mandate creates a government-controlled distribution channel. Revenue from premium enterprise features and cross-border services.

Infrastructure Platforms

Tooling for issuing, verifying, and managing credentials. Middleware layered into existing enterprise IAM. Recurring revenue from verification volume, not wallet downloads.

Trust Registries

Governance frameworks that make credentials meaningful across borders and sectors. The institutional layer. Value increases with network scale and regulatory integration.

Monitoring

What to Watch: Key Indicators

EUDI Wallet Deployment

Member state rollout pace. Wallet downloads. Sector-specific acceptance mandates kicking in 2027.

Enterprise Integration

Fortune 500 moving from pilots to production. VC-based KYC adoption in financial services.

Interoperability Standards

W3C DID v1.1 formal adoption. Cross-protocol credential exchange. EUDI compatibility with non-EU systems.

AI Agent Identity

Verifiable credential frameworks for autonomous AI systems. ProvenAI and similar trust layers gaining traction.

US Regulatory Movement

Federal digital identity legislation. State-level expansion beyond current 17. Bipartisan momentum signals.

ZKP Maturity

Mobile verification speeds. Enterprise ZKP deployment beyond crypto-native use cases.

Conclusion

Conclusion & Takeaways

Digital identity is shifting from a repeated burden to a reusable, cryptographically verifiable asset. The technology is mature; the regulatory catalyst is live.
eIDAS 2.0 creates the clearest demand signal: a binding deadline (end 2026), a mandatory acceptance requirement (2027), and a continent-scale distribution vehicle (EUDI Wallet).
Enterprise adoption follows a pragmatic overlay model: verifiable credentials alongside existing OAuth/SAML, not replacing them. Wholesale replacement projects fail.
The AI convergence creates a new infrastructure opportunity: verifiable credentials as the trust layer for autonomous AI agents, enabling permissioned data access and delegated authority at scale.
Investment thesis centres on verification volume, not wallet installs. Companies positioned as eIDAS compliance infrastructure with cross-border interoperability have the clearest demand catalyst.