Europe
CardLab has completed FIDO certification and field testing and is releasing a biometric FIDO authentication system built around a smart card that stores biometric templates and cryptographic keys on the card itself.
The platform is positioned as “biometrics-first” and aligned with the direction of the EU Digital Identity Wallet. Its core design principle is on-card processing: biometric data is enrolled, stored and matched on the card, with the private key never leaving the device. CardLab says this supports high-assurance access and offline verification use cases, and complements emerging EU cybersecurity certification expectations for wallet authentication and credential security layers.
Global
Cybernews says it discovered an unsecured database exposing around one billion personal records spanning 26 countries, in what it described as a data leak rather than a hack.
Based on its analysis, Cybernews believes the database belongs to IDMerit, a digital identity verification provider whose data is used by organisations verifying users across multiple markets including the United States, Canada, Australia and Mexico. The incident underlines the operational and governance risks that can emerge when identity data is aggregated and stored without adequate access controls.
United States
LexisNexis Risk Solutions has launched an identity management platform tailored for healthcare, combining identity verification, resolution and enrichment to help organisations manage patient and member identities across the full healthcare journey.
The company says the platform is designed to verify identities, resolve duplicate records and enhance profiles with additional insights to strengthen data integrity, reduce operational risk and support more personalised engagement.
United States
Discord is preparing to expand government ID verification under online safety requirements using Persona, according to reports, after UK users uncovered a publicly accessible US server linked to Persona’s age verification system.
The exposed files reportedly included device identifiers, device fingerprints, geolocation data and linked cryptocurrency wallet addresses associated with users who completed facial scans. The incident has raised concerns about operational security and the scale of data collection that can accompany third-party age verification deployments.
South Africa
President Cyril Ramaphosa has committed to a 2026 rollout for South Africa’s digital identity system as part of a broader push to use digital transformation to improve service delivery.
He said the Department of Home Affairs will launch a Digital ID to support secure access to digital services, alongside plans to digitise driver’s licences, matric certificates and additional government services under the “MyMzansi” roadmap. The government has also pointed to the expansion of Smart ID and passport services via bank branches, and to savings reported from biometric verification in social grant systems.
Ramaphosa acknowledged common concerns around privacy, security and surveillance, and said government will work with civil society to safeguard protections and rights as the programme advances.
United Kingdom
A survey by the Office for Digital Identities and Attributes suggests the UK’s digital verification sector sees significant barriers to international interoperability – and believes government has a role in removing them.
The survey gathered responses from 39 digital verification service providers, with most offering document verification, biometrics and liveness, or identity orchestration, and around half identifying as age assurance providers. Respondents cited diverse regulations, system fragmentation and technical challenges as major barriers, and pointed to potential solutions including political or regulatory agreements for mutual recognition and harmonised adoption of technical standards such as ISO and W3C.
United Kingdom
Meanwhile, the debate over the UK’s digital identity scheme is intensifying ahead of a government consultation, with private sector providers warning they risk being sidelined.
The Association of Digital Verification Professionals says the consultation should address fundamental questions about identity sovereignty, arguing that the Data (Use and Access) Act 2025 points towards a plural, regulated market that gives users choice. The group warns that current proposals could “hard code” a single route in which government-issued credentials are held only in a government wallet and accepted primarily by government services.
United States
SLC Digital and Tracer Labs have announced a partnership combining SIM-based, hardware-rooted authorisation with a reusable digital identity and consent layer.
The companies say the aim is to reduce account takeover by ensuring a verified human is approving actions from a trusted device, while enabling portable, privacy-preserving identity and consent credentials. The partnership will begin with a pilot and is targeting sectors including financial services, telecoms, marketplaces, healthcare, AI platforms and government services.
Indonesia
Telkom Indonesia International (Telin) has partnered with IPification to launch and commercialise Telin Mobile Network Verification, a network-level digital identity solution designed to enable instant user authentication without OTPs or additional apps.
The solution is positioned as “silent” network-based verification, building on a commercial launch with Telkomsel in Indonesia and extending availability through Telin’s relationships across dozens of mobile networks globally.
Global
A new market forecast from ResearchAndMarkets projects the digital identity solutions market will grow from $44.20 billion in 2025 to $132.14 billion by 2031, driven by increased adoption of AI, machine learning and blockchain in identity systems.
The report highlights growth in liveness detection, behavioural biometrics and biometric devices, while noting that privacy concerns around monitoring and biometric storage, along with regulatory uncertainty and limited public awareness, can constrain deployment.
Global
Experian has acquired email identity specialist AtData to expand its digital identity verification and fraud prevention capabilities.
The deal adds data linked to more than 10 billion email addresses globally, with Experian planning to integrate AtData’s real-time signals into its consumer data, analytics and decisioning platforms to strengthen identification, authentication and user engagement.
Malaysia
The International Finance Corporation has announced an equity investment in Zetrix AI Berhad to support blockchain-based digital public infrastructure applications and AI-enabled products in Malaysia and across ASEAN markets.
The investment is intended to support services integrating with Malaysia’s digital ecosystem via MyDigital ID and the Malaysia Blockchain Infrastructure, spanning use cases from digital ID verification to trade digitalisation and tokenisation of real-world assets.
Global
AU10TIX has announced growth milestones including leadership expansion, new board appointments, and continued international expansion, alongside increased investment in proactive risk intelligence.
The company says it is expanding its Fraud Intelligence Hub with dedicated red and blue teams to simulate real-world attacks and strengthen defences. It also highlighted a deployment within an internal Microsoft partner validation solution built on Microsoft Entra Verified ID, reporting a reduction in fake account openings, and noted a new office opening in Sofia, Bulgaria to support European customers navigating evolving regulatory requirements.
Hong Kong
Humanity has announced a shift from its original Proof of Humanity mechanism to a broader Proof of Trust framework, designed to enable verification of user attributes without collecting and storing sensitive personal data.
The company says Proof of Trust expands beyond proving a user is a real person to enabling privacy-preserving proofs of traits such as age, residency, education and employment using zero-knowledge proofs. It also announced plans for a Web2-focused SDK to allow off-chain applications to verify specific credentials, positioning the framework as a trust layer for the internet amid rising AI-driven synthetic identity risks.
