Identity acceptance
Acceptance modelIdentity acceptance is the ability of a business to take in and trust a digital ID a person already holds, instead of making them prove who they are from scratch. Verification creates a new proof; acceptance reuses an existing one, which is faster for the user and cheaper for the business.
See Trinsic coverage →Identity acceptance network
Acceptance modelAn identity acceptance network is infrastructure that connects a business to many digital ID systems at once, so one integration reaches dozens of eIDs, wallets, and credentials across countries. It solves fragmentation: without it, a company would integrate each national scheme one by one.
See the network →Relying party (RP)
Acceptance modelA relying party is the business that needs to verify someone and therefore relies on an identity credential to do it. A bank onboarding a customer, a marketplace vetting a seller, and a retailer checking age are all relying parties. In the EUDI world, relying parties must register before requesting wallet data.
Identity verification (IDV)
Acceptance modelIdentity verification confirms that a person is who they claim to be, traditionally by checking a document and matching a live selfie to it. It answers whether this is a real, valid identity and whether this is the person presenting it. Acceptance builds on top of IDV by reusing identities already verified once.
Reusable identity
Acceptance modelReusable identity is a verified identity a person can present again and again without redoing the full check each time. Once verified, it is held in a wallet or account and reused across services, cutting onboarding friction and fraud. It is the model behind bank IDs like BankID and itsme.
See coverage →Broker or intermediary
Acceptance modelA broker, or intermediary, sits between a relying party and an identity source, translating one request into the many protocols each source speaks. In some markets, rules require a registered intermediary to connect to a national scheme. Trinsic acts as this layer so a business does not have to.
Orchestration
Acceptance modelOrchestration is the routing logic that decides which identity method to use for a given user, country, or risk level, and falls back to another if the first is unavailable. Good orchestration lifts conversion by always offering a method the user can actually complete.
Coverage
Acceptance modelCoverage is the set of countries and identity methods a provider can actually verify against. It is the honest measure of an acceptance network: not how many logos are on the page, but how many real users in how many markets you can verify today.
Explore coverage →Digital ID
Digital ID typesA digital ID is an electronic credential that proves attributes about a person, such as name, date of birth, or nationality, in a way a business can trust. It can live in a government app, a bank login, a mobile wallet, or a smart card, and can range from a full identity to a single attribute.
Types of digital IDs (docs) →eID (electronic identity)
Digital ID typesAn eID is a government-recognized digital identity used to log in and prove who you are online, often issued or accredited by a national scheme. Examples include Sweden BankID, Belgium itsme, and Estonia ID-kaart. Adoption is high where the private sector drives it: BankID reaches about 97 percent in Norway.
See eID coverage →Mobile driver's license (mDL)
Digital ID typesA mobile driver's license is a driver's license issued to a phone as a cryptographically signed credential, built to ISO/IEC 18013-5. It can prove identity or a single fact like age, in person or online. US state rollouts and Apple, Google, and Samsung wallets are driving adoption.
Age assurance solution →EUDI Wallet (European Digital Identity Wallet)
Digital ID typesThe EUDI Wallet is the EU official digital identity wallet, mandated by eIDAS 2.0, that every member state must offer citizens. It holds a verified identity plus attestations like diplomas or age, presented selectively. Businesses in regulated sectors will be required to accept it as rollout proceeds through 2026 and 2027.
Understand EUDI →Bank ID
Digital ID typesA bank ID is a digital identity issued through the banking system and reused to log in and verify identity elsewhere. Because banks already run strong know-your-customer checks, bank IDs carry high assurance and near-universal reach in some markets, such as itsme in Belgium at roughly 80 percent.
Fintech and KYC →Government wallet
Digital ID typesA government wallet is a state-issued app that holds official credentials such as a national ID, driver's license, or residence permit. EUDI wallets, US state mDL wallets, and national apps like Singapore Singpass are examples. They matter because they carry government-level assurance.
OEM wallet
Digital ID typesAn OEM wallet is a digital wallet built into a device platform, namely Apple Wallet, Google Wallet, and Samsung Wallet. OEM wallets are becoming a primary place people store mDLs and other credentials, which makes device-native acceptance a growing requirement.
National ID
Digital ID typesA national ID is the identity credential a country issues to residents, increasingly with a digital form. Coverage and openness vary widely: some national IDs can be queried by businesses, others are restricted to government use.
Verifiable credential (VC)
Digital ID typesA verifiable credential is a tamper-evident digital credential whose authenticity can be checked cryptographically, without calling back to the issuer. The W3C Verifiable Credentials data model is the common standard. VCs let a person prove a claim while the verifier trusts the signature rather than a central lookup.
Digital credential
Digital ID typesA digital credential is any signed electronic statement about a subject, from a full identity to a single attestation like a professional license or an age proof. It is the general category that verifiable credentials, mdocs, and SD-JWTs all fall under.
PID (Person Identification Data)
Digital ID typesPID is the core identity data set inside an EUDI Wallet: the attributes that establish who you are, such as name, date of birth, and a unique identifier. PID is the foundation other attestations attach to.
Understand EUDI →mdoc
Digital ID typesAn mdoc is the ISO-standard credential format used by mobile driver's licenses and related documents, defined under ISO/IEC 18013-5. It is optimized for offline, in-person presentation as well as online use under 18013-7.
eIDAS
Regulation & complianceeIDAS is the EU regulation that gives electronic identification and trust services legal standing across member states. The original 2014 regulation created recognized national eIDs and qualified signatures. Its successor, eIDAS 2.0, introduces the EUDI Wallet.
Understand EUDI →eIDAS 2.0
Regulation & complianceeIDAS 2.0 is the 2024 update to eIDAS that mandates a European Digital Identity Wallet for every member state and, crucially for business, requires many private-sector relying parties to accept it. It shifts digital identity in Europe from optional to expected.
Get EUDI-ready →AMLR (Anti-Money Laundering Regulation)
Regulation & complianceAMLR is the EU single, directly applicable anti-money-laundering rulebook, replacing the patchwork of national transpositions with one standard. It applies from July 2027 and tightens customer due diligence for banks, fintechs, and crypto. For those firms, verifying identity to a common high bar becomes mandatory.
Fintech and KYC →AML (anti-money laundering)
Regulation & complianceAML is the body of law and process that stops criminals from disguising illicit funds as legitimate income. In practice it means verifying who your customers are, monitoring their transactions, and reporting suspicious activity. Identity verification is the front door of any AML program.
KYC (Know Your Customer)
Regulation & complianceKYC is the requirement to verify a customer identity before and during a business relationship, core to financial regulation worldwide. It typically means confirming identity, screening against watchlists, and assessing risk. Strong digital IDs make KYC faster and harder to fake.
Fintech and KYC →KYB (Know Your Business)
Regulation & complianceKYB is KYC applied to companies: verifying that a business is real, legitimate, and controlled by the people it claims. It includes confirming registration, ownership, and the identity of beneficial owners and signatories. It is central to onboarding business customers and marketplace sellers.
CDD (customer due diligence)
Regulation & complianceCustomer due diligence is the risk-based process of identifying a customer, understanding the purpose of the relationship, and monitoring it over time. Enhanced due diligence applies to higher-risk cases. CDD is the operational heart of AML compliance.
Age assurance
Regulation & complianceAge assurance is the umbrella term for confirming a person meets an age requirement, spanning everything from self-declaration to hard verification. Regulators increasingly demand methods that are accurate and privacy-preserving. A digital ID can prove someone is over 18 without revealing a birth date.
Age assurance solution →Age verification
Regulation & complianceAge verification is the stricter end of age assurance: proving a specific age or age band from a trustworthy source rather than estimating or asking. Digital IDs and mDLs suit it well because they can attest age as a single verified fact.
Age assurance solution →Online Safety Act (UK)
Regulation & complianceThe Online Safety Act is UK law requiring platforms to protect users, including enforced age checks for services hosting adult or harmful content. Enforcement began in 2025, with the regulator Ofcom opening investigations and issuing fines. It is a live driver of age-verification demand.
UK solution →Digital Services Act (DSA)
Regulation & complianceThe DSA is the EU law governing how online platforms handle illegal content, transparency, and user protection. For marketplaces it includes trader verification duties, which pull identity checks into e-commerce onboarding.
Marketplaces solution →INFORM Consumers Act
Regulation & complianceThe INFORM Consumers Act is US law requiring online marketplaces to verify high-volume third-party sellers, aimed at curbing the sale of stolen and counterfeit goods. It makes seller identity verification a compliance requirement, not a choice.
Marketplaces solution →GDPR
Regulation & complianceGDPR is the EU data protection regulation, setting rules for how personal data is collected, used, and stored. It rewards data minimization, which is exactly what selective disclosure from a digital ID delivers: prove what is needed, share nothing more.
DORA (Digital Operational Resilience Act)
Regulation & complianceDORA is the EU regulation requiring financial firms to withstand and recover from technology disruptions, including risks from third-party providers. It matters to identity because verification vendors become part of a regulated firm operational-resilience obligations.
PSD2 and SCA
Regulation & compliancePSD2 is the EU payments directive, and strong customer authentication (SCA) is its requirement that certain transactions be confirmed with two independent factors. eIDs and wallets are increasingly used to satisfy SCA, tying identity and payments together.
FATF
Regulation & complianceThe Financial Action Task Force is the global body that sets anti-money-laundering and counter-terrorist-financing standards, which countries then implement. FATF guidance shapes how digital identity is accepted for KYC worldwide.
PEP (politically exposed person)
Regulation & complianceA PEP is someone in a prominent public role, or close to one, who therefore carries higher corruption and bribery risk. AML rules require enhanced due diligence for PEPs, so screening for PEP status is a standard onboarding step.
Sanctions screening
Regulation & complianceSanctions screening checks a person or business against government watchlists of restricted parties, at onboarding and continuously. Reliable identity data is what makes screening accurate rather than a source of false matches.
Right to work
Regulation & complianceRight to work is the requirement to confirm a person is legally permitted to work in a jurisdiction before employing them. In the UK it can now be satisfied through certified digital identity services, which is why employment platforms are adopting digital ID.
UK solution →ISO/IEC 18013-5
Standards & technologyISO/IEC 18013-5 is the international standard that defines the mobile driver's license, including how it is presented and verified in person and offline. It is why an mDL from one issuer can be read by a compliant verifier anywhere.
ISO/IEC 18013-7
Standards & technologyISO/IEC 18013-7 extends the mDL standard to online, unattended presentation, so a mobile driver's license can verify identity over the web, not just in person.
OpenID4VP (OpenID for Verifiable Presentations)
Standards & technologyOpenID4VP is the open protocol for requesting and presenting verifiable credentials from a wallet to a verifier. It is a core building block of EUDI Wallet acceptance and of interoperable digital identity generally.
OpenID4VCI (OpenID for Verifiable Credential Issuance)
Standards & technologyOpenID4VCI is the companion protocol for issuing credentials into a wallet. Together with OpenID4VP it covers the two halves of a wallet ecosystem: getting credentials in, and presenting them out.
SD-JWT (Selective Disclosure JWT)
Standards & technologyAn SD-JWT is a credential format that lets the holder reveal only chosen fields from a signed token while keeping the rest hidden, and lets the verifier still trust the signature. It is a leading format for privacy-preserving credentials, including in the EUDI ecosystem.
W3C Verifiable Credentials
Standards & technologyThe W3C Verifiable Credentials data model is the open standard for expressing tamper-evident digital credentials on the web. It underpins much of the interoperable, wallet-based identity world.
Selective disclosure
Standards & technologySelective disclosure is the ability to share only the specific facts a verifier needs, such as being over 18, without exposing the whole document. It is the mechanism behind privacy-preserving verification and a direct fit for data-minimization rules like GDPR.
Zero-knowledge proof (ZKP)
Standards & technologyA zero-knowledge proof lets someone prove a statement is true without revealing the underlying data, for example proving age is over 18 without disclosing the birth date. It is the strongest form of privacy-preserving verification.
Level of assurance (LoA)
Standards & technologyLevel of assurance is the confidence that an identity is genuine and belongs to the person presenting it. eIDAS defines three levels: low, substantial, and high. Matching the assurance level to the risk of the transaction is the core design decision in any verification flow.
Assurance framework (docs) →Biometric verification
Standards & technologyBiometric verification confirms a person by a physical trait, most commonly a face match between a live selfie and a document photo. It binds a real human to a credential, which is what stops a stolen document from being enough.
Liveness detection
Standards & technologyLiveness detection, also called presentation attack detection, checks that a biometric comes from a real, present person rather than a photo, mask, screen, or deepfake. It is what makes a selfie check trustworthy.
Presentation attack
Standards & technologyA presentation attack is an attempt to fool a biometric check with a fake artifact such as a printed photo, a replayed video, or a mask. Defending against it is the job of liveness detection.
Document verification
Standards & technologyDocument verification checks that an identity document is genuine, unaltered, and valid, by inspecting security features, fonts, and data consistency. It is the traditional first step of IDV, and increasingly the fallback when a digital ID is not available.
NFC chip reading
Standards & technologyNFC chip reading verifies a passport or ID card by reading the cryptographically signed chip inside it with a phone. Because the chip data is signed by the issuing authority, it is far harder to forge than a photo of the document.
QES (Qualified Electronic Signature)
Standards & technologyA QES is the highest legal tier of electronic signature under eIDAS, carrying the same legal effect as a handwritten signature across the EU. It requires a verified identity behind it, which links signing to identity verification.
QEAA (Qualified Electronic Attestation of Attributes)
Standards & technologyA QEAA is an attestation of a specific attribute, such as a professional qualification, issued by a qualified trust service provider under eIDAS 2.0. It is how high-assurance claims beyond core identity travel inside the EUDI ecosystem.
EAA (Electronic Attestation of Attributes)
Standards & technologyAn EAA is a non-qualified attestation of an attribute, the lighter-weight sibling of the QEAA. Both let a wallet carry verified facts about a person beyond their core identity.
Trust framework
Standards & technologyA trust framework is the set of rules, roles, and accreditation that lets parties who do not know each other trust the same credentials. The UK digital identity trust framework and the EUDI architecture are examples. It turns a pile of credentials into an ecosystem.
Digital Verification Services (DVS)
Standards & technologyDVS is the UK governance regime for accredited digital identity providers, giving certified services legal standing for uses like right to work and right to rent. Certification under it is what lets UK businesses rely on a digital ID.
UK solution →Trust service provider (TSP)
Standards & technologyA trust service provider is an accredited entity that issues trust services such as qualified signatures, seals, or attestations under eIDAS. Qualified TSPs meet the highest bar and appear on national trusted lists.
Synthetic identity
Fraud & riskA synthetic identity is a fabricated identity built by combining real and fake data, such as a real government number with an invented name. It is one of the fastest-growing fraud types because it does not map to a single real victim who would report it. Verifying against authoritative sources is the main defense.
Deepfake
Fraud & riskA deepfake is AI-generated or AI-altered media, such as a synthetic face or voice, used to impersonate a real person or fabricate one. Deepfakes attack biometric checks directly, which is why liveness detection and government-backed credentials are becoming essential.
Account takeover (ATO)
Fraud & riskAccount takeover is fraud where an attacker gains control of a legitimate user account, usually through stolen credentials. Re-verifying identity at high-risk moments, rather than trusting a password, is the counter.
Identity fraud
Fraud & riskIdentity fraud is the use of someone else identity, or a fabricated one, to gain money, goods, or access. Stronger, government-backed digital IDs raise the cost of committing it because they are far harder to forge than documents and selfies.
Impersonation
Fraud & riskImpersonation is pretending to be a specific real person to defeat a verification step. As generative AI makes impersonation cheap and convincing, verification is shifting toward cryptographically signed credentials that a fake face cannot satisfy.