🎯 Intro and Goals
New systems have come up with regard to digital identity, which aim at enhancing power among people and organizations over their personal data. In contrast to traditional systems of identity, often centralized and controlled by an individual entity, modern digital identity solutions intend to provide safe, privacy-preserving identities usable across multiple applications, from financial services to interactions with the government. These systems increase security and user experience, all while decreasing the risks of centrally stored data.
Problem Statement
The greater the momentum in digital identity systems, the greater the challenge: interoperability and compliance across a wide range of standards and protocols. The ecosystem is extremely fragmented, and multiple standards are governing cryptography, data formats, and communication protocols. This puts developers in a complex environment as they have to make sure that the services offered in the issuance and verification of credentials conform to multiple, in some cases conflicting, standards. Besides, it becomes difficult to evaluate and compare these services against expectations of security and privacy reliably for end-users and organizations.
This challenge is further complicated by the fact that key regulations and frameworks are currently being developed and implemented in Europe—for example, the EUDIW, EUDI-ARF, and the updated eIDAS 2.0 regulation—which are surrounded by a lot of uncertainty. These initiatives have the purpose of unifying digital identity across the European Union; however, ongoing discussions and lack of finalized details have kept developers and organizations in limbo. This kind of uncertainty makes it very hard to develop in accordance with possible future requirements while trying to enable compliance. This might act as a barrier to the wide adoption of contemporary digital-identity solutions in Europe.
Most of the solutions today are focused around one standard, or they have very limited functionality; thus, a void exists in the market for a complete tool that can check compliance against a multitude of standards and return findings that are meaningful and actionable. If there is no interoperability and standardization, risks apply to the developers as well as to the wider adoption of digital identity systems, because in such systems, trust and reliability are inseparable.
DIDimo adresses this gap by providing a platform that tests, evaluates, and debugs credential issuers and verifiers against the largest set of standards in the industry for conformance. This not only assisted developers in creating services that were both interoperable and secure but also empowers end-users and organizations to take well-reasoned decisions on the type of digital identity solution that best suits them, despite regulatory uncertainties.