Tag: identity

Trust, innovation and interoperability: key insights from AAMVA conference.

Posted on by Leave a comment

Phoenix, Arizona – October 2025 – Fime participated in the AAMVA Relying Party Showcase and the AAMVA International Conference, reinforcing its leadership in advancing secure, interoperable, and scalable digital identity solutions.

The Showcase gathered issuers, wallet providers, reader providers, DMVs, and technology companies under one roof to demonstrate real-world mobile driver’s license (mDL) use cases. Fime’s delegation, including Marcelo Bellini, VP Digital Identity at Consult Hyperion, Consulting by Fime, Gregory Tierno, Business Development Director, Jerrin Thomas, Service Line Manager, and Gaurav Manchanda, Product Manager, participated in both the showcase and conference sessions.

Panel: ensuring trust in digital credentials.

As part of the panel “Ensuring Trust in Digital Credentials in North America and Beyond,” moderated by Tim Roufa Portfolio Director for Identity Credentialing at AAMVA, thought leaders came together to share their perspectives on scaling digital identity. Panelists included Luis Felipe Segura, Field CTO at Incode, Christopher Goh, International Advisor at Valid8 Advisory and Marcelo Bellini.

Marcelo emphasized the role of testing and certification in building trust within the mDL ecosystem, drawing lessons from the payments industry, where testing and certification enabled global scale. He highlighted global digital identity deployments across the EU, Japan, and Australia. Marcelo also underlined the importance of a Digital Trust Service (DTS), such as the one operated by AAMVA, in supporting adoption and scalability.

Demo highlight: two taps to trust.

One of the showcase highlights was the collaboration between Consult Hyperion and Zebra Technologies presenting a live demo, which illustrated how identity verification and payments can be seamlessly managed on a single handheld Contactless Payment ready mobile device (COTS).

The demo featured:

  • Identity verification using a production Georgia mDL stored in Apple and Google Wallets.
  • Payment transactions with production Mastercard and Visa EMV contactless cards.
  • Public key retrieval from the AAMVA Digital Trust Service, enabling the relying party to securely trust the mDL.
  • A COTS contactless payment device that scans product barcodes, triggers an ID check for age restricted items (e.g., alcohol) and processes payment – all in just two taps: one for identity and one for payments.

The demonstration was praised by attendees for its simplicity, practicality, and potential to transform multiple industries, from stadiums and public transport to law enforcement, alcohol retail, and grocery stores.

“This use case really shows the power of convergence between identity and payments,”

said Greg Tierno, Business Development Director at Fime.

“Having both functions on a single, easy-to-use handheld device makes life simpler for merchants, law enforcement, and consumers alike. It’s a practical, scalable solution that lowers friction and raises trust – exactly what the ecosystem needs to accelerate adoption.”

Building ecosystem momentum.

Following the Showcase, Fime also took part in the broader AAMVA International Conference, engaging with issuers, wallet providers, reader providers, biometric solution companies, and technology vendors. The event offered an unparalleled opportunity to network, exchange insights, and accelerate collaboration towards a trusted digital credential future.

“Our successful demonstration with Zebra underscores the transformative potential of combining digital identity and payments in a single, trusted device,”

added Marcelo Bellini, VP Digital Identity at Consult Hyperion, Consulting by Fime.

Acknowledgement

Fime extends its gratitude to AAMVA and its organizers for hosting a world-class event that continues to drive meaningful dialogue, collaboration, and innovation across the digital identity ecosystem.

Work with an expert partner for a secure digital future.

mDLs are moving quickly from pilots to real deployments, and relying parties must be prepared. At Consult Hyperion, we help organizations bridge the gap between initial awareness and production-level implementation.

Our support spans the full journey: from masterclasses and tailored workshops to build understanding, through business case development to justify investment, and market and vertical analysis to identify opportunities. We assist with use case definition, technical requirements, and RFI/RFP support, helping you select the right vendors and solutions and provide implementation support. And through thought leadership collaborations, we share insights that keep you ahead of the curve.

Our goal is simple: to give you a clear strategy, a strong business case, and a trusted path to deploy mDLs with confidence.

Learn more about Digital identity: a new frontier for payment terminal vendors.

Contact us today for implementation support.

Strategic readiness in Payments and Identity: building the digital economy’s bullet train.

Posted on by Leave a comment

The very notion of “strategic readiness” in payments and identity has evolved far beyond routine system upgrades or incremental tweaks. We’re no longer simply replacing the boiler in a Victorian banking house—we’re laying track for the bullet train of the digital economy. This seismic shift demands a fundamental rethink of infrastructure, ideology, and strategic vision.

At this inflection point, identity, reputation, and tokenized value are no longer discrete elements—they are converging into a seamless, dynamic ecosystem. The future of payments is about more than speed or scale; it’s about embedding trust, context, and programmability into every transaction. This is a call to action for payment providers, technology architects, and financial institutions: it’s time to prepare not just for the next upgrade, but for a new paradigm.

1. Tokenization: the new grammar of value

Tokenization is often misunderstood as merely a technical means of wrapping assets digitally. Tokenization represents a profound shift: money that understands us. Tokens are not just containers of value; they encode conditions, context, and control into the very fabric of money itself.

This is programmable money—value with an API. It can carry rules about who can spend it, when, where, and under what conditions. It can embed compliance, privacy, and even reputation directly into the token. This new grammar of value is rewriting the rules of payments, loyalty, and identity.

Strategic imperatives:
The readiness challenge goes beyond adopting standards like ISO 20022 or C-8. It requires building platforms capable of handling multi-asset token models—fiat currencies, CBDCs, stablecoins, loyalty points, and reputation tokens—simultaneously. These tokens must interoperate across chains, jurisdictions, and regulatory frameworks.

Tactical considerations:

  • Can your platform manage multi-asset token models?
  • Are your tokens programmable with embedded policies, metadata, and rules?
  • Can tokens interoperate across different blockchain networks and regulatory environments?
  • Do you treat tokens as carriers of identity and entitlement, not just value?

Inspiration:
The future belongs to platforms that treat tokens as flexible, composable building blocks—not static assets.

CBDCs: Central banks worldwide are exploring programmable digital currencies that embed monetary policy and compliance rules at the token level.

Stablecoins and Loyalty Tokens: Brands are experimenting with tokens that combine value with customer reputation and engagement metrics.

2. Global standards: strategic alignment beyond interoperability

Standards like ISO 20022, ATICA, and C-8 are often viewed narrowly as technical interoperability tools. They represent strategic battlegrounds for influence and alignment.

Money is becoming more abstract and global, making cross-jurisdictional alignment essential. Standards are the rails on which the digital economy’s bullet train runs. Getting them right means seamless connectivity; getting them wrong means fragmentation and isolation.

Strategic imperatives:
True readiness means engaging proactively in standards governance. It means seeing standards not as a compliance checklist but as a diplomatic and strategic game. Just as 19th-century railway gauges determined economic dominance, modern standards will determine who controls the rails of digital payments and identity.

Tactical considerations:

  • Have you mapped your organization’s position in evolving standards?
  • Are you investing in interoperability by design, bridging legacy and emerging systems?
  • Are you actively participating in standards bodies and governance forums? 


Inspiration:
The winners in the next decade will be those who shape standards, not just follow them. Open banking initiatives worldwide demonstrate how early movers in standards governance gain competitive advantage and market influence.

3. Digital identity: the strategic spine of future payments

Identity is shifting from a static presentation to a dynamic performance. It’s no longer a simple credential shown at a single point in time, but a persistent, evolving construct that draws from social, legal, and behavioral data streams.

This shift has profound implications for payments. Authentication is no longer about passwords or PINs—it’s about a rich tapestry of biometric signals, device fingerprints, and behavioral biometrics that collectively redefine trust. This isn’t just a technical upgrade; it’s a wholesale redesign of how trust is established and maintained in digital interactions.

Strategic imperatives:
Because identity is the foundation upon which all payments rest. Without a robust, flexible, and user-centric identity layer, payments remain vulnerable to fraud, friction, and exclusion. But when identity becomes fluid, portable, and programmable, it unlocks new possibilities: seamless onboarding, frictionless authentication, and privacy-preserving data sharing.

Embedding a context-aware identity layer is no longer optional—it’s foundational. This means integrating verifiable credentials, decentralized identity (DID) frameworks, and self-sovereign identity (SSI) principles directly into payment platforms. Identity must be treated as a living asset that travels with the user across ecosystems, rather than a siloed attribute locked inside a single institution.

Tactical considerations:

  • Infrastructure readiness: Does your system support verifiable credentials and decentralized identity frameworks?
  • Contextual authentication: Have you deployed multi-factor, behavioral, and device-bound authentication methods?
  • Portability: Can users carry their identity credentials across platforms and services?
  • Privacy controls: Are privacy settings granular, user-centric, and programmable to adapt to different contexts?

Inspiration:
The institutions that lead the next wave will be those that treat identity not as a compliance hurdle but as a strategic asset—one that enables trust, inclusion, and innovation.

Nordic BankID: A leading example of a national digital identity platform enabling seamless authentication across banking, government, and commerce.

India’s Aadhaar: A massive biometric identity system that powers a range of financial inclusion initiatives and digital payments.

4. The future-proofing mandate: architecting for ambiguity and agility

Future-proofing is often mistaken for predicting the next big thing. In reality, it’s about designing systems that thrive amid uncertainty and change. The real currency of the next decade is optionality—the ability to pivot, adapt, and compose new solutions rapidly.

Monolithic architectures and tightly coupled ecosystems are liabilities in this environment. Instead, the future belongs to modular, composable platforms that can integrate new identity models, token types, and regulatory requirements without wholesale rewrites.

Strategic imperatives:
Build with composability and modularity at the core. Adopt open token standards, modular identity stacks, and orchestration layers that enable dynamic rule enforcement. Embrace cloud-native, API-first, and event-driven architectures that support rapid innovation.

Tactical considerations:

  • Is your architecture truly composable and plug-and-play?
  • Are your systems event-driven and cloud-native?
  • Is your data layer decoupled from service layers to enable seamless migration?
  • Have you invested in orchestration tools for dynamic policy enforcement?

Inspiration:
Look at the tech giants who thrived in the internet era: they weren’t oracles predicting trends—they were architects building platforms that could evolve. The same mindset is essential for payments and identity today.

Final thought: lead with vision, not nostalgia

The opportunity to lead this transformation is immense—but only if leadership embraces a new mandate. The goal is not to preserve legacy systems or replicate old models digitally. It’s to reimagine what payments, identity, and value can become in a connected, programmable world. Digital infrastructure is no longer a compliance burden; it’s a civilizational substrate. The future belongs to those who treat it as such—building with courage, curiosity, and a refusal to mistake digitization for transformation. Remember: the payments game is being played by actors who have no interest in being banks. The disruptors, platforms, and protocols are rewriting the rules. Are you ready to lead?

The Identity of Things: Products and Provenance

Posted on by 2 Comments
blue and yellow phone modules

If we think about the idea of digital identity in the internet of things then luxury goods such as watches make for an interesting example. How would you tell a fake Rolex from a real one in an always-on, interconnected world? You might say just put a hologram in it, or a chip that can’t be forged or something. And these might be good starting points but it’s a much more complicated problem than it seems at first.

Let’s think about secure microchips. Suppose contactless technology is used to implement some kinds of ID for the Internet of Things (IDIoT) for luxury goods. If I see a Gucci handbag on sale in a shop, I will be able to wave my mobile phone over it and read the IDIoT. My mobile phone can decode the IDIoT and then tell me that the handbag is Gucci product 999, serial number 888. This information is, by itself, of little use to me. I could go onto the Gucci-lovers website and find out that product 999 is a particular kind of handbag, but nothing more: I may know that the chip in the handbag label is ‘valid’, but that doesn’t tell much about the bag. For all I know, a bunch of tags might have been taken off of real products and attached to fake products.

To know if something is real or not, I need more data. If I wanted to know if the handbag were real or fake, then I would need know about the provenance as well as the product. The provenance might be distributed quite widely between different organisations with different drivers (this is why many people are keen on the using the blockchain as a means to co-ordinate and obtain consensus in such an environment). The retailer’s system would know from which distributor the bag came; the distributor’s system would know from which factory the bag came and Gucci’s system would know who stitched and where the components came from, a supplier system would know that the material came from sustainable hippos or whatever else it is they make handbags from. I would need access to these data to get the data I would need to decide whether the bag is real or fake. (Of course, I might want access to other data to give me more information to support my purchases decisions too. Such as ethical data for example: Who guarantees that my new jeans were not made by children and so on?)

This is a critical point. The key to all of this is not the product itself but the provenance. A secure system of provenance (for example) is the core of a system to tell real from fake at scale.

Provenance

Who should control the provenance of a product, and who should have access to the all or part of that provenance, is rather complicated. Even if I could read some identifier from the product, why would the retailer, the distributor or Gucci tell me anything about the provenance? How would they know whether I am a retailer, one of their best customers, one of their own ‘brand police’, a counterfeiter (who would love to know which tags are in which shops and so on) or a law enforcement officer with a warrant?

This is where the need for a digital identity comes into the picture. A Gucci brand policeman might wave their phone over a bag and fire off a query: the query would have a digital signature attached (from secure hardware in the mobile phone, as in iPhones, for example) and the provenance system could check that signature before processing the query. It could then send a digitally signed and encrypted query to the distributor’s system which would then send back a digitally signed and encrypted response to be passed back to the brand policeman: ‘No we’ve never heard of this bag’ or ‘We shipped this bag to retailer X on this date’ or ‘We’ve just been queried on this bag in Australia’ or something similar.

(And, of course, each time an IDIoT is created, interrogated, amended or removed from the system, the vent will be recorded on a shared ledger to guarantee the integrity.)

The central security issue for brand protection is therefore the protection of (and access to) the provenance data. Who exactly is allowed to scan my pants and under what circumstances? If I give my designer shirt to a charity shop, what information should they learn about the idea? An approach to this issues that uses the right combination of tools (ie, using secure chips to link the provenance on a shared ledger to the physical objects) will deliver a powerful new platform for a wide variety of potential services.

What might these services be? I don’t know, because I’m only a consultant and can’t afford luxury goods but perhaps if such a system adds £20 to the price of a Rolex to implement this infrastructure, so what? The kind of people who pay £5,000 for a Rolex wouldn’t hesitate to pay £5,020 for a Rolex that can prove that it is real.

In fact, such a provenance premium might be rather popular with people who like brands. Imagine the horror of being the host of a dinner party when one of the guests glances at their phone and says “you know those jeans aren’t real Calvin Klein, don’t you?”. Wouldn’t you pay an extra £5 for the satisfaction of knowing that your snooping guest’s app is steadfastly attesting to all concerned that your jeans, watch and sunglasses are all real? Of course you would.

This international identity day, remember that identity is not just for people. It is for droogs and droids, pants and pets. The digital identity infrastructure that we need for the future is for everything. Everything.

Identity really is the new money

Posted on by Leave a comment
close up of hand holding text over black background

Today is International Identity Day supported by the many organisations around the world seeking to address the huge inclusion issues caused by a lack of digital identity. It is tempting to think that this is a mainly developing world issue and that in the developed world the lack of digital identity services is more of an inconvenience than a real problem. Here in the UK, however there are still up to 5m people who struggle to access financial services because they do not have the right documents or data. More on that in our recent report.

Something I’ve been thinking about quite a bit this year is interplay between Digital Identity and Central Bank Digital Currency (CBDC). What’s that got to do with the pressing need to give effective digital identity to those that need it most? Two things really:

  • Firstly, a significant factor in the development of a CDBC will be to ensure it is inclusive. After all one of the main objectives in CDBCs is to provide a digital alternative to cash. The financially excluded rely on cash and so a CDBC may have an important role to play in addressing their needs.
  • Secondly, whilst the need is pressing, making it happen will take time. The UN Sustainable development goal 16.9 calls for the provision of legal identity for all by 2030. Many CDBC initiatives are operating on a similar timeframe.

The beauty of CDBCs is that, in the main, central banks are starting from a blank sheet of paper, which creates the opportunity to design something well from the start. A big problem in digital identity has been trying to retrofit it into a digital world after the fact.

Another interesting thing is that the emerging model for CDBCs has close similarities to the decentralised model for digital identity, which is the direction of travel in that space. Let me explain a little.

This following picture illustrates 2-tier model for CDBC:

Senders and receivers will have wallets that interact with each other. They will hold the identifiers (backed by private keys) that allow the parties to control the use of their CDBC value. The actual system of record will be a ledger provided by (or on behalf of) the central bank. Wallets will use tokens, which are cryptographic representations of the value managed by the ledger, which are bound to the identifiers (and keys) belonging to the parties.

Now look at the standard model for decentralised identity:

Identity information is sent from holders to verifiers. The information is sent in the form of cryptographic credentials (you could think of them as identity “tokens”) that are bound to identifiers which can be checked in a registry. Of course for those credentials to have any value they need to come from a trusted source – an issuer.

So you can see there is a strong correlation between CDBC and decentralised identity systems. The content of the two grey boxes is basically the same.

Furthermore, CDBC systems will have some very particular digital identity and privacy requirements:

  • There will need to be controls in place to prevent AML.
  • The CDBC must not become a mass surveillance system.
  • The system must allow anonymous transactions in some circumstances but not all.
  • Users must have control over how much data is shared (and in some cases if the user is not willing to share data the transaction will not be able to be completed).

These requirements could be met very well through the use of decentralised identity technologies such as those being developed in W3C, which support the presentation of verifiable identity information whilst employing strong privacy controls. There seems to be a strong case for the CDBC community to collaborate with the identity community. We have a foot in both camps and are working hard to ensure that the years of work put into decentralised identity is leveraged effectively in CDBCs.

It really is the case that Identity is the New Money.

Will 2022 start to drive the future of Interoperability and Inclusion?

Posted on by Leave a comment
close up shot of a calendar

Our overriding theme of this year’s Live5 is interoperability which will lead to inclusion. Whether this is in payments or transit, identity or as a generalised trend what we’re seeing is a collapsing of the barriers between silos. In some areas this is happening more quickly than in others.

Continue reading “Will 2022 start to drive the future of Interoperability and Inclusion?”

Payments are hard. That’s why the world’s leading payment organisations come to us.

Posted on by Leave a comment

Continue reading “Payments are hard. That’s why the world’s leading payment organisations come to us.”

CONSULT HYPERION ANNOUNCES NEW BOARDROOM APPOINTMENTS TO DRIVE NEXT PHASE OF GROWTH

Posted on by Leave a comment

Continue reading “CONSULT HYPERION ANNOUNCES NEW BOARDROOM APPOINTMENTS TO DRIVE NEXT PHASE OF GROWTH”

Will the UK identity framework support decentralised identity?

Posted on by Leave a comment
question mark on paper crafts

In our Live 5 for 2021, we said that governance would be a major topic for digital identity this year. Nowhere has this been more true than in the UK, where the government has been diligently working with a wide set of stakeholders to develop its digital identity and attribute trust framework – the rules of road for digital identity in the UK. The work continues but with the publication of the second iteration of the framework I thought it would be helpful to focus on one particular aspect – how might the framework apply to decentralised identity, given that is the direction of travel in the industry.

Continue reading “Will the UK identity framework support decentralised identity?”

Digital Identity Wallets are coming

Posted on by Leave a comment

I was delighted to be asked to present a keynote at the FIDO Authenticate Summit and chose to focus on digital identity governance, which is something of a hot topic at the moment. Little did I know that the day before my session was recorded the European Commission would propose a monumental change to eIDAS, the Europe Union’s digital identity framework – one of the main examples I was planning to refer to. I hastily skimmed the proposed new regulation before the recording but have since had the time to take a more detailed look.

Continue reading “Digital Identity Wallets are coming”

Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.