Fact check: Which companies have previously worked on similar digital ID projects in the UK or other countries?

1. Long‑running national models that shaped expectations

Estonia’s mandatory digital ID system and e‑residency program are frequently cited as foundational examples of state‑led identity schemes, offering two decades of operational lessons on integration, authentication, and governance ^[1]. Finland’s model, delivered through a combination of banks, mobile operators and government agencies, illustrates a federated, multi‑actor delivery where private firms operate critical authentication infrastructure under public oversight ^[1]. Both systems demonstrate durable public‑sector control or heavy regulation, and their longevity contrasts with newer commercial entrants; each national choice reflects trade‑offs between centralization, privacy, and service reach ^[1].

2. Private verification vendors expanding globally

Socure’s recent expansion of its RiskOS platform to support identity verification across more than 190 countries shows rapid private-sector scaling of identity technology into new jurisdictions and sectors, including banking and cryptocurrency exchanges ^[3]. Socure positions itself as a decisioning layer rather than a sovereign identity issuer, which matters because private platforms focus on fraud reduction and customer onboarding rather than public‑policy goals like citizenship or voting. The company’s July 2025 announcement highlights commercial momentum and suggests private vendors could bid for UK roles that emphasize verification services rather than government identity issuance ^[3].

3. Postal and incumbent operators monetizing digital ID services

Poste Italiane’s role as Italy’s biggest digital ID services provider and its move to introduce annual fees indicates incumbent public or quasi‑public operators can extract ongoing revenue from identity ecosystems ^[5]. This commercialization points to potential vendor incentives that may not align with maximal public accessibility, and underscores that operators with existing citizen touchpoints can leverage trust and distribution. The September 2025 timing of the fee decision signals recent shifts toward sustainability and revenue models, a factor the UK must weigh when considering which organizations to certify or contract ^[5].

4. Technology suppliers deploying enterprise and government systems

NEC’s deployment of a digital employee ID system for 20,000 staff in Japan using Microsoft Entra Verified ID and facial recognition underscores the role of large technology vendors in system integration and biometrics ^[4]. NEC’s 2024 rollout shows how established providers combine identity platforms and biometric modalities to deliver closed‑ecosystem identity solutions. These technical choices raise governance questions because biometric approaches have heightened privacy and accuracy concerns, and because multinational firms may supply critical backend components in ways that affect auditability and cross‑border data flows ^[4].

5. Cross‑border cooperation and state contractors

Costa Rica’s launch of a national digital identity app in collaboration with Korean state‑owned KOMSCO illustrates bilateral procurement and technology transfer, where countries lacking domestic providers turn to foreign state enterprises for capacity ^[6]. This September 2025 example shows how national projects can be shaped by geopolitical and industrial partnerships, potentially bringing specific governance models and dependencies. The presence of state‑owned contractors implies agendas beyond technical delivery—industrial policy and diplomatic ties may shape design choices, interoperability and long‑term support commitments ^[6].

6. How the UK’s proposed federated approach reassigns roles

The UK government has proposed a federated, democratized, proportionate and voluntary digital ID framework that would certify both public and private providers to verify, store and share identity data ^[7]. This policy opens procurement to a broad range of actors — sovereign incumbents for population registers, banks and mobile operators for authentication, and private verification vendors for onboarding — but it also requires a robust governance regime to manage conflicts, privacy, and commercial incentives. The September 2025 policy discussion situates the UK between centralized European models and market‑led U.S. approaches ^[7].

7. Competing viewpoints, commercial agendas and the gaps in available evidence

The available analyses span government announcements, vendor press releases and incumbent operator moves, each carrying potential agendas: vendors emphasize scale and capability, incumbents emphasize trust and continuity, and governments emphasize choice and regulation ^{[1] [3] [5] [7]}. Key omissions include independent audits, privacy impact assessments and contractor lists for the UK specifically, so while examples identify who has built similar systems abroad, they do not settle how those models would perform under UK legal and social conditions. Recent dates—from 2024 to late September 2025—show active evolution but underscore remaining evidence gaps about performance, oversight and citizen acceptance ^{[4] [3] [1]}.