Implementing Chile's national digital identity strategy

Effective digital identity systems require both robust governance and sustainable financing. Governance ensures that public and private actors operate within clear, transparent rules that protect security, privacy, and interoperability. Financing supports the development, oversight, and long-term operation of these systems, balancing cost recovery with incentives for adoption across the public and private sectors. This chapter examines approaches to governance and funding, drawing on international examples to highlight lessons for building resilient and inclusive digital identity ecosystems. It aims to illustrate the key considerations that the Chilean government could consider during the implementation of its digital identity strategy towards 2030.

Experiences from OECD countries highlight that there is no universal blueprint to governing a national digital identity system; governance models will adapt to the unique political, economic, and social realities of each country or region, including the underlying legal identity system (e.g. population registries and unique ID numbers vs. lack of these). Whether government-led, market-driven, or hybrid, effective governance should ensure that digital identity systems not only protect users’ data and privacy but also foster widespread adoption by enabling seamless, trustworthy access to services.

The most common way to governing national digital identity systems and trust frameworks is through a government-led approach. Government-led digital identity ecosystems can still be cross-sector and inclusive of private identity providers, but the state plays the central role in setting standards, managing trust frameworks, ensuring interoperability, and often issuing the most adopted solutions.

• In Estonia, state-issued digital identities, co-managed primarily by the Information System Authority (RIA) and the Police and Border Guard Board (PPA), are provided for every citizen, ensuring secure authentication and digital signatures which enable the majority of all government services to be conducted digitally. Since 2001, the uptake of digital identity solutions benefitted mainly from the private sector’s B2B (business-to-business) and B2C (business-to-consumer) transactions (e-estonia, 2025[23]). The Estonian experience demonstrates the importance of creating an interoperability model with the private sector to push for the widespread adoption of digital identity by citizens.

• Similarly, Singapore’s Singpass and Corppass are government-led digital identity solutions that can be used by both individuals and businesses. Operated by the Government Technology Agency (GovTech), the solutions enable secure access to over 2,000 services across the public and private sectors. The success of Singapore’s systems demonstrates that government-led models can facilitate broad, trusted, and cross-sector digital identity ecosystems (Government of Singapore, 2025[24]; Government of Singapore, 2025[25]).

• In Italy, all core digital identity solutions, including the digital wallet (IT-Wallet), the identity broker (SPID), and the electronic identity (eID) card CIE are developed and managed by the public sector. The strategic direction is set by the Ministry for Innovation and Digital Transition, while AgID (Agency for Digital Italy) performs regulatory and oversight functions. SPID is a federated system allowing access to public and private services through credentials issued by accredited public and private identity providers (IdPs). In 2025, over 39 million SPIDs have been issued, with 37 million active users and more than 1 billion logins annually, making it an important component of Italy’s digital public infrastructure. The CIE is a mandatory government-issued electronic ID card with both physical and digital authentication capabilities, with over 50 million cards issued (Dipartimento per la trasformazione digitale, 2025[26]). In 2024, the Italian government launched the IT-Wallet, its implementation of the EU Digital Identity Wallet, fully integrated into the government’s IO app. By early 2025, the IT-Wallet was used by over 4 million citizens to store and manage digital credentials such as driving licenses, health insurance cards, and disability certificates (Dipartimento per la trasformazione digitale, 2024[27]). Through a co-ordinated government-led approach, Italy is actively aligning its identity systems with the EU’s eIDAS 2.0 regulation, aiming for full compliance by 2026 (OECD, 2024[17]).

A market-led model with public oversight delegates the development and management of digital identity solutions primarily to private actors such as banks and tech companies, while the government provides regulatory frameworks and sets standards.

• In the United States, a market-led approach is backed up by federal guidelines by the National Institute of Standards and Technology (NIST), who plays a key role by publishing widely adopted guidelines such as the Digital Identity Guidelines (NIST Special Publication 800-63-4). The NIST guidelines are not mandatory unless specified by law or policy, and they are commonly adopted on a voluntary basis by industry, academia and governments. The guidelines provide foundational technical and process requirements for organisations implementing digital identity services for federal government service providers, and cover identity proofing and authentication of users, as well as federation of identity information between authorised parties (OECD, 2024[17]; National Institute of Standards and Technology, 2025[28]). This approach promotes security and interoperability while leaving issuance distributed across government agencies, banks, healthcare providers, and private companies. For example, the Login.gov single account for online federal government services is following the NIST guidelines (General Services Administration, 2025[29]).

• Sweden’s model is primarily driven by the private sector, although recently there have been decisions for the government to take a bigger role by developing an official state-eID and digital identity wallet (Swedish Government Offices, 2025[30]; Agency for Digital Government, 2025[31]). As of today, BankID is the country’s most widely used digital identity solution. BankID is developed by Finansiell ID‑Teknik BID AB, a consortium owned by seven major Swedish banks still managing the solution. With the first e-ID issued in 2003, BankID expanded over time from desktop certificates to smart‑card and now mobile-based authentication, with the Mobile BankID app. BankID is issued by the banks under a common BankID regulatory framework that meets the requirements of the Swedish e-ID, trust level 3 out of 4, for which the Swedish Digital Government Agency (DIGG) is responsible, ensuring BankID aligns with national frameworks such as Sweden Connect. In 2024, BankID had 8.6 million users with over 7,500 connected services across the public and private sector (businesses, public authorities, banks and organisations); approximately 99.9% of Swedes aged from 18 to 67 have a BankID. Users log in and digitally sign transactions via usernames, passwords, OTPs, and cryptographic keys stored securely on phones or cards, aligned with advanced digital signature standards set by EU regulations (BankID, 2025[32]; 2025[33]; 2025[34]; 2025[35]).

Hybrid models in digital identity refer to ecosystems where both public and private actors play significant and often interdependent roles in the design, implementation, and operation of digital identity solutions. Examples include:

• The European Union (EU) provides a useful illustration of how standards can unlock the opportunity for cross-sector and cross-border interoperability. Regulation (EU) 2024/1183, adopted by the European Parliament and Council in 2024, updates Regulation (EU) No 910/2014 to establish a framework for European Digital Identity wallets. This regulation changes the digital identity landscape in the EU by mandating the creation of interoperable, trustworthy, and secure European digital identity wallets. It acts as a binding trust framework across the Union, defining the rules and standards needed for interoperable digital identity from privately operated apps to government-run wallets; it also ensures mutual recognition across 27 systems and has promoted private-sector participation in EUDIW pilots (European Commission, 2025[36]). It mandates that each Member State must provide at least one certified EU Digital Identity Wallet within 24 months of the implementing acts, regardless of whether it is public or private sector led, as long as it is officially recognised by the government. While most Member States have implemented digital identity solutions that are not themselves federated, this regulation effectively creates a federated structure that aligns 27 national systems and enables cross-border interoperability and authentication, allowing individual governments to benefit from the digital identity infrastructure developed by others (European Commission, 2025[37]).

• In Denmark, the digital identity solution MitID (available primarily through a mobile app) is managed through a public-private collaboration involving both government entities and private sector partners. Launched in 2021 to replace NemID, it provides a single, secure login used across digital public services (e.g., borger.dk, skat.dk, sundhed.dk) and private services like online banking, and is used by 97% of the Danish population age 15 and above. The MitID partnership, sole owner of MitID, consists of the Danish Agency for Digital Government, representing the state, the Danish regions, and municipalities, and the country's financial institutions, represented by their industry organisation, Finance Denmark. The Danish Agency for Digital Government manages the public side, overseeing regulation, co-ordination and that MitID adheres to national standards and public policy goals. Private sector partners (especially financial institutions) play an important role in implementing and operating the system. This partnership allows the system to be secure and to be integrated with essential services across sectors, including online banking, government services, and private platforms. This cooperative model benefits from the banks’ experience in managing secure transactions and customer verification, while helping to distribute costs and administrative responsibilities between the public and private sectors (MitID, 2025[38]; OECD, 2024[4]).

Financing is a critical element of sustainable digital identity systems. Governments often ensure stable, long-term funding for policy development, oversight, trust frameworks, and operational services, while designing fee structures and compensation models that balance cost recovery with incentives for adoption by both public and private users. Comparative experience from OECD countries demonstrates the importance of separating regulatory and operational budgets and planning for scalability to support resilient and inclusive digital identity ecosystems.

Funding the development and enforcement of trust frameworks, oversight functions, accreditation processes, and privacy safeguards should not rely on revenue generated from operational identity services. Accountability is strengthened by dedicated oversight bodies with stable, transparent, and publicly allocated resources, requiring reliable, long-term funding through the central government budget.

For example, in Italy, strategic and regulatory responsibilities for digital identity are managed by the Ministry of Innovation and Digital Transition, while AgID oversees the trust framework and the identity broker service SPID, without acting as an identity provider itself. This separation allows for the supervision of public and private identity providers and supports trust frameworks aligned with national priorities, international standards, and fundamental rights. Similarly, in Norway, the Digitalisation Agency operates the identity broker ID-porten and the solution MinID, while independent agencies handle privacy and security regulation, ensuring oversight remains institutionally and financially distinct from service provision.

When governments provide digital identity services directly or allow private providers to supply solutions for public services, it is essential to carefully design the business and financial model to ensure long-term sustainability. This requires balancing operational costs with incentives across the ecosystem: public service providers should be encouraged to adopt and consistently use the system, while private identity providers must have sufficient motivation to offer services that meet security, interoperability, and quality standards. Fee structures should reflect both the costs of providers and the administrative costs of managing the system, while avoiding rates so high that they suppress demand or are passed on to end-users. Lower or no fees for low-volume service providers can promote adoption and reduce administrative burdens, as exemplified by Norway’s ID-porten, which provides free services to public entities with fewer than 200,000 annual authentications (Box 2.1).

Sweden’s legally defined Authorization System for electronic identification (eID) (Box 3) illustrates how a clear legal and financial framework can support trust, transparency, and sustainability: the Agency for Digital Government (DIGG) approves providers, individuals can choose their eID provider, and public authorities access services under DIGG agreements, while operational management, including fee collection and compensation, is handled administratively (Agency for Digital Government, 2025[40]).

There are few OECD countries where governments offer an identity broker service available for use by private service providers. One exception is FranceConnect, which is an identity broker service managed by the French Government through the Interministerial Directorate for Digital Affairs (DINUM). It can be used by both public and private service providers but is limited to private service providers operating in sectors with a regulatory requirement to verify user identity. This includes, for example, the telecommunications and financial services sectors. Currently, the broker offers seven identity providers to choose from:

• Public identity providers: France Identité, MSA, Ameli.fr, and impots.gouv.fr

• Private identity providers : L’Identité Numérique La Poste, Yris, and TrustMe

Two of these are accredited at a high level of assurance (FranceConnect+): France Identité and L’Identité Numérique La Poste, which can be used for accessing more sensitive services. The others are accredited at a lower level of assurance (FranceConnect).

Countries, in particular low- and middle-income countries, can also use blended funding approaches to finance the initiative development of identity infrastructure, such as identity brokers. Rather than relying on a single source of funding, this approach leverages varying combinations of public investment, service-level fees, and/or contributions from participating private actors, allowing for greater financial sustainability and resilience over time. For instance, Uruguay’s Agency for Electronic Government (AGESIC) has benefitted from a combination of international support and public resources by leveraging Inter-American Development Bank (IDB) loans, to underpin infrastructure and service scaling, including the ID Uruguay platform and digital signature tools (Public Digital, 2023[42]; Inter-American Development Bank, 2019[43]). Although loans build initial momentum, long-term recurring costs such as maintenance, audits, and cybersecurity require predictable government funding or service-based revenue, avoiding gaps post-deployment.

Finally, financial planning must consider system scalability to ensure the infrastructure can support growing demand. For example, Aadhaar, managed by the Unique Identification Authority of India, saw authentications rise from about 1 million to 2 billion in just six months. Today, it is used for services such as banking, welfare, telecom and public administration (DDNews, 2025[44]).