Key differences between physical IDs and digital IDs include:
- Format of the ID
- Ability to protect personal data (through minimising the data shared)
- When the ID can be used
- Differing use cases
- Who issues the ID
- Security features and vulnerabilities
- Regulatory and legal acceptance
Last year, multiple countries made big strides towards accepting digital IDs. Recognising that we live in an increasingly online world, and that fewer people are carrying wallets, more businesses, governments and organisations are choosing to accept digital IDs as a form of identification.
Digital IDs and physical IDs serve the same fundamental purpose: proving your identity. But they can differ in how they’re created, stored, verified and used. We break down some main differences between the two forms of ID, to help you understand how they both work.
Format
Physical IDs: Physical card or document / Digital IDs: Digital app, QR code or file
Physical IDs include passports, driving licences, national ID cards and birth certificates. They typically contain personal information such as your name, date of birth, photograph or document number. This information is usually printed on a card or paper document, which you need to physically keep and store.
Digital IDs are electronic versions of physical IDs (and not just a photograph of your physical ID). Digital IDs can be in the form of an app, QR code or encrypted file. In their simplest form, they can contain the same data as your physical IDs, however they can also collate information from several different physical IDs together. You can store and access your digital ID using your digital devices such as a smartphone, tablet or computer.
How you share personal data
Physical IDs: Cannot choose what personal information to share / Digital IDs: can choose what personal information to share
Imagine you needed to prove your age to buy an age-restricted product, such as alcohol. In this situation, the retail worker only needs to know two things:
- whether you’re old enough to buy the product, and;
- an image of your face, to show that the document belongs to you.
To prove your age using physical IDs, you have no choice but to show the whole document to the retailer. This means you end up showing a lot of personal information, including your full name, address and document number, even though the retailer doesn’t need these details.
Digital IDs can be designed to minimise the data that is shared. In the example described above, the retailer worker doesn’t actually need to see your full date of birth. Therefore, you can choose to only display your photo and a credential stating that you’re over the required age threshold, such as ‘over 18’. This allows you to protect the rest of your personal information as it isn’t disclosed.
Accessibility and use cases
Physical IDs: Mainly used for in-person interactions; users must have the ID on their person / Digital IDs: Can be easily used for both in-person and online transactions; can be accessed anytime, anywhere via a digital device
Physical IDs are primarily used when you need to prove your identity during face-to-face interactions. These can be when voting, driving, travelling or proving aspects of your identity (such as your age or address). These can be cumbersome to carry around, particularly if you need multiple IDs for different purposes, and inconvenient if you no longer carry a purse or wallet.
In some cases, you can use your physical ID to prove your identity online. This requires you to manually upload a photograph of your physical document to an app or website.
Digital IDs can be securely stored in one place, like your smartphone, and instantly accessed from your devices. This eliminates the need to carry physical IDs. They can be used to prove your identity both in person and online. During in-person interactions, you can display a showable card on your device with just the relevant credentials.
Digital IDs can also be seamlessly used during digital transactions. This can be when accessing government services, logging into accounts, making online transactions or completing remote work verification checks. With your consent, you can use your digital ID to securely prove your identity to the requesting organisation. Digital IDs often allow you to complete a verification request anytime, anywhere. This makes remote age or identity verification possible in real time, saving you from searching through your wallet for a physical card.
Who issues the IDs
Physical IDs: issued by governments and other official organisations; users must wait to receive their ID before use / Digital IDs: issued through digital platforms or regulated IDSPs; can be used straight after issuance
Most widely accepted physical IDs are issued by government authorities or official organisations. Receiving a physical ID requires you to wait for your new document before you can use it. Physical IDs, such as a driving licence, can be easily lost or stolen with over a million of them reported lost or stolen in the UK in 2023.
Additionally, you’ll need to be issued a new document if you update any of your details (for example, a change of address).
Digital IDs can be issued through digital platforms, either directly by governments and official organisations or by regulated third-party service providers. In the UK, official identity service providers are certified by the Government under the trust framework. Digital platforms can issue your digital ID based on the trust created by scanning one or multiple of your physical IDs. They can also do this through other means. For example, you might choose to grant permission for a digital identity provider to search third-party data sources for information to confirm your identity and link that information to your biometrics.
Once you’ve passed the required identity verification checks, your digital ID is available for use on your device much more quickly. You can also update your personal information immediately through the app or online platform. And since it’s stored on your device, it’s one less thing to look after when you’re out and about.
Security features and vulnerabilities
Physical IDs: Physical security features (holograms, watermarks); difficult to easily validate authenticity; users cannot block or deactivate the ID / Digital IDs: Digital security features (encryption, biometrics, multi-factor authentication); built-in features to easily validate authenticity; users can instantly block or deactivate the ID
Physical IDs are vulnerable to loss, theft, damage and forgery. To prevent tampering or fraud, they rely on physical features such as watermarks and holograms. Since these features are difficult to replicate, they help to ensure the document’s authenticity. However, many people whose jobs involve looking at physical IDs (such as a retail worker at a convenience store) are not trained experts who know what authentic holograms should look like.
Additionally, these features do not protect from unauthorised access. If your ID is lost or stolen, anybody can access the information on it with no trouble at all. Although you can report the loss or theft to the organisation that issued it, there’s no easy way to immediately block or deactivate the ID.
Digital IDs are built to protect users from vulnerabilities like data breaches by integrating security features to limit unauthorised access to your personal data. Examples of these include encryption, requiring biometric authentication (like Face ID or a fingerprint) and multi-factor authentication (MFA). MFA asks you to complete multiple verification checks, such as entering a password and a one-time passcode. Digital IDs can also include built-in security features when presenting the ID in person. For example, you can ‘flip’ our Yoti ID card around on the phone screen, and the QR code can be scanned for free by any web browser to verify authenticity. This prevents people from using fraudulent or altered images of digital IDs.
These features provide an added layer of security that physical IDs cannot. However, if you suspect that someone may have gained access to your digital ID, you can instantly lock or suspend it, and update your security credentials – all from your device.
Regulatory and legal acceptance
Physical IDs: widely accepted / Digital IDs: increasingly being accepted
Physical IDs such as passports are globally recognised by authorities across the world. Other documents such as driving licences are recognised throughout the issuing jurisdiction and are often accepted globally too. They are legally binding for various purposes such as voting, travelling and signing contracts.
Digital IDs are not yet universally accepted or recognised in all jurisdictions, especially for things like voting or legal documents. However, they are quickly gaining traction, with digital IDs being increasingly integrated into various regulatory frameworks and legal systems. For example, the UK Government:
- introduced the Data Bill in 2024, which includes the creation and adoption of secure digital identities to help with everyday tasks. This includes completing employment checks, opening bank accounts and moving house.
- announced a long-awaited change to the rules around the purchase of alcohol last year. This means that retailers, pubs and clubs can soon accept digital IDs as proof of age, alongside physical paper-based IDs.
- changed the law in 2022 to allow people to use digital IDs for right to work and right to rent checks, and for proof of identity ahead of DBS checks.
Offering choice when verifying identity
While physical IDs are widely used and trusted, digital IDs are increasingly being accepted by both governments and the private sector. They offer significant advantages in terms of convenience, security and accessibility, especially for online interactions.
People should always have a choice in how they prove their identity to ensure that people can use the option most accessible to them.
If you’d like to know more about digital IDs, please get in touch.
