As governments grapple with rising identity fraud, data breaches, and AI-driven impersonation, digital identity is fast becoming a matter of national security.
In this interview, Fraser Edwards, the Co-Founder and CEO of Cheqd, explains why decentralised digital identity offers a safer, more resilient alternative to today’s centralised verification systems.
Responding to recent comments from Michele Korver to the US Treasury, Edwards outlines how privacy-preserving credentials, selective disclosure, and user-held identity can strengthen compliance, reduce systemic risk, and modernise KYC and AML frameworks without repeating the costly mistakes of the past.
Michele Korver’s comments and policy direction
- Former federal prosecutor & regulator Michele Korver recently emphasized the potential of decentralized digital identity systems in her comments to the US Treasury, highlighting benefits for privacy, compliance, and national security. From your perspective, how significant is this endorsement from a policymaker-adjacent voice for the broader adoption of decentralized identity?
“Michele Korver is the Head of Regulatory at a16z crypto, where she helps their web3 portfolio companies to navigate the regulatory landscape. Korver’s endorsement is more significant than it may appear at first glance. She’s one of the few people who has seen the inner workings of financial crime, regulatory processes, and federal policymaking from all sides.
When someone with her background says decentralised identity can strengthen compliance and national security, it cuts through the usual suspicion that decentralisation is somehow too loose or experimental for critical infrastructure.
Regulators rarely shift their mental models quickly, so having a respected voice make the case publicly helps open the door for approaches that don’t rely on hoarding sensitive data in one place. In that sense, her comments mark a psychological turning point. Decentralisation isn’t being treated as a threat to oversight anymore, but as a tool for strengthening it.”
- Korver mentions that decentralized systems empower individuals and reduce risks compared to centralized identity verification. Based on your experience at cheqd, do you see these benefits realized in practice, or are there challenges that policymakers should be aware of?
“The benefits she highlights absolutely play out in practice. At cheqd, we’ve seen time and again that giving individuals custody of their own credentials reduces the attack surface.
When verification happens through cryptographic proofs rather than API calls into a central database, you remove one of the biggest operational and security risks in the identity stack.
Part of our work at cheqd has been building an ecosystem in which strong privacy and decentralisation don’t come at the cost of usability. We’ve put a lot of effort into making sure the decentralised path feels as intuitive, or more intuitive, than the centralised one. When you get that right, the theoretical benefits become very real, very quickly.”
Practical implementation of decentralized digital IDs
- Cheqd has already deployed privacy-preserving identity infrastructure using verifiable credentials and decentralized identifiers. Could you walk us through how this system works in practice, and how it balances usability, privacy, and compliance?
“The backbone of our system is simple: Verifiers receive the proofs, which typically contain both the data and the signatures, so they can resolve where the data came from.
At the heart of decentralised identity is a very simple relationship between three actors: the issuer, the holder, and the verifier. The issuer is the trusted authority, a government department, a university, or a bank that creates and digitally signs a credential. That credential might be a passport attribute, a degree, a company registration, or a completed KYC check.
Instead of sending that information to a central database, the issuer hands it directly to the individual, who becomes the holder. The holder stores it securely on their own device or wallet and can decide when, where, and with whom to share it.”
“When the holder needs to prove something, opening a bank account, applying for work, accessing a public service, they create a privacy-preserving proof from the credential and present it to the verifier.
Crucially, the verifier typically has the underlying data as part of the proof without contacting the issuer. This is where the verifiable data registry comes in. It’s not a database of identities, it’s simply a public reference point that tells the verifier which issuers are legitimate and what their public keys are. The issuer writes a small piece of metadata to the registry (not the user’s data), and the verifier reads from it to confirm that the credential was issued by a trusted source.
The result is a system where trust flows naturally without requiring a central authority to collect or monitor anything. The issuer trusts the registry, the verifier trusts the issuer, and the holder stays in full control of their data throughout.
Countries modernising its identity infrastructure, can adopt this model without building a new monolithic national database. You get high assurance and regulatory-grade verification, but with far stronger privacy protections, lower breach risk, and none of the political sensitivities that come with centralised identity systems.
That structure alone eliminates many of the weakest links you see in traditional digital ID systems.
On cheqd, the trust graph layer adds a crucial governance component, giving verifiers confidence about which issuers are legitimate while still avoiding the trap of creating a new centralised authority.
Then you have selective disclosure and zero-knowledge capabilities, which allow the user to present exactly what’s needed for a transaction and nothing more. From a compliance angle, this is enormously powerful.
You could satisfy KYC, onboard customers, validate professional credentials or degrees, all with a higher level of assurance than scanning documents, while holding less data. The privacy benefits are obvious.
Our work with partners makes this tangible: they get a system that feels modern and seamless while quietly stripping out structural risks that centralised platforms have struggled with for years.”
- In real-world deployments, what are some of the main hurdles—technical, regulatory, or behavioral — that organizations face when implementing decentralized identity systems?
“Current identity models are inefficient, open to thefts and hacking and built around organisations. In the United States alone, identity theft losses cost $712.4 billion in 2020. In the UK, annual UK-issued debit and credit card identity thefts reached a value of £29.7 million in 2020. Digital trust is currently predicated on constant check-ups. In order to prove an attribute or claim, a third party is needed to certify or verify that claim.
Unlike the existing system, self-sovereign identity (SSI) is a user-centric and user-controlled approach to exchanging information in a much safer way. It safeguards privacy by removing the need to store personal information entirely on a central database and gives individuals greater control over what information they share.
Our estimate suggests that the potential of the SSI market totals ~$0.55Tr. The disrupting technology could be used everywhere from banking to metaverse, travel to healthcare. SSI has no limits in its application across sectors.
The hardest hurdle is mental rather than technical. Institutions have been trained to believe that storing data equals control, and that control equals safety. But we now have decades of evidence, from Aadhaar to major cloud outages, showing that centralised control creates its own type of fragility.
When we introduce decentralised identity, we’re not just introducing new technology; we’re asking organisations to rethink how identity assurance works at a foundational level.
Technically, integration is already achievable as our clients are demonstrating. The challenges show up in governance discussions, internal risk assessments, and compliance interpretations written for another era. And on the user side, people are understandably sceptical of anything that deviates from the ‘login with…’ model they’ve been conditioned to use.
So our role at cheqd has often been part educator, part systems architect. Once teams understand that decentralisation doesn’t mean losing oversight, but gaining stronger guarantees with fewer liabilities, momentum builds quickly.”
Compliance and privacy considerations
- From your experience, how can policymakers design regulations under the GENIUS Act that enable innovation while avoiding over-centralized verification systems that may replicate past risks?
“The GENIUS Act should avoid the instinct to centralise identity data “for safety. We’ve seen across the world what happens when digital ID becomes a single database or platform. Breaches become existential, outages ripple nationally, and public trust collapses. Instead, regulators should focus on defining outcomes, verifiable assurance, privacy by default, and auditability, and leave the architecture open enough to let decentralised approaches satisfy them.
User-held credentials, decentralised identifiers, trust, and selective disclosure allow the same level of regulatory confidence without concentrating risk. The other key principle is voluntariness. Systems that give people choice, Switzerland’s new model is a strong example, consistently gaining more legitimacy and adoption.
If the GENIUS Act is implemented with the right guardrails, it can set a precedent for privacy-preserving, resilient identity infrastructure rather than repeating the centralised mistakes of the past.”
Lessons for the GENIUS Act implementation
- What are the key lessons from cheqd’s deployments that you think the Treasury should consider to avoid pitfalls associated with traditional identity systems?
“One lesson is that centralisation always becomes a single point of failure, even when wrapped in redundancy. We’ve seen this with national IDs, government databases, and most recently the AWS outage, where a single DNS issue cascaded into failures across thousands of services in minutes.
Decentralised verification avoids that by design. Another lesson is that privacy and compliance are not a trade-off when deployed through decentralised identity. Perhaps the most important lesson is that trust is earned through transparency and control.
When people understand exactly what they’re sharing and can do so easily, uptake increases dramatically. The Treasury should see decentralised identity not as a radical alternative, but as a safer, more future-proof version of what digital identity was always supposed to be.”
Future of decentralized identity in digital finance
- Looking ahead, what role do you see decentralized digital identities playing in the broader US digital asset ecosystem, and how could this influence both innovation and regulatory approaches?
“Decentralised identity will become the connective tissue between any financial product, including digital assets. Without it, you end up either with systems that are too anonymous to satisfy regulators or systems so centralised they undermine the whole point of digital assets.
Portable KYC, verifiable credentials for wallet owners, proof of funds, degrees, certifications; all of these will rely on decentralised identity to function safely.
AI-driven fraud is rising rapidly, especially in employment and education. Decentralised credentials give institutions a way to authenticate claims without becoming yet another data warehouse.
What we’re building at cheqd isn’t a niche layer, it’s a foundational one that sits beneath digital assets, Web3 wallets, AI agents, and future financial infrastructure.”
Attributed to: Fraser Edrwards is the Co-Founder and CEO of cheqd, a decentralised identity network designed to enable businesses to create, issue, and monetise digital credentials, addressing the long-standing commercial viability challenges of self-sovereign identity (SSI).