The rubber is hitting the road on identity infrastructure | March Newsletter

Kia ora

Sir Geoffrey Palmer has spent a lifetime warning New Zealanders that democracy depends not on good intentions, but on infrastructure – the structures that quietly determine how power operates. A new layer is now taking shape: not the card in your wallet or the login screen you click through, but the underlying trust infrastructure that determines who can participate in the digital economy.

Our Executive Council recently discussed an important question: whether the United States may be granted access to New Zealanders’ biometric data. Biometrics can’t be changed like passwords or re-issued like financial credentials. Decisions about access and control carry generational consequences – and in a time of rising global security pressures, we should ask whether expanding biometric data sharing is the only path forward, or whether there is a more constructive alternative.

New Zealand has a unique opportunity to lead by investing in trust infrastructure that protects and empowers individuals, businesses, and communities: systems where sensitive data stays under the control of the person or organisation it relates to; where verification can happen without unnecessary disclosure; and where privacy, security, and interoperability are designed in from the outset.

Every centralised system eventually becomes a permanent institutional memory. Data collected for convenience today becomes a liability tomorrow: searchable, accessible, and vulnerable to breach, misuse, or geopolitical leverage. This is not a hypothetical risk. It is structural certainty.

Constitutions shape how power operates in societies. Digital identity infrastructure will shape how power operates in digital economies. The question is not whether it will exist, but who shapes it – and on what terms.

Q1 2026 has reinforced something important: digital identity is no longer a policy discussion. It is becoming infrastructure – and once embedded, infrastructure shapes the conditions under which future generations live.

You may notice Digital Identity New Zealand has a new look as part of a Tech New Zealand | Hangarau Aotearoa ecosystem-wide refresh. Our brand has evolved to better reflect the foundational role digital identity now plays as infrastructure for trust, access, and participation. We will continue to bring together Aotearoa’s digital identity, trust, and assurance community to support an open, interoperable ecosystem grounded in strong governance, legal certainty, and public trust.

New Zealand leads the way in next generation digital identity

Congratulations to New Zealand for co-designing its Digital Identity Services Trust Framework (DISTF) Reference Architecture and now finalising its Draft Exposure.

The cross-sector contribution process has produced an inclusive, privacy-preserving foundation for next-generation digital identity through Verifiable Credentials.

New Zealand has done this before. More than a decade ago it led online authentication with RealMe – the foundation upon which Australia’s MyID is built. Now it is leading again, developing next-generation Trust Infrastructure to meet emerging challenges such as Agentic AI, Business ID, and Post-Quantum security.

Some organisations define consultation as asking people to submit comments privately and trusting the government to feed that input into their process. New Zealand took a fundamentally different approach, bringing government and industry together for structured, page-by-page reviews of the Reference Architecture, where comments were posted and visible to all participants, and each one was worked through intentionally and transparently.

Hats off to the incredible leadership across New Zealand, now we know what to build with government leading the way. Read the latest government announcement here.


A call to the banking sector: an opportunity to lead the trust infrastructure

Every financial system rests on one foundation: trust – public confidence that institutions can protect people from harm.

That trust is under pressure. Fraud and scams are extracting billions from New Zealand households annually. For victims, the boundaries between banks, payment providers and platforms are invisible. They see a system that moves money quickly but struggles to prevent harm.

At the same time, digital commerce is shifting towards programmable wallets, verifiable credentials, and cryptographic trust networks, where transactions rely on machine-verifiable identity signals, not just traditional payment rails. If trust in the banking system weakens while these networks mature, significant portions of digital commerce could begin to move outside traditional rails.

The Q2 updates to AML/CFT identity verification guidance, including the evolution of the Identity Verification Code of Practice (IVCOP) and the move toward continuous supervision, signal an important regulatory direction: beyond document-based verification toward reusable, high-assurance digital credentials across multiple transactions and services.

DINZ provides the cross-sector ecosystem through which this work can be coordinated. There is an opportunity for the sector right now to work with DINZ and lead this evolution.

Strategic Priorities

Solving the “Red X Problem”: A Proposal for Credential Namespace Schema Coordination

DINZ is exploring a new coordination initiative that could unlock faster adoption of verifiable credentials across New Zealand’s digital economy.

While digital identity – verifiable credentials, digital wallets, and trust registries – is production ready, adoption remains slow. A key barrier is what the proposal calls the “Red X Problem”: when a verifier sees an unfamiliar credential, it rejects it – not because the tech fails, but because the credential’s meaning and trustworthiness aren’t clear.

The proposed response is credential namespace coordination: a shared naming and governance layer, similar to how DNS underpins websites or telephone numbering plans enable telecommunications. Without it, credential ecosystems risk becoming fragmented silos that can’t talk to each other.

DINZ is considering convening government, industry, and ecosystem stakeholders through its Trusted Credential Adoption (TCA) Working Group to develop voluntary guidance on issuer identification, credential naming conventions, and governance principles. An initial discussion paper is targeted for end of May.

2026 DINZ Trust Survey

We are looking to commission an updated nationally representative Trust Survey.

Since DINZ last ran this survey in 2023, the environment has materially shifted: the Digital Identity Services Trust Framework Act has passed, AI-mediated identity has accelerated, and fraud and scams have increased significantly. Trust is now the primary constraint on adoption, and we need current evidence to guide strategy, industry engagement, and government conversations.

We’ll keep you updated on progress.

DINZ Update

Chair & Deputy Chair Confirmed
At the February Executive Council meeting, Maria Robertson was successfully re-elected as Chair and Vica Papp as Deputy Chair. The Executive Council acknowledged the significant voluntary commitment these roles require and offered its collective support. Welcome back also to Julia Nicol (Worldline), who has volunteered to chair meetings when both the Chair and Deputy are unavailable.

New Independent Council Member – Justin Gray
Justin Gray, formerly Managing Director of Datacom, has joined the Executive Council in an independent capacity in accordance with our Charter. Justin brings deep governance experience at a pivotal moment for the organisation. We warmly welcome him.

New Member – Catalyst IT
We’re pleased to welcome Catalyst IT as a new member, who showed particularly strong engagement at the AcademyEX panel in February. The appetite for deeper ecosystem coordination is clearly growing.

Membership Growth
DINZ currently has 81 members across all tiers, and overall membership remains healthy and stable, with strong engagement and continued momentum through the year. Major corporate membership is tracking well, and we’re pleased to see ongoing interest from organisations across the ecosystem. 


The full membership list now includes Air New Zealand, AWS, ANZ, ASB, BNZ, Deloitte, GBG, Google NZ, Lumin, Mattr, Meta, Microsoft, Spark, Unify, Westpac, Worldline, Xero, Adobe, KPMG, and The Co-operative Bank.

March Engagements

This has been a high-activity month for DINZ in the field. Andy has represented the organisation across three major events in the past fortnight alone:

Q1 Highlights

Biometrics Institute Conference — Wellington, 19 February

A strong signal that biometrics, identity assurance and AI-mediated systems are converging quickly. Identity is moving from edge-case use to core infrastructure across sectors. 

AcademyEX Panel Discussion

Thirty attendees took part in a lively discussion, one of our most engaged member events of the year so far. Particularly strong participation from Catalyst IT. The format worked well and we’ll be building on it. Thank you to AcademyEX for hosting such a memorable event.

Identification Management Standards — Interim Review

DINZ has engaged in consultation on the Identification Management Standards interim review and will meet with the DIA team following our March Executive Council meeting. Alignment between standards, architecture and real-world deployment is critical. Our approach will be to bring concrete use cases and requirements rather than broad statements, ensuring DINZ’s voice is practical and actionable.

Government Digital Infrastructure — Key Update
A significant restructure is underway. The Government Chief Digital Officer function is transitioning into the Public Service Commission, bringing the Digital Identity Services Trust Framework (DISTF) team with it to support the new digital government operating model. 

On the infrastructure side, momentum is building. The MATTR wallet with test credentials has been demonstrated, with the environment moving to sandbox imminently, opening up broader ecosystem experimentation for members. At least five organisations have signed up to the marketplace, and five are actively progressing DISTF accreditation, including DIA itself.

A government credential issuance roadmap is emerging, with potential credentials including a Delegated Passport credential, NZBN, Company Director, IRD, and Driver’s Licence. Securing strong demand-side credentials has been identified as a key accelerant for ecosystem adoption.

DINZ has raised the namespace coordination proposal directly with the DISTF team as a mechanism to support interoperability as both mDoc and W3C Verifiable Credential standards begin to scale, helping government and market credentials work together across wallets, issuers, and relying parties without fragmentation.

Members interested in practical credential use cases should watch for an upcoming opt-in session with the Trusted Credential Adoption Working Group.

Trusted Credential Adoption (TCA) Working Group

The TCA Working Group has good momentum. The group is focused on priority use cases, aligning with the Reference Architecture, and maintaining the pace of progress. This group is central to the namespace governance work described earlier in this newsletter.

International Engagement – April

India Study Trip (12–16 April)

By invitation from Dr Samir Saran, President of the Observer Research Foundation. Andy’s itinerary includes governance, policy architects, and infrastructure leaders shaping global digital identity, payments and governance.

Utah State-Endorsed Digital Identity (SEDI) Summit (20–23 April)

By invitation from Michael Proper and SEDI protocol leadership. An initiative to advance a privacy-focused framework where digital identity is separated from government-issued privileges, allowing for individual control and agency.

Digital Trust Hui Taumata 2026

Tuesday 11 August 2026 | Te Papa, Wellington

This year’s theme is ‘Trust is the New Infrastructure: Global Architecture, Indigenous Authority, and Aotearoa’s Moment’.

This isn’t a typical vendor conference or policy seminar. It’s a forum focused on shaping the direction of trust infrastructure in Aotearoa, and we are proud of the programme taking shape.

Two keynote voices anchor the conversation:


Together, they will explore why Aotearoa New Zealand occupies a uniquely powerful position to help shape trust infrastructure that is globally interoperable, yet grounded in human dignity, indigenous authority, and long-term societal trust.

Technology alone does not create trust. Governance does.

Tickets will be on sale soon – keep an eye out for comms with the registration link.

Confirmed partners: Lumin and Middleware. Sponsorship opportunities remain available, contact bettina.sinclair@technewzealand.org.nz if you’d like to be involved.

Strong Foundations, Positive Momentum

For those who like to know the organisation is on solid ground: DINZ is tracking to plan and the community is in a strong, sustainable position. We’re seeing continued membership growth and good momentum across our work programme. The Digital Trust Hui was successfully delivered and performed well overall – a strong result for a complex event.

See you in the field.

Ngā mihi nui,

Andy Higgs

Executive Director,
Digital Identity New Zealand

Read full newsletter here: The rubber is hitting the road on identity infrastructure | March Newsletter