27.12.2025 –, Saal 5
Sprache: English
Despite years of information security innovation, user safety continues to decay and digital systems remain vulnerable. The reason: most attacks exploit a flawed first principle of digital identity, built on entrenched assumptions about presentation, authentication, enforcement, and trust. As societies digitize and digital identity becomes the endpoint for all contact between citizens, institutions, and infrastructure, this collective failure to imagine new designs will shatter how we cultivate social trust. How else can this state of affairs, where no single attribute of a person can escape the reach of bad actors, be brought to an end?
Drawing on unprecedented access to individuals across the digital identity landscape and organisations developing the next wave of identity solutions, The Digital Identity Event Horizon presents New Design Congress' analysis of the core emerging socio-technical threats inherent in all digital identity systems, and lays the case for why proposed solutions will not address these threats without radical rethinking.
What happens when threat modelling becomes reality? This is the story of a research team caught in the mask-off moment for digital identity, documenting the technology's inherent dangers at the exact moment its weaponised design revealed itself.
Over four years, New Design Congress conducted eight case studies across implementations ranging from national biometric schemes to Web3 zero-knowledge proofs. More than 45 participants, including law enforcement officers, military personnel, information security researchers, CEOs, and activists, spoke candidly about digital identity's failure modes. The resulting 600+ citations documented a fundamental problem: the Cartesian vulnerability. "I authenticate, therefore I am" - when proving identity becomes inseparable from possessing identity, social-engineering attacks become inevitable. When identity infrastructure becomes a single point of failure, it tears at the fabric of society itself.
Since 2021, New Design Congress has applied adversarial security research methodology to the question of flawed digital identity: its definitions, implementations, and implications. From FaceID to BankID, from Facebook to the fediverse, from Worldcoin to the world's passports, this is an exhaustive study of the opportunities and risks that emerge from how we represent entities in the information age. At the centre is a core hypothesis: today's digital identities are inherently vulnerable to attack, and this leads to brittle digital societies.
This talk presents the threats and findings for the first time. It is for anyone who still believes today's technologies can safely represent humans. The report it is based on, The Digital Identity Event Horizon, is a landmark adversarial study that names the concrete harms of digital identity directly, establishes a working definition, introduces a threat modeling framework for evaluating any scheme, and presents ten key findings and fourteen recommendations, with many immediately implementable across policy, design, and governance.
The report will be soft-launched at https://newdesigncongress.org/en/report/2026/the-digital-identity-event-horizon.
