Bhutan is the first country to join the Global Acceptance Network (GAN). GAN, in turn, is a foundation that aims to operate a nonprofit decentralized digital identity (DDID) network. GAN was founded, among others, by Accenture, cheqd, Interac, NTT Digital, Pearson, and other organizations.

GAN will not develop technology standards on its own. The goals of GAN include creating global acceptance of DDID/verifiable credentials by: 1) building a trust framework and network; 2) contributing to open standards organizations’ DDID work (W3C, ISO) and; 3) most importantly, promoting and ensuring iteroparity between existing DDID ecosystems, such as the European Union’s eIDAS’s European Digital Identity Wallet initiative, the USA’s AAMVA mobile driver’s licenses, the Nordic BankID framework, and others.

This diagram shows GAN’s high-level architecture:

 

Forrester expects that the primary vertical market use cases for GAN will include nonprofit and government, travel (e.g., digital passports, airline cooperation), education, and healthcare.

GAN’s long-term success will depend on:

  • National governments’ and regions’ willingness to work with a trust proxy. While governments have been issuing national digital identities and wallets, government DDID’s focus (understandably) has been domestic use cases (such as identification of citizens to government agencies), law enforcement, and utilities (verifying account holders to utility companies). Governments have not yet cared much about international interoperability of their digital driver’s licenses and national IDs with other countries’ verification systems. Working with a trust proxy (such as GAN) requires compromise — traditionally, not the forte of national government law and IT decision-makers.
  • Reconciliation of privacy measures across GAN member ecosystems. GDPR has served as a de facto blueprint for many jurisdictions’ privacy laws, but the landscape is still rugged when it comes to harmonizing privacy laws and data protection across borders or even administrative regions (states, prefectures, etc.) of a single country. GAN needs to be able to take these differences into account and help with proxying not just trust but also data protection and privacy requirements between its member countries and organizations.
  • Viable business models for all DDID initiatives. While the common good is a significant motivation in DDID and digital national ID issuance and acceptance, issuer and verifier organizations and ecosystems need to have financial motivation to join GAN. So far, the DDID business model is unclear and will need to get resolved to drive more industry adoption.
  • GAN must serve clear, and initially simple, use cases. Forrester expects that GAN’s acceptance will also depend on how well it can immediately serve specific use cases such as travelers’ usage of digital passports and national IDs at border crossing, presentation of higher-education diplomas across borders, proving coverage of travelers’ health insurance during a visit to a foreign country, and others.