Table of Contents
🪪 Want to integrate NDID into your platform? Share your details and we'll help you get started!
Introduction
Digital identity verification has traditionally been fragmented. Every bank, fintech platform, and government service typically builds its own onboarding process, which results in repeated identity verification, paperwork, and in-person visits. In Thailand, this created several structural challenges — identity verification often required physical document submission and branch visits, even though citizens already possessed national smart ID cards.
Organizations had to handle large volumes of paperwork, and manual verification processes increased operational costs while leaving room for document fraud and identity misuse. To address these issues, Thailand introduced the National Digital ID (NDID) platform — a shared digital infrastructure that allows organizations to verify identities and exchange trusted data securely with user consent.
The initiative began in October 2017 with the establishment of Thailand’s Digital ID Committee. In December 2018, the Electronic Transactions Development Agency (ETDA) introduced digital identity assurance levels aligned with NIST standards. Pilot implementations started in February 2019, followed by regulatory approval through updates to the Electronic Transactions Act. Later that year, the NDID sandbox debuted at the Bank of Thailand FinTech Fair, enabling fully digital bank account opening within the regulatory sandbox.
NDID enables three primary capabilities:
- Electronic Know Your Customer (eKYC) for remote identity verification
- Electronic Consent (eConsent) for controlled data sharing
- Electronic Signature (eSignature) for legally binding digital agreements
Rather than functioning as a centralized identity database, NDID operates as a trust network connecting banks, telecom providers, fintech companies, and government agencies. Users retain control over their personal data, while organizations can access verified information only after explicit user consent. As of 2026, the NDID ecosystem includes more than 150 participating organizations.
The NDID Ecosystem
NDID works through a decentralized ecosystem where different participants perform specialized roles. This structure ensures that identity verification and data sharing are distributed across trusted institutions rather than controlled by a single entity. The ecosystem consists of four main roles.
1. Relying Party (RP)
A Relying Party is an organization that needs to verify a user’s identity or request specific information. Examples include:
- Banks processing loan applications
- Insurance companies onboarding customers
- Fintech applications opening digital wallets
- Government portals offering digital services
The Relying Party initiates requests through the NDID network to verify identities or retrieve user-approved data. Most organizations participating in NDID fall into this category.
2. Identity Provider (IdP)
An Identity Provider is responsible for verifying and authenticating the user’s identity. These organizations have already performed strong identity verification during their own onboarding processes. Banks and telecom providers are common Identity Providers because they verify users when opening accounts or issuing SIM cards. Authentication methods may include:
- Mobile banking login
- Biometric authentication
- Facial recognition verification
Currently, the ecosystem includes approximately 13 Identity Providers, consisting mainly of major banks along with telecom and fintech participants.
3. Authoritative Source (AS)
An Authoritative Source is a trusted organization that holds reliable data about individuals or companies. Examples include:
- Government agencies
- Credit bureaus
- Corporate registries
- Anti-money laundering authorities
These entities provide verified attributes when a user grants permission. Importantly, data flows directly from the Authoritative Source to the requesting organization — not through the NDID platform itself. NDID also supports emerging forms of digital credentials such as corporate documentation and vaccination certificates.
NDID Architecture Overview
At a high level, NDID acts as a trust orchestration layer between participating organizations. Instead of storing identity data, the platform coordinates secure interactions between ecosystem participants. The architecture involves three primary interaction flows:
- Identity verification flow between the user and an Identity Provider
- Consent management flow recorded on the NDID distributed ledger
- Data exchange flow directly between Authoritative Sources and Relying Parties
NDID uses distributed ledger technology (DLT) to record consent transactions and verification events. These records provide an immutable audit trail but do not contain sensitive personal information. Actual data exchanges occur directly between organizations using encrypted communication channels. Key characteristics of the architecture include:
- Encrypted communication between participants
- PKI-based authentication
- Mutual TLS for secure API connections
- Consent records stored on a distributed ledger
- Minimal data disclosure based on user approval
Example Workflow: Loan Application
A typical NDID interaction can be illustrated through a digital loan application.
Step 1 — User Initiates Request
A customer applies for a loan through a bank or fintech application. The bank or fintech acts as the Relying Party.
Step 2 — Identity Verification
The application asks the user to verify their identity using NDID. The user selects an Identity Provider, such as their bank. Authentication may involve logging into the banking application or completing biometric verification. The Identity Provider confirms the identity and sends the verification result through the NDID network.
Step 3 — User Consent
The lender requests access to additional information, such as the user’s credit score. The user receives a consent request and approves it through the Identity Provider interface. This consent transaction is recorded on the NDID ledger.
Step 4 — Data Retrieval
After consent is granted, the lender sends a request for the required data. NDID routes the request to the relevant Authoritative Source, such as the credit bureau. The bureau then sends the requested information directly to the lender.
Step 5 — Decision and Agreement
The lender evaluates the loan application using the verified data. If approved, the agreement can be digitally signed using NDID’s electronic signature capability. This process enables fully digital loan approval and onboarding, significantly reducing processing time.
Security and Privacy Approach
Privacy and security are fundamental design principles of the NDID platform.
No Centralized Storage
Sensitive personal information is not stored within NDID.
End-to-End Encryption
All communications between ecosystem participants use encrypted connections and authenticated APIs.
Consent-Driven Access
Organizations can only access user information after explicit user approval.
Full Audit Trail
Requests, approvals, and responses are recorded on the distributed ledger to support compliance and auditing.
Minimal Data Disclosure
Systems can request only the specific attribute required for a service. For example, a service may verify that a user is over 18 without accessing their full birthdate. NDID is also certified under ISO 27001:2022 and operates under a Digital Identity Exchange License issued by ETDA.
Real-World Use Cases
NDID supports a wide range of digital services across different sectors.
Financial Services
- Digital bank account opening
- Online loan applications
- Securities trading account verification
Corporate Verification
- Company registration validation
- Shareholder verification
- Digital signing of legal agreements
Government Services
- Identity verification for public services
- Anti-money laundering checks
Healthcare and Education
- Access to medical records
- Vaccination certificates
- Academic credential verification
Other emerging use cases include e-commerce KYC, telemedicine services, and digital corporate identity systems.
Traditional Identity Verification vs. NDID Workflow
Before digital identity platforms like NDID, identity verification was handled independently by each organization, meaning customers had to repeatedly submit documents for every new service.
Traditional Identity Verification
Typical steps included:
- A user applies for a service such as opening a bank account
- The organization requests identity documents
- The organization performs its own verification process
- Additional data may be requested from external sources
- The user may need to visit a branch for manual verification
This approach results in repeated verification, operational inefficiencies, and higher fraud risk.
NDID-Based Identity Verification
With NDID, the process works differently:
- A user applies for a service through an application (Relying Party)
- The application requests identity verification through NDID
- The user selects an Identity Provider
- The Identity Provider verifies the user
- The user grants consent for data sharing
- NDID routes the request to the appropriate Authoritative Source
- Verified data is securely delivered to the requesting organization
Conclusion
NDID represents a shift toward a shared digital identity infrastructure in Thailand. Instead of organizations independently verifying identities and storing personal data, NDID enables a network of trusted participants that collaborate while keeping users in control of their information.
By combining identity verification, consent management, and secure data exchange, NDID simplifies digital onboarding and reduces the need for repeated identity checks across services. As more organizations and authoritative data sources join the ecosystem, NDID is expected to play an increasingly important role in enabling secure digital transactions and supporting Thailand’s evolving digital economy.
