After BankID: Why the identity industry’s architecture problem can’t be patched

By Alan Lui, Chief Marketing Officer at Moca Network

The recent cyberattack on CGI Sweden didn’t just leak source code tied to the Swedish Tax Agency and BankID. It exposed a fundamental, structural lie at the heart of the global digital identity industry.

When the news broke that the hacker group ByteToBreach had compromised systems supporting Sweden’s flagship digital ID infrastructure, the immediate industry reflex was predictable: patch the vulnerability, audit the vendor, and tighten the perimeter. But we are treating an architectural crisis like a routine security patching problem.

BankID’s core cryptographic protocols didn’t fail. The breach occurred at the integration layer, through a massive third-party IT vendor. And that is exactly the point. When you build centralized identity architectures, it doesn’t matter how secure your core protocol is. You inevitably force the creation of massive, highly vulnerable data honeypots because third-party vendors and government agencies are required to hold the keys and the integration data.

As Europe gears up for the rollout of eIDAS 2.0 and nations rush to launch proprietary government e-IDs, the CGI breach in Sweden should serve as a blaring alarm. We are digitizing our citizens’ most sensitive data using an architecture fundamentally unsuited for the modern threat landscape.

The honeypot problem

The traditional digital identity model relies on a hub-and-spoke architecture. To prove who I am to a service provider, a centralized authority (or their delegated IT vendor) must sit in the middle, verifying the transaction and logging the data.

This creates a honeypot. By centralizing authentication logs, source code, and integration credentials, we create targets so lucrative that it is no longer a question of if they will be breached, but when. State-sponsored actors and sophisticated cybercriminal syndicates do not need to break AES-256 encryption; they just need to find one overworked IT vendor with a compromised credential.

In a centralized system, a vendor becomes a single point of catastrophic failure. Users have absolutely no control over where their data sits, how it is routed, or which third-party subcontractors have access to the code that secures their digital lives.

eIDAS 2.0 and the illusion of upgrades

The promise of eIDAS 2.0 and the European Digital Identity Wallet is highly commendable. Giving citizens a unified digital wallet to carry their credentials across borders is the right vision. However, if the underlying plumbing remains reliant on centralized databases and vulnerable vendor integrations, we are simply putting a glossy UX on a ticking time bomb.

You cannot patch a flawed architecture. If the data must be stored and verified by a central party, the honeypot remains.

The Zero-Knowledge solution

The alternative is not chaos, nor is it abandoning digital identity. The alternative is cryptographic decentralization.

We must shift from “trusting the database” to “trusting the math.” The technology to do this already exists, heavily pioneered by the Web3 and decentralized finance sectors: Zero-Knowledge Proofs (ZKPs).

A zero-knowledge architecture allows a user to prove a statement is true without revealing the underlying data. I can prove I am over 18 without revealing my date of birth. I can prove I am a Swedish citizen without giving a third-party vendor my national ID number.

In a decentralized identity framework utilizing ZKPs, the user holds their credentials locally on their device. When a service requests verification, the wallet generates a cryptographic proof. The service provider verifies the proof mathematically. There is no central database to hack. There is no vendor integration layer holding a master key.

If a hacker breaches a vendor in a ZKP-based architecture, they find nothing but useless, mathematically verifiable proofs. There is no honeypot to steal.

Building for Trust, Not Just Compliance

Sweden’s CGI breach is a warning. As we move rapidly toward a fully digitized society, our identity infrastructure must evolve from being merely compliant to being mathematically secure.

Governments and enterprise leaders must realize that true security in the 21st century comes from data minimization and decentralization. The open internet deserves better infrastructure than centralized vendor honeypots. It demands portable, privacy-preserving identity where users own their data, and where one compromised IT firm cannot leak a nation’s infrastructure.

The identity industry doesn’t need another security patch. It needs a teardown.

About the author

Alan Lui is the Chief Marketing Officer at Moca Network (the flagship identity project of Animoca Brands), where he is building privacy-preserved, decentralized identity infrastructure for the next generation of the internet. He writes at the intersection of AI agents, identity architecture, and enterprise technology for an audience of ~25,000 tech, fintech, and government professionals.

Article Topics

centralized ID  |  cryptography  |  digital ID infrastructure  |  digital identity  |  zero knowledge