Building trust in the age of digital identity: why cyber resilience must come first

By Nathalie Gosset, VP Identity and Biometric Solutions at Thales
Trust is the invisible infrastructure of the digital world. Without it, innovation falters, and transformation stalls. This belief was powerfully echoed during a roundtable I had the privilege to join at VivaTech, Paris on June 12 —where leaders from across sectors gathered to debate one of today’s most urgent questions: how do we protect digital identity without compromising on simplicity, speed, inclusivity, or innovation?
The urgency of this question is underscored by alarming new figures: France’s data protection authority, CNIL, recently reported a 20% increase in personal data violations in 2024—impacting over one million citizens. It’s an unprecedented surge that highlights just how high the stakes have become.
Managing this evolving cyber risk isn’t just about better firewalls. It’s about embedding resilience into data, applications and digital infrastructures—starting with identity. From the chip that powers a smartphone to the cloud platforms that host our public services, security must be built in by design. That’s not just a technical challenge—it’s a societal imperative.
In today’s digital world, identity is everything. It’s the key that unlocks our services, secures our transactions, and increasingly, shapes the way we interact with society. Take digital wallets, for example. These tools are reshaping how we access services—from payments to healthcare to travel. The Queensland Digital ID Wallet rollout is a standout success (1million users as of today), demonstrating how secure, user-centric technology can streamline interactions while protecting sensitive data. Citizens are empowered to prove who they are instantly and privately, without the friction of paperwork or the fear of fraud.
But simplicity cannot come at the expense of security. With every convenience we create, we open a new front in the cyber battlefield. Digital identity becomes both the gateway and the target. That’s why secure-by-design principles must guide everything from biometric authentication to the way we manage consent and privacy.
The upcoming European Digital Identity Wallet is a bold move toward a trusted, pan-European identity framework. If well addressed, it could become a cornerstone of how citizens interact across borders. But success will depend on more than technology—it will require trust. Citizens must feel their data is protected. Businesses must see value in adopting the wallet. And legal frameworks must align to ensure seamless operation across jurisdictions. Without this, we risk fragmentation and limited uptake.
Let’s not forget that trust is fragile. It takes years to build, and seconds to break. We’ve seen organizations patch their systems after a cyberattack—yet still struggle for months or even years to regain customer confidence. The real cost of a breach isn’t just technical—it’s reputational. For governments, citizen trust is at the heart of their mandate. There can be no compromise on the security of digital identity, it’s a matter of national sovereignty. This reactive mindset must change.
Cyber resilience—particularly around digital identity—has to become proactive. That means building systems that assume threats will come, that can detect anomalies in real time, and that empower users with transparency and control. It means investing in secure infrastructure before a crisis strikes—and fostering a culture where cybersecurity is everyone’s responsibility, with continuous upgrades to stay ahead of evolving threats
Looking ahead, the tools to fight digital identity fraud will need to evolve. We’ll need strong biometric verification to outpace spoofing. We’ll need AI-powered fraud detection to match the scale and speed of attackers. We’ll need zero-trust architectures that continuously verify—not just who you are, but how you behave. And critically, we’ll need user empowerment: systems where individuals understand what data they’re sharing, with whom, and why.
This is not a challenge any single actor can solve. Governments, private companies, and even citizens must come together to design identity systems that are inclusive, interoperable, and inherently secure. Good news: there are some great success stories that show it is feasible. In the Australian example, security was fully embedded, and a panel of representative citizens was involved in usability from the start.
Because when identity is trusted, everything else can flow—services, innovation and confidence. And that trust is what will define the success of our digital future.
About the author
Nathalie Gosset is VP Identity and Biometric Solutions at Thales. She has more than 20 years’ experience in business management, sales, marketing and project management in both civil and military domains.
Article Topics
biometrics | cybersecurity | digital identity | digital trust | security by design | tech sovereignty | Thales Digital Identity and Security
Comments