The Dutch digital identity landscape is at a crossroads. Belgian identification service itsme is acquiring iDIN, the bank-based identification method used by millions of Dutch citizens. This acquisition signals more than just a change of ownership. It represents the end of a typically Dutch solution, to be replaced by a closed, commercial system under foreign control.
For anyone concerned about digital autonomy, privacy, and the future of digital identity in the Netherlands, this is a moment that demands attention. The disappearance of iDIN creates a gap in the Dutch digital infrastructure. The question we must ask ourselves is: what kind of solution should fill this gap?
What’s changing with the iDIN acquisition
iDIN has been a familiar fixture in the Dutch digital landscape for years. Despite its limitations, including dependence on banks, rigid data sharing, and outdated technical infrastructure, it provided a domestic solution for online identification. With itsme’s acquisition, this changes fundamentally.
The transition to itsme means:
- Loss of Dutch control: A Dutch identification solution is being replaced by a Belgian commercial platform
- Closed commercial system: Unlike open solutions, itsme operates as a proprietary, black-box service
- Centralized data storage: itsme is a big tech cloud-hosted system with central data storage, creating data hotspots. This stands in stark contrast to decentralized approaches that avoid concentrating sensitive identity data in single locations
This acquisition represents a concerning consolidation of digital identity services into foreign commercial hands. This is about the fundamental question of who controls the infrastructure of digital identity and according to which values that infrastructure operates. The Tweakers announcement confirms that the Dutch service will eventually disappear, marking a significant shift in the Netherlands’ digital identity landscape.
The iDIN model: well-intentioned but limited
To understand what’s at stake, it’s worth examining what iDIN was and where it fell short. iDIN was designed to leverage the existing relationship between Dutch citizens and their banks for online identification. The concept had merit: most people trust their bank and already have a banking relationship.
However, iDIN’s implementation had significant drawbacks:
Privacy concerns: iDIN shares a fixed set of personal data every time you identify yourself, regardless of what’s actually needed. Want to prove you’re over 18? iDIN shares your full name, address, birth date, and more. This violates the principle of data minimization that’s central to modern privacy regulation.
Technical limitations: Built on top of the aging iDEAL infrastructure, iDIN relies on browser cookies and outdated protocols. It doesn’t support modern standards like OpenID4VP or W3C Verifiable Credentials that are becoming the global norm.
Limited accessibility: Not all banks participate in iDIN. Users of banks like Knab, Triodos, or international services like Revolut are excluded from iDIN-based services entirely.
Bank dependency: By tying identification to banking relationships, iDIN creates an unnecessary coupling between financial services and digital identity. This limits innovation and creates barriers for those without traditional banking relationships.
No selective disclosure: Unlike modern attribute-based credentials, iDIN can only share predetermined bundles of information. There’s no way to prove just one fact about yourself without revealing a whole dossier.
These limitations weren’t unique to iDIN, as they reflected the constraints of its time and purpose. But as iDIN disappears, we have the opportunity to choose something better.
A different approach: Yivi’s vision for digital identity
Yivi was created from a fundamentally different starting point. Rather than adapting existing commercial infrastructure for identification purposes, Yivi was designed from the ground up around core principles:
User-centric and privacy-first
With Yivi, you are in control. Your digital credentials, whether proving your age, address, or professional qualifications, live in your own Yivi wallet on your device. You decide what to share, when, and with whom. No intermediary has access to this information, and no central database tracks your every identification.
This isn’t just a nice-to-have feature. Under regulations like the GDPR and the upcoming eIDAS 2.0 framework, data minimization and user control are legal requirements. Yivi is built to meet these standards by design.
Selective disclosure: share only what’s needed
One of Yivi’s most powerful features is selective disclosure. Unlike iDIN, which dumps a fixed data package every time you identify yourself, Yivi allows granular sharing:
- Want to prove you’re over 18? Share just your age range, not your exact birth date, name, or address.
- Need to verify your address? Share only your postal code or city, not your full street address.
- Proving your professional qualification? Share the credential without unnecessary personal details.
This attribute-based approach means you share exactly what’s required for each situation, nothing more and nothing less. It’s privacy-enhancing technology in practice.
Open standards and open source
Yivi is built on open international standards including OpenID4VP, OpenID4VCI, and credential formats like SD-JWT VC. These aren’t proprietary protocols, but the same standards being adopted globally for interoperable digital identity.
Critically, Yivi is open source. The code is publicly available, auditable by anyone, and continuously reviewed by the community and security researchers. There are no hidden backdoors, no secret algorithms, and no black boxes. This transparency builds trust and allows independent verification of security and privacy claims.
For developers, this means you can examine exactly how Yivi works, contribute improvements, and integrate it into your applications with confidence.
No tracking, no central logging
When you use Yivi, there’s no central authority tracking your identification activities. Unlike centralized identity providers that can see everywhere you log in and build profiles of your behavior, Yivi uses cryptographic protocols that don’t require central coordination for each transaction.
Yivi’s decentralized architecture means your credentials live on your own device, not in cloud-hosted data centers. There are no data hotspots where sensitive identity information is concentrated, making mass data breaches structurally impossible. Verifiers can confirm your credentials are valid without reporting back to any central system. Your identity provider issues credentials to your wallet but doesn’t see where or when you use them. This architectural design makes surveillance and behavior tracking technically impossible.
Independence from big tech cloud infrastructure
A critical but often overlooked concern with centralized identity systems is their dependence on big tech cloud infrastructure. Systems hosted on Amazon Web Services, Google Cloud, or Microsoft Azure are subject to the US CLOUD Act, which allows US authorities to access data stored on these platforms regardless of where the servers are physically located.
This creates a fundamental vulnerability: even if a European identity service stores data in European data centers, using US cloud providers means that data can be compelled by foreign law enforcement, bypassing European privacy protections and judicial oversight. For digital identity data, this represents an unacceptable sovereignty and privacy risk.
Yivi’s architecture sidesteps this vulnerability entirely. Your credentials live on your own device, not in cloud data centers controlled by big tech. There’s no cloud infrastructure that can be subpoenaed, no data lake that can be accessed by foreign authorities. This isn’t just about commercial independence, it’s about maintaining genuine control over sensitive identity data and respecting European digital sovereignty.
Future-ready for eIDAS 2.0
The European Union’s eIDAS 2.0 regulation will soon require member states to provide EU Digital Identity Wallets to citizens. These wallets must support attribute-based credentials, selective disclosure, and strong privacy protections, exactly what Yivi already provides.
Similarly, the Netherlands’ Digital Government Act (Wet digitale overheid) emphasizes privacy, user control, and data minimization in government digital services. Yivi is designed to meet these requirements out of the box.
Organizations that adopt Yivi now are preparing for these regulatory futures, rather than facing technical debt and costly migrations later.
The gap iDIN leaves behind
With iDIN’s discontinuation, what happens to the millions of identification transactions that currently flow through it? Many services, from rental applications to age verification, rely on iDIN for digital identification.
The obvious risk is that this gap gets filled automatically by another commercial platform. If itsme simply becomes the default replacement, we’ve solved nothing. We’ve merely traded one limited system for another, while simultaneously losing domestic control over critical digital infrastructure.
But there’s another possibility: this transition creates space for a genuinely better alternative. A solution that respects privacy, empowers users, operates according to public values, and prepares us for the digital identity standards of the future.
This is the opportunity that Yivi represents.
Who should care, and what can you do?
The discontinuation of iDIN isn’t just a technical matter for IT departments. It affects anyone who cares about privacy, digital rights, and the future shape of our digital society. Here’s what different groups can do:
Developers: build with open infrastructure
If you’re building digital services that require identification or authentication, now is the time to explore alternatives to proprietary solutions.
What you can do:
- Explore Yivi’s documentation: Start at docs.yivi.app to understand how Yivi works and how to integrate it
- Review the open source code: Examine the codebase on GitHub, contribute improvements, report issues
- Build pilots and proofs-of-concept: Test Yivi in your applications, experiment with selective disclosure for your use cases
- Join the developer community: Participate in discussions, share your experiences, help improve the ecosystem
- Choose open standards: By building on OpenID4VP, OpenID4VCI, SD-JWT VC, and other open protocols, you create interoperable solutions rather than vendor lock-in
The developer community has enormous power to shape which technologies succeed. By choosing to build with privacy-respecting, open infrastructure, you help create the future we want.
Organizations and governments: experiment before crisis
Waiting until 2028 when eIDAS 2.0 mandates are fully in force is too late. Organizations that start experimenting now with attribute-based credentials and selective disclosure will be prepared; those that wait will face rushed, costly implementations.
What you can do:
- Start a Yivi trial: Test how Yivi could work for your use case, whether that’s employee authentication, customer verification, or access control
- Ask questions: Reach out to the Yivi team to understand how it could fit your technical architecture and regulatory requirements
- Run pilot projects: Choose a specific use case and implement it with Yivi to gain practical experience
- Plan for migration: If you currently rely on iDIN, start planning your transition strategy now rather than waiting for the last moment
- Demand privacy-respecting alternatives: When evaluating identity solutions, insist on selective disclosure, user control, and privacy by design
- Consider your digital sovereignty: Evaluate the strategic implications of depending on foreign commercial platforms versus open, community-governed solutions
Government organizations in particular have a responsibility to lead by example. Public services should operate according to public values. The municipality of Nijmegen has already begun experimenting with Yivi, and other government bodies should follow.
Policymakers and architects: choose public values first
Digital identity infrastructure is too important to be an afterthought. The decisions made now about what replaces iDIN will shape Dutch digital infrastructure for decades.
What you can do:
- Prioritize public values: When evaluating identity solutions, put privacy, user control, and digital sovereignty at the center, not as nice-to-have extras
- Support open alternatives: Consider how policy and procurement can favor open-source, community-governed solutions over proprietary commercial platforms
- Think strategically: Recognize that digital identity infrastructure is as critical as roads or electrical grids, and that it should serve public interests, not just commercial ones
- Enable experimentation: Create space for government bodies and public institutions to pilot innovative solutions like Yivi
- Learn from other countries: Look at how other European nations are approaching digital identity wallets and selective disclosure
- Engage with the community: Involve privacy advocates, technologists, and civil society in decisions about digital identity infrastructure
The choice between a closed commercial platform and an open, privacy-respecting alternative is ultimately a political choice about values. Policymakers must make this choice deliberately, rather than allowing it to happen by default.
Users and privacy advocates: make your voice heard
Digital identity affects everyone. The systems we use to prove who we are online determine how much privacy we have, how much control we retain over our personal information, and how much we depend on commercial platforms that may not share our interests.
What you can do:
- Learn about alternatives: Understand that choices exist beyond the default commercial options
- Try Yivi: Download the Yivi app and experience what user-centric digital identity feels like
- Advocate for privacy: When organizations or services you use rely on privacy-invasive identification methods, ask why they don’t offer better alternatives
- Support open solutions: Where possible, choose services that integrate privacy-respecting technologies
- Speak up: Participate in public consultations, write to representatives, engage in discussions about digital identity policy
- Educate others: Share what you learn about digital identity and privacy with friends, family, and colleagues
Individual voices matter. Organizations and policymakers respond to demand. By making clear that privacy and user control are priorities, you help shift the market toward better solutions.
The choice we face
The discontinuation of iDIN is not just the end of one particular service. It’s a moment of decision about what kind of digital identity infrastructure we want for the Netherlands and Europe.
We can allow this gap to be filled automatically by another commercial, closed platform, accepting limited privacy, foreign control, and dependence on proprietary systems as inevitable.
Or we can choose differently.
We can choose solutions that:
- Put users in control of their own digital identity
- Share only necessary data through selective disclosure
- Operate on open standards that prevent lock-in
- Function according to public values, not just commercial interests
- Protect privacy through architecture, not just policy
- Prepare us for the regulatory standards that are coming
Yivi represents this alternative. It’s not just a replacement for iDIN, but a step toward a more privacy-respecting, user-centric, and democratically governed digital future.
The technology exists. The standards are established. The regulatory drivers are in place. What’s needed now is the collective will to choose public values over default convenience, and to build the digital infrastructure we actually want.
The end of iDIN is an ending. But endings create space for new beginnings. Let’s make this one count.
Learn more and get involved
- Compare Yivi and iDIN in detail: yivi.app/yivi_vs_idin
- Understand what Yivi is: docs.yivi.app/what-is-yivi
- For developers: yivi.app/for_developers
- Download the Yivi app: Available on iOS and Android
- Get in touch: Questions about implementing Yivi? Contact us
The future of digital identity is being decided right now. Be part of that decision.