In the past twelve months, the average UK adult has verified their identity fifteen separate times. To open a bank account. To start a new job. To rent a flat. To get a phone contract. To sign up for a pension. To register with a GP. To apply for a mortgage. To join a gym with direct debit. To pass a DBS check. To set up a business account.
Every single time, the process starts from scratch. Upload your passport. Take a selfie. Wait for the check. Get approved. Repeat the entire process two weeks later for the next institution that needs to verify you.
This is KYC fatigue. And it is not just an inconvenience — it is a structural failure in how identity works.
The Problem with Point-in-Time Checks
Every KYC check is a snapshot. It tells you that a person's identity was verified against a set of documents on a specific date. It says nothing about yesterday. It says nothing about tomorrow.
Consider what this means in practice:
- A bank verifies a customer's identity at account opening. That check is never repeated. The customer could have their identity compromised six months later, and the bank's records still show "verified."
- An employer checks right-to-work status on day one. The visa expires eight months later. Unless someone manually tracks expiry dates — and most don't — the employer doesn't know until an audit finds it.
- A care agency runs a DBS check when a worker joins. The worker receives a caution a year later. The agency has no mechanism to learn about it unless they re-run the check, which most don't do routinely.
Static, point-in-time verification creates an illusion of compliance. The box was ticked on the day. But identity risk is continuous. Documents expire. Statuses change. People's circumstances evolve. A check from six months ago is not a check — it's a memory.
Why Every Institution Runs Its Own Check
The reason you verify your identity fifteen times a year is that every institution operates its own isolated verification process. Your bank doesn't share its verification with your employer. Your employer doesn't share with your landlord. Your landlord doesn't share with your phone provider.
Each institution treats you as a stranger. Each one builds its own partial picture of your identity. None of them talk to each other.
This creates three compounding problems:
1. Massive duplication of effort. Millions of identical checks are run on the same people by different institutions, each paying for their own verification, each processing the same documents, each arriving at the same conclusion independently.
2. Fragmented identity data. Your identity information sits in dozens of separate databases, each with different security standards, different retention policies, and different vulnerability profiles. Every additional copy is another breach target.
3. No continuous picture. Because each check is independent and one-time, nobody has a current view of your identity status. The most recent information any institution has is the date they last checked — which is almost always the date you signed up.
The Netherlands Got Something Right
The Netherlands' DigiD system offers a glimpse of what a different model looks like. Dutch citizens authenticate with a single digital identity to access government services, tax filings, healthcare, and municipal systems. One identity, maintained centrally, used across institutions.
DigiD isn't perfect — it's government-focused, doesn't extend fully to the private sector, and has had its own security challenges. But the underlying principle is sound: verify once, authenticate many times, maintain continuously.
The person doesn't start from scratch at every institution. The identity is portable. The verification is current. The friction is dramatically reduced.
What Living Identity Looks Like
Living identity is the shift from static documents to dynamic, continuous verification. Instead of a snapshot that ages from the moment it's taken, a living identity system maintains a current, verified profile that evolves as your circumstances change.
The core principles:
Verified once, portable everywhere. You go through a thorough verification process once. That verified identity is then usable across institutions, employers, landlords, and service providers — without repeating the process each time.
Continuously maintained. A living identity doesn't just capture a point in time. It monitors for changes: visa expirations, credential updates, DBS status changes, address modifications. The identity stays current because it's designed to, not because someone remembered to re-check.
Reciprocal, not one-sided. Current KYC is asymmetric. The institution verifies you, but you have no way to verify the institution. Living identity is two-way. When you interact with an organisation, both parties authenticate. You know you're dealing with a legitimate entity. They know they're dealing with the verified you.
Person-controlled. Your identity data belongs to you, not to the fifteen institutions that each hold a fragment of it. You control what's shared, with whom, and for how long. Portable identity means you carry it with you — not that it's scattered across a dozen databases you don't control.
The Path from Here to There
The shift from static KYC to living identity won't happen overnight. It requires interoperability between verification systems, trust frameworks that institutions can adopt incrementally, and a verification mechanism that works across channels and contexts.
Certifyd's approach is designed for this transition. Two-way verification via QR code provides the authentication layer. The identity graph builds over time — each verification adds context, each interaction strengthens the profile. The result is an identity that's not just checked once but maintained, portable, and reciprocal.
KYC fatigue exists because the current system treats every interaction as if you've never been verified before. Living identity starts from the premise that you have been — and builds from there.
The question isn't whether identity will become portable and continuous. It's whether your organisation will be ready when it does.
Learn more about Certifyd's vision for living identity or get in touch to discuss your identity challenges.