In 1958, Bank of America mailed 60,000 unsolicited credit cards to residents of Fresno, California. It was a disaster. Fraud was rampant. Merchants had no way to verify whether the card was real, whether the person holding it was the account holder, or whether the account had funds. There was no infrastructure. Just a piece of plastic and a prayer.
Within two decades, that chaos gave way to Visa, Mastercard, and the global payment network that now processes $40 trillion annually. The infrastructure was built — not all at once, but layer by layer — and it transformed every industry it touched. Payments went from cash-only to contactless, from in-person to embedded, from a friction point to an invisible layer that powers modern commerce.
The same pattern has repeated across every foundational technology. And right now, identity and trust are sitting exactly where payments sat in 1958: no infrastructure, no standards, and a growing catastrophe that makes the case for building both.
The Infrastructure Pattern
Every transformative technology platform follows the same arc:
Payments. Cash only became card networks became digital payments became embedded finance. Today, payments happen seamlessly inside applications, across borders, in milliseconds. This is only possible because someone built the infrastructure layer — the rails, the standards, the verification protocols — that every participant connects to.
Communications. Landlines became email became messaging platforms became unified communications. A person in London can video-call a person in Tokyo through six different applications, all interoperable, because the underlying communications infrastructure handles routing, encoding, and delivery invisibly.
Cloud computing. On-premise servers became co-located data centres became AWS, Azure, and GCP. Companies that once needed million-pound server rooms now spin up global infrastructure with an API call. The infrastructure layer abstracted away the complexity and made capability universal.
In each case, the pattern is the same: fragmented, expensive, and unreliable systems gave way to universal infrastructure that was always-on, interoperable, and accessible to everyone — from the largest enterprise to the smallest startup.
Now look at identity and trust. Where is the infrastructure?
The Current State of Identity: Fragmented, Static, and Broken
Identity verification today looks like payments looked in the 1960s. It's siloed, manual, expensive, and disconnected from the interactions that actually matter.
Siloed verification. Every institution builds its own identity check. Banks verify customers independently. Employers run their own right-to-work checks. Care homes verify agency staff separately from the agencies that employ them. Your identity is verified hundreds of times by hundreds of different systems, none of which talk to each other. Every interaction starts from zero.
Static KYC. Know Your Customer checks are a snapshot. They capture who you were on the day the check was run — your address, your documents, your photograph. But identity is dynamic. Visas expire. Names change. Credentials lapse. Fraud evolves. A static check from six months ago tells you nothing about whether the person in front of you today is who they claim to be.
One-way systems. Almost every verification system in existence is one-directional. The institution verifies the individual. But the individual has no way to verify the institution — or, crucially, the person claiming to represent it. When someone calls from "your bank" or arrives at your door from "the gas board," you have no mechanism to verify them. The trust is asymmetric by design.
Platform-locked solutions. The verification tools that do exist are locked to specific platforms or industries. A solution built for financial services doesn't work for recruitment. A tool designed for online transactions doesn't help with in-person verification. There is no universal layer. Every domain reinvents the wheel.
The Consequences of No Trust Infrastructure
The absence of a trust infrastructure layer isn't an abstract problem. It has concrete, measurable consequences that are growing exponentially.
$10.5 trillion in annual cybercrime. That's the estimated global cost according to Cybersecurity Ventures, and it's rising every year. The majority of successful attacks exploit the human layer — phishing, impersonation, social engineering — precisely because there's no infrastructure to verify identity at the point of interaction.
Deepfakes are eroding visual trust. Real-time AI can now impersonate anyone on a video call. The pixels, the voice, the mannerisms — all synthetic, all convincing. We are losing the ability to trust what we see and hear. This isn't a future problem. It's happening now, in recruitment interviews, board meetings, and financial transactions.
Regulatory burden is exploding. The Fair Work Agency in the UK. GDPR across Europe. KYC and AML requirements in financial services. Digital identity regulations emerging in every major economy. Businesses are drowning in compliance obligations, each requiring its own verification process, its own documentation, its own audit trail. Without shared infrastructure, every business bears the full cost independently.
Humans remain the weak link. Firewalls, encryption, and multi-factor authentication have hardened the technical perimeter. But the human perimeter — the moment when one person trusts another person's claimed identity — remains almost entirely unprotected. That's where the breaches happen. That's where the fraud succeeds. And that's what no existing infrastructure addresses.
What Trust Infrastructure Needs to Be
The infrastructure layer for identity and trust needs to have the same characteristics as the infrastructure layers that transformed payments, communications, and computing:
Always-on. Not a one-time check at onboarding. Continuous, real-time verification that works whenever identity matters — at the door, on a call, at shift start, during a transaction.
Platform-agnostic. Works across every communication channel and interaction type. In person, on video, on a voice call, over messaging. Not locked to one app, one platform, or one industry. Universal, like payment rails are universal.
Two-way. Both parties verify. The institution verifies the individual. The individual verifies the institution. The person on the call verifies the other person on the call. Trust is reciprocal, not one-directional.
Institutional-grade. Built for the demands of regulated industries — auditable, tamper-proof, cryptographically secure, compliant with emerging digital identity regulations. Not a consumer app retrofitted for enterprise. Infrastructure that survives procurement, satisfies regulators, and scales to millions of interactions.
Accessible. Available to a 10-person recruitment agency at the same quality and capability as a 10,000-person enterprise. The infrastructure layer should make compliance and trust affordable and universal, not the exclusive domain of organisations that can afford six-figure software contracts.
The Market Is Already Moving
The numbers tell the story. The global identity verification and biometrics market is valued at $11-14 billion in 2024-25, projected to reach $29-40 billion by 2030. The broader digital identity storage market sits at $39-64 billion, growing to $80-146 billion by 2030/31.
These figures reflect a market that recognises the problem but hasn't yet converged on the infrastructure solution. Current spending is fragmented across point solutions — KYC providers, background check services, biometric tools, document verification platforms — each addressing a slice of the problem without providing the universal layer.
The winners in this market won't be the companies that build the best point solution for one industry or one use case. They'll be the ones that build the universal trust layer — the identity equivalent of Visa's payment network or AWS's compute infrastructure. Not for one app. Not for one industry. For every interaction where identity matters.
Where Certifyd Fits
Certifyd is building identity as infrastructure. Not a verification tool for a single use case, but a platform-agnostic, two-way, real-time identity layer that works wherever trust matters.
A QR code scan that takes 30 seconds and creates a cryptographically secure, tamper-proof verification record. Works in person. Works on video. Works on a voice call. Works across industries — recruitment, trades, care, workforce compliance, financial services, government. The same infrastructure, the same audit trail, the same trust layer.
The payment networks didn't just make transactions faster. They made commerce possible at a scale that was previously unimaginable. The cloud didn't just make servers cheaper. It created entirely new categories of business that couldn't have existed before.
Identity infrastructure will do the same. When trust is built into the fabric of every interaction — not bolted on as an afterthought, not siloed in one platform, not limited to one industry — it changes what's possible. Hiring becomes faster. Care becomes safer. Fraud becomes harder. Compliance becomes automatic. And the $10.5 trillion annual cybercrime tax starts to shrink.
The Infrastructure Moment
Every foundational technology has its infrastructure moment — the point where the cost of not building shared infrastructure exceeds the cost of building it. For payments, it was the fraud chaos of the 1960s. For cloud, it was the impossibility of every company running its own data centres.
For identity and trust, that moment is now. Deepfakes are accelerating. Regulations are tightening. The human layer is under attack from every direction. The point solutions aren't scaling. The fragmentation is getting worse, not better.
The question isn't whether trust infrastructure gets built. It's who builds it, and how fast.
Learn more about Certifyd's vision for identity as infrastructure, or get in touch to talk about how it applies to your organisation.