Vietnam integrates global trends in digital identity management
Reality shows that, although the legal framework plays a fundamental role in establishing privacy protection principles, it is not enough to absolutely protect user data. From there, leading to user data being leaked, abused or used for wrong purposes.
Therefore, many countries have chosen the solution of building user-centered technology infrastructure, allowing individuals to be self-sufficient in data. In which, self-sovereign identity (SSI) and decentralized identity (DID) models are gradually becoming core platforms, both meeting data protection requirements and creating trust for transactions in the digital economy.
In Vietnam, the 2025 Law on Personal Data Protection and the 2024 Data Law have clearly established the principle: personal data belongs to citizens and all data processing activities must be based on the consent of the subject. However, the urgent problem today is not only to strengthen security, but also to have an identification infrastructure in the direction of delegating data control to the subject.
Stemming from legal requirements and policy orientation, the self-designation (SSI) model is a suitable direction for implementation, allowing the realization of the principle of "data belonging to citizens" from legal documents to practical operation.
From a technology perspective, Mr. Nguyen Ngoc Thanh - Technology Director of GBV Labs believes that technologies such as self-identification (SSI) are opening up widespread applications in many areas of life, from finance, education to cross-border platforms, where the requirement to both verify information and protect privacy data rights is becoming increasingly mandatory.
NDAKey: Realizing SSI as an identification solution
NDAKey is an autonomous identity management solution, developed and operated on the national blockchain platform NDAChain and the non-centralized identification platform NDADID. The solution aims to overcome the common situation in digital transactions today, when people have to provide documents repeatedly and accidentally share sensitive data beyond the needs of each transaction.
In fact, NDAKey standardizes the identification process according to the three role models Issuer - Holder - Verifier. Accordingly, Issuers (competent agencies and organizations) issue digital certificates (Verifiable Credentials - VC); Holders (citizens) keep VC in their identity wallet and proactively present when needed; while Verifiers (banks, insurance, health, education, public services...) only verify the presented evidence (Verifiable Presentation - VP), instead of collecting and storing copies of documents.
With this model, people no longer have to repeatedly provide all personal records for each transaction, but only need to prove the necessary information in each specific context.
Thanks to the mechanism of selective data sharing, users can confirm their age, qualifications, and proper qualifications or own a valid certificate without having to disclose original data or unrelated information. This both improves the experience and minimizes the risk of leakage and abuse of personal data.
For management agencies and service providers, NDAKey helps change the approach from "data storage" to "evidence verification". When only verifying information necessary for each transaction, units will reduce operating pressure, compliance costs and legal risks related to personal data protection.
At the same time, digital certificates issued and authenticated according to common standards also create favorable conditions for intercommunication and system connection between sectors and between the public and private sectors.
