Home/Digital Identity

Solution

Prove who you are.
Without giving anything away.

Identity shouldn't require surrendering your data. Lokblok® replaces stored identity and credentials with ephemeral cryptography, hardware-bound identity, and selective disclosure.

THE PROBLEM

Every digital identity system faces the same trade-off.

Security leads to centralisation. Privacy leads to fragmentation. Most systems end up with central databases of personal data, persistent credentials, and provider-controlled recovery, creating the exact targets attackers are looking for.

Data becomes the target

  • Large identity databases attract hackers
  • Insiders abuse access
  • Nation-state actors exploit at scale

Credentials become the weakness

  • Passwords and tokens can be stolen
  • Credentials are reused across services
  • Phishing bypasses the system entirely

Trust breaks down

  • Citizens fear surveillance
  • Tracking of identity usage
  • Misuse of personal data by providers

THE LOKBLOK MODEL

Identity without exposure.

Lokblok replaces stored identity and credentials with a fundamentally different model. There is no central identity database. There are no stored credentials. There is no data to breach, because there is no data to store.

Ephemeral cryptography: One-time cryptographic proofs reconstructed only at the moment of use.
Hardware-bound identity: Identity tied to secure hardware, not to a database record or password.
Selective disclosure: Prove only what is needed: 'Over 18', 'UK resident', 'Verified user'. Nothing more.

How It Works

1

Identity Verified Once (ToughID™)

eKYC via passport, biometrics, and liveness. Data is tokenised and bound to hardware. No centralised identity database is created.

2

Data Is Never Shared

When a service requests identity, the system proves only what is required. No underlying data is exposed.

3

No Credentials Stored

Each interaction reconstructs a one-time cryptographic proof, validates identity and device, then destroys the secret immediately.

4

Verification Replaces Trust

Services verify cryptographic proof, hardware attestation, and policy compliance, not databases. Nothing to breach.

5

Recovery Is Distributed

No central recovery authority. No reset links. Recovery requires multi-party participation and hardware-backed verification.

WHAT THIS REMOVES

Everything the attacker was relying on.

Identity databases as attack targets
Passwords and reusable credentials
Centralised tracking of identity usage
Provider-controlled recovery
Single points of failure

WHAT THIS ENABLES

Capabilities that weren't possible before.

Privacy by design

No central database, no tracking of where identity is used, no unnecessary data sharing.

True self-sovereign identity

Citizens control their data. Governments verify, not store. Providers cannot access identity.

Trustworthy verification

Services get provable answers without needing to hold personal data.

Adoption without fear

No surveillance concerns, no large-scale breach risk, no credential fatigue.

REAL-WORLD APPLICATIONS

Identity without storage, across every domain.

Government Digital Services

Tax · Healthcare · Licensing

Agencies such as HMRC, NHS, and DVLA can verify identity without storing it. Citizens interact with government without creating centralised data honeypots.

Financial Services

KYC · Onboarding · Compliance

Identity-provable onboarding that meets KYC and AML requirements without exposing customer data. Services verify claims, not raw records.

Cross-Border Identity (EUDI)

Interoperability · Legal recognition

EUDI provides the framework. Lokblok completes it. Non-custodial key control and threshold-based recovery close the gaps that centralised recovery and provider-controlled key layers leave open.

Workforce & Enterprise Identity

No passwords · No credential reuse

Hardware-bound identity ensures that even privileged access cannot be impersonated or replayed. No identity database for attackers to target.

WHY EXISTING MODELS FALL SHORT

Every current approach has the same flaw: they store something.

ModelProblem
Passwords / MFA
Reusable, phishable: the most common attack vector in the world
Identity providers (SSO)
Centralised control: a single breach compromises everything
Digital ID databases
Massive attack surface: national-scale honeypots by design
Wallets with stored keys
Recoverable and targetable: the key is still somewhere
Lokblok®
No stored identity.
No stored credentials.
No tracking.

REGULATORY ALIGNMENT

Designed for compliance. Not just compatible with it.

Because data is not stored centrally and identity is provable without exposure, Lokblok® doesn't just meet regulatory requirements. It structurally satisfies the intent behind them.

  • GDPR: data minimisation and privacy by design, by construction
  • eIDAS 2.0 / EUDI: wallet-compatible, non-custodial key control
  • KYC / AML: identity provable without exposing underlying data
  • NIS2: identity security requirements met structurally

The Real Question

Not: "How do we verify identity?"

But: "How do we do it without creating a system people fear?"

Digital identity is becoming mandatory, ubiquitous, and foundational. Without trust, it fails. Lokblok builds it around not needing to store data at all.

Products Used in This Solution

Five products. One connected architecture.

Phantom Secrets™, Lokblok® zero-persistence key reconstruction modulePhantom Secrets™Phantom Gate™, Lokblok® zero-trust authentication gatewayPhantom Gate™Secure Terminal™, Lokblok® hardware execution layerSecure Terminal™ToughID™, Lokblok® hardware-bound identity attestation deviceToughID™Toughkey™, Lokblok® cryptographic hardware keyToughkey™

The Shift

Identity systems have been built around storing and protecting data.

Lokblok builds them around not needing to store it at all.
You shouldn't have to give away your identity to prove it.

Explore Identity ArchitectureSee EUDI Integration →