By clicking "Accept", you agree to the storing of cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts. More info
DenyAccept

How to Turn Open Finance Data into Digital ID Credentials and Connect IAM Silos [Video and Takeaways]

Published
September 8, 2025
Table of content
This is also a heading
This is a heading

Join 14,000+ identity enthusiasts who subscribe to our newsletter for expert insights.

By subscribing you agree to with our Privacy Policy.
Success! You’re now subscribed to the newsletter.
Oops! Something went wrong while submitting the form.

The way organizations handle digital identity is rapidly evolving and nowhere is this more visible than in Brazil’s booming Open Finance and Open Insurance ecosystems.

To explore how verified financial data can be transformed into reusable digital identity credentials, Dock Labs recently hosted a live podcast: How to Turn Open Finance Data into Digital ID Credentials and Connect IAM Silos.

The session was led by Nick Lambert, CEO of Dock Labs, and featured industry leaders shaping the future of identity in Latin America:

  • André Facciolli, CEO of Netbr, a consultancy specializing in end-to-end identity management solutions that works with Brazil’s top 10 banks.
  • Alan Kim Mareines, CEO of Lina, a technology provider delivering Open Finance and Open Insurance infrastructure across Brazil.
  • Rodrigo Azevedo, Developer at Netbr, who built and presented the live proof-of-concept demo showing how Open Finance data can be issued as verifiable credentials and used across real-world scenarios like hotel check-ins or age verification at a pub.

Together, the panel explored the challenges large enterprises face with siloed IAM systems, the benefits of combining Open Finance with verifiable credentials, and the broader implications for user privacy, security, and business innovation.

Brazil’s Open Finance / Open Insurance Landscape

  • Mandated ecosystem: Central Bank and insurance regulator require participation; high security and standardized APIs. Banks/insurers must maintain high-quality, up-to-date registration/credit/transaction data.
  • Scope exceeds PSD2-style “core banking”: Includes accounts, cards, investments, loans, insurance. Richer data fabric for identity use cases.
  • Market maturity: Open Finance in Brazil is advanced; GDPR-style privacy (LGPD) exists but enforcement maturity lags Open Finance progress.

Demo

  • Set-up: An “ecosystem” with issuers (Netbr, Lina) and verifiers (Pub, Hotel, Liquor Store). Dock Labs/Truvera tech powers the verifiable credentials capabilities and identity wallet.
  • Issuance flow (Open Finance → Credential):
    • The user selects their bank and authenticates with the bank.
    • Consent is created and approved via Lina to pull registration data.
    • Lina issues an “Open Finance Credential” into the user’s wallet, containing PII (name, ID, address, contact, consent reference).
  • Verification flows (two examples):
    • Age-check at a pub: User scans a verifier QR → chooses which field(s) to disclose → shares only a boolean “Over 18 = true” (not full DOB) via Selective Disclosure.
    • Hotel check-in: User shares a broader attribute set (name, address, contact) to auto-fill a web form with trusted, bank-sourced data.
  • Why it matters:
    • Privacy by design: Minimal disclosure (boolean proofs) vs. document dumps.
    • Trust & speed: Bank-grade, regulator-audited data underpins verifications, reducing fake entries and manual checks.
    • Developer velocity: PoC built in ~2 weeks (Netbr + Lina + Dock Labs/Truvera) → practical, low-lift path to pilots.
    • Beyond banking walls: Credentials become portable across non-financial verifiers (pub, hotel), dissolving silo boundaries.

Key Concepts Highlighted

  • Selective Disclosure and zero-knowledge proofs: Share only what’s needed (e.g., “over 18” boolean).
  • Consented Data Use: Explicit user consent at the source bank; consent reference embedded in credential.
  • Issuer–Holder–Verifier model (simplified): The demo intentionally abstracts complexity to emphasize data validation value and UX.
  • Wallet UX: Enterprise-embeddable wallet model (can be white-labeled/embedded in existing apps).

IAM Pain Points & Enterprise Realities

  • Two-track transformation needed:
    • Core modernization (longer projects; integrate legacy).
    • Fast-track wins (pilots like this PoC to prove value quickly).
  • Biggest adoption blocker: Internal alignment & understanding, not tech feasibility.
  • Everywhere need for data validation: Apps constantly re-collect untrusted data; credentials replace self-declaration with attested attributes.

Use Cases (Near-Term → Strategic)

  • Immediate, simple wins:
    • Age gating (alcohol, restricted goods, content).
    • Hotel/Airline/Travel check-in (form fill with trusted attributes).
    • Loyalty programs (portable, privacy-preserving identity across brands).
  • Fraud & risk:
    • Email/address/phone verification via bank-verified registration data.
    • Cross-checking with other sources to reduce impersonation & application fraud.
  • Personalized products:
    • Use transaction + profile credentials to tailor offers (responsibly, with consent).
  • Open Insurance opportunities:
    • Digitize broker workflows (quotes from dozens of insurers via standard APIs).
    • Standardized object descriptions (e.g., car) → cleaner underwriting & faster quotes.

Data Quality, Trust & Liability

  • Data provenance: Banks/insurers are the data providers; quality is high because it’s used for regulatory reporting and core operations.
  • Who issues what: In an at-scale model, banks/insurers (or regulated TPPs acting on their behalf) would be the credential issuers; TPPs (like Lina) are regulated recipients/orchestrators.
  • Liability chain: Providers remain responsible for data correctness; users/TPPs for secure handling and authorized sharing.

Privacy, Consent & Regulation

  • LGPD (Brazil’s GDPR analog): Legal foundation for user data control; tech is needed to make compliance practical.
  • Verifiable Credentials as compliance enablers: User-held, consent-driven sharing + minimal disclosure → cleaner GDPR/LGPD posture than API firehoses.
  • Cultural UX shift: Users gain awareness and control (who gets what, when, and why) vs. opaque data sharing.

Adoption Strategy & ROI

  • How to talk ROI for innovation:
    • Fraud reduction is quantifiable but may be conservative initially.
    • UX uplift & speed (lower abandonment, fewer manual reviews) drive value even if hard to price on day one.
    • Strategic returns: Innovation posture, organizational maturity, delivery speed.
  • Playbook: Start with simple, frequent use cases to educate stakeholders, then expand to richer, cross-department scenarios.

Audience Q&A Highlights

  • Is the data “verifiable”? Yes. Cryptographically-signed by banks/insurers.
  • Why credentials vs. raw Open Finance pulls? Portability, user control, reuse across verifiers, and minimal disclosure, beyond a single API session.
  • Healthcare analogy: A user-owned data store model would improve multi-provider coordination.

Closing Notes

  • Feasibility proven: Two-week PoC built by Netbr + Lina using Dock Labs/Truvera platform.
  • Principle: Make it simple first. Solve data validation with consented, trusted attributes; then scale to complex ecosystems.
  • North Star: Portable, privacy-preserving, verifiable data that works across organizations. Fewer silos, less friction, more trust.

Create your first digital ID credential today

The Truvera platform helps you integrate reusable ID credentials into your existing identity workflows to support a variety of goals: reduce onboarding friction, connect siloed data, verify trusted organizations and customers, and monetize credential verification.

Sign up for free
Request Free Consultation

Ready to get started?

Sign up to TruveraRequest Free Consultation

Company

Truvera Platform

Developers

Industries

Resources

Copyright © 2024 Dock Labs AG