Thailand’s Digital ID Framework Is Already in Phase 2. Most of the World Hasn’t Noticed.

Most countries are still arguing about what a digital ID should look like. Thailand has stopped arguing. The Electronic Transactions Development Agency, ETDA, is running Phase 2 of its national Digital ID Framework, and Phase 2 isn’t about issuing more ID cards. It’s about issuing every other document a citizen needs.

The Phase 2 Digital ID Framework runs 2025 to 2027. It is publicly published. It is funded. It is happening.

And it’s going to reshape every interaction a Thai person, business, or visitor has with paperwork.

What the public record shows.

ETDA’s Phase 2 Digital ID Framework moves Thailand from “we can prove who you are digitally” to “we can prove anything about you digitally, in a way any verifier can check in seconds.” That second sentence is what verifiable credentials, VC for short, actually deliver.

The pillars are unambiguous. ETDA has named three hero use cases for 2026.

• Digital transcripts, issued by universities, held by graduates, verifiable in seconds by any employer.
• Digital national ID cards, issued by DOPA, no longer tied to a piece of plastic in your wallet.
• Digital driver’s licences, issued by the Department of Land Transport, scannable, presentable, revocable.

Each one is a paper document today. Each one becomes a cryptographically signed credential by 2027.

ETDA’s Office of Standards has been publishing the technical underpinnings for years. The data structure of verifiable credentials and verifiable presentations sits in ETDA standard ขมธอ. 24-2563. The Knowledge Sharing event on 15 May 2026 brought issuers, verifiers, wallet providers and the wider ecosystem into one room to walk through what trust looks like when documents move at the speed of cryptography. And ETDA Bootcamp 2026, which has its final 15 teams already announced, is literally a hackathon for digital trust prototypes that will graduate into real services. Government-led, publicly funded, openly judged.

This is not a pilot. This is national infrastructure planning, with budgets and timelines attached.

The thing most coverage is missing.

ETDA hasn’t quietly picked a national flavour. It has tied Phase 2 to the open international standards that the rest of the world is converging on. That’s the part most coverage glosses over.

• W3C Verifiable Credentials Data Model 2.0 is the wire format. Every credential ETDA endorses will look the same as one issued in the EU under EUDI, or in Singapore under SingPass, or in Australia under DIATF.
• Decentralised Digital Identity (DDI) and Self-Sovereign Identity (SSI) is the approach ETDA itself names. The citizen controls their own data through wallets, blockchain, Verifiable Credentials and DIDs. The issuer doesn’t keep a copy. The verifier doesn’t get a copy of the underlying document. They get a signed statement. Identity verification happens without relying on a central authority.
• Privacy by Design is the legal posture. Data sharing happens only where strictly required. Selective disclosure and Zero-Knowledge Proofs are explicitly part of the framework.
• OpenID for Verifiable Credentials (OID4VC) is the interoperability layer. It’s the same layer the EU, Japan, Australia and Singapore are building toward, so a Thai credential will be readable by a Dutch verifier, and the other way around, without anyone rewriting their stack.

This is what privacy KYC fixes.

Every line in the standards section above describes the same outcome. The user holds the document. They consent to share it. They reveal only what is required. The verifier confirms it in seconds.

That is privacy KYC at country scale. Not a single, central database of identity documents that gets breached every other year. Not a stack of paper photocopied, stamped and re-photocopied. A user-held credential, validated cryptographically, with the verifier confirming what they need to confirm and nothing else.

For the deeper technical detail on how each of those pieces actually fits together, including DIDs, Zero-Knowledge Proofs and what gets written to ShareLedger, Tim’s companion piece, The Tech behind Thailand’s New Digital Document Wallet (and What It Does to ShareLedger), is the long-form version. This post sticks to the policy framework that surrounds it.

Why this matters outside Thailand.

Three reasons.

One. Thailand is the first ASEAN country to commit to W3C VC 2.0 plus OID4VC at the national framework level. Most regional peers are still running closed national systems that don’t interoperate with anything. Thailand has made the opposite call. A Thai credential will be readable by international verifiers from the day it ships.

Two. The Phase 2 hero use cases are the ones every other country is also trying to solve. Transcripts, ID cards, driving licences. These are universal. A working national framework that processes them at scale becomes a reference architecture. If Thailand ships in 2026 and 2027, every digital identity programme being designed in 2028 will reference what Thailand did.

Three. The model is privacy-preserving by default, not by exception. The contrast with offshore centralised KYC providers, who store raw identity data in third-country jurisdictions a citizen never consented to, could not be sharper. Thailand has chosen the model where the user is the data centre. That choice will age well.

Frequently asked questions.

What is ETDA’s Phase 2 Digital ID Framework?
The Phase 2 Digital ID Framework is the second phase of Thailand’s national Digital ID rollout, running 2025 to 2027. Phase 1 was about establishing the identity layer itself. Phase 2 is about issuing every other document a citizen needs (transcripts, driver’s licences, professional credentials and more) as cryptographically verifiable credentials.

Which standards does the framework rely on?
W3C Verifiable Credentials Data Model 2.0, OpenID for Verifiable Credentials (OID4VC), Self-Sovereign Identity (SSI), and Privacy by Design. The standards are open and international, not Thai-specific.

Is Phase 2 already live?
The framework, standards and roadmap are public. Implementation is ramping. The publicly announced rollout includes a state-owned enterprise live in June 2026 and universities live in August 2026.

How does this differ from a centralised KYC provider?
A centralised KYC provider stores raw identity documents on their own servers, in jurisdictions the citizen often never consented to. The Phase 2 model has the citizen hold the credential on their own device, with verifiers receiving only signed statements rather than copies of the underlying documents. No honeypot. No cross-border data transfer. No re-verification each time.

Does ETDA endorse specific wallet providers?
ETDA’s framework is intentionally multi-wallet. The agency sets the conformance and interoperability standards rather than naming a single provider, which is exactly how a national trust framework should work.

Where does ShareRing fit?
ShareRing has been building the encrypted Vault and self-sovereign ID model since 2018. The technical accreditations (W3C, DIATF, ISO 27001:2022) align with what Phase 2 requires. See the ShareRing Me wallet and the tech deep-dive on the Thailand rollout for the working detail.

Where we sit.

ShareRing has been building this technology since 2018. The encrypted Vault and self-sovereign ID model we put in the original whitepaper, and shipped at SHR token launch, are the same architecture under everything we deploy today. Eight years on, the W3C alignment, the DIATF certification, the ISO 27001:2022, the OID4VC tracking, were built for exactly this moment.

In April we made it public, with TKC and Transformational, that we are deploying Thailand’s first integrated Verifiable Credential and Digital Document Wallet infrastructure. State-owned enterprise live in June 2026. Universities live in August 2026. Active discussions underway across financial services, hospitality, and public administration. The Transformational stake we took at the start of the year is what made the alliance possible.

That announcement was the architectural piece. What ETDA has built around it, the Phase 2 Digital ID Framework, is the policy frame that lets the architecture work everywhere it needs to work.

What to watch next.

• ETDA Bootcamp 2026 final outputs land in the second half of this year. They will signal which Phase 2 Digital ID Framework use cases ETDA actually pushes into 2027.
• The Phase 2 framework will publish further deliverables on issuer accreditation, verifier accreditation, and wallet provider conformance. Watch for who qualifies under each category.
• Watch for Thai universities issuing their first machine-readable transcripts under the framework. That’s the moment the Singapore employer’s six-week background check collapses to three seconds.
• Watch for cross-border interoperability tests. The EU is the obvious first counterparty.

Get the framework right, get the rest right.

Most countries are still arguing about what a digital ID should look like. Thailand has stopped arguing.

The country that ships the Phase 2 Digital ID Framework first, with the right standards underneath it, sets the standard for the region. We’re building inside that standard, and we’d rather operate where the policy is sharp than wait for somewhere else to catch up.

If you’re building inside the framework, or thinking about how to, the door is open at sharering.network/contact.

By Rohan Le Page, Founder and Co-CEO of ShareRing

#PrivacyKYC #DigitalIdentity #VerifiableCredentials #Thailand #ETDA #DigitalDocumentWallet #ReusableKYC #Private #Secure #Verified