At an event last week Apple released its new iPhone 17 series, including the brand’s thinnest iPhone yet. Now, I’m an Apple fanboy. I’m writing this on my iMac, I’ve got a Macbook, an iPhone, Airpods, Apple TVs, Apple Air Tags and if they made an Apple Refridgerator I’d probably buy that too. But I do not really care about my phone’s form factor any more. What I care about is its wallet.
Thick Wallets And Thin Wallets
I can remember when the annual peek at the new iPhone was a big deal. Nowadays Apple continues to, Alex Kantrowitz puts it, churn out new models but they no longer stop traffic. Even when we do see a folding iPhone, a coloured iPhone, a curved iPhone or a transparent iPhone, no-one is going to set their alarm to hear about it because, to Alex’s point, smartphones have evolved into their final form. As Eric Schmidt said last year, “user interfaces are largely going to go away”. The end of the app era is in sight as natural language interfaces, artificial intelligence and sensors. I’m going out to buy some spectacles with an AI interface and pretty soon I doubt I’ll spend much time looking my phone much soon afterwards, so I don’t much care what it looks like or what the optical zoom is.
Now that my phone has replaced my camera, credit card, rail ticket and season pass, it is what it will replace next that is the focus of my attention. And I think we all know what that is. At the June 2025 Worldwide Developers Conference, Apple announced a set of new Wallet features arriving with iOS 26, which will allow users to store government-issued IDs directly on their iPhones.
Jennifer Bailey, Apple’s Vice President of Apple Pay and Apple Wallet, emphasized that their goal is to “replace the physical wallet with a more secure and private digital wallet”. ID is essential here, as it has been clear for some time that a great many people (eg, me) only take their wallet with them when they need to provide a credential, since the wallet never has any actual money it in it. These credentials range from payments cards and driving licences to travel passes and loyalty cards. A digital wallet needs to support all of these.
This process is already well underway, at least in the UK. With digital IDs starting to show up on phones, the physical wallet’s says are numbered. LINK, which operates the UK’s ATM network, just published research showing that fewer than half of UK adults leave home with a wallet or a purse. In the 18-24 age group, this figure falls further and will soon be only a third. Interestingly, to an older person who lived though the introduction of both smart cards and near-field communication (NFC) interfaces, two-thirds of that younger cohort already see a digital wallet as their “go to” payment method and only a sixth see chip and PIN or contactless cards as their primary method. There is a striking demographic contrast here though, as only a third of the 65+ age group trust smart devices for payments.
(I notice, given my focus on resilience, that two-thirds of people report experiencing a “payments failure” and third of all those surveyed say they have experienced a system outage of some kind.)
I think the transition from analogue to digital will likely accelerate because with the addition of some pretty basic AI, a digital wallet can make smart choices about whether to use coupons or points, which payment mechanism is best and what kinds of rewards are optimal on a per-transaction basis..
Apple’s approach to identity in wallets is built on open standards, including the W3C’s Digital Credentials API and FIDO Alliance protocols. This is important to identity nerds like me because they are standards that enable privacy-enhancing exchanges of digital credentials, allowing consumers to (crucially) prove what they are (over 18, entitled to drive, holding a valid ticket) without having to divulge who they are. Apple’s “Verify with Wallet” for online logins and app access specifically supports selective disclosure functionality: users can authenticate themselves sharing only essential details—such as name, age, or address—and without send personally-identifiable information to third-party servers.
Selective disclosure is one of the most important features of these identity documents. It promises to give users greater privacy, control, and transparency over their personal data. This aligns with rising user expectations and evolving regulatory frameworks around digital identity and data protection. By enabling users to share only the information necessary for a given interaction, rather than their full credentials, selective disclosure represents a critical shift toward more respectful, purpose-bound data use in digital ecosystems.
(Oliver Terbu from MATTR, a New Zealand-based company working at the forefront of the field, has a useful explanation of what this all means in terms of the current standards for mobiel drivings licences and the like.)
Digital Wallets For Privacy And Security
We now have a range of cryptographic techniques available to us to make the digital wallet something much better than the analogue version it replaces. An obvious example of such techniques is the Zero-Knowledge Proof (ZKP). ZKPs are a cryptographic mechanism to allow one someone (the “prover”) prove to another to someone else (the “verifier”) that a statement is true, without revealing any information beyond the fact that it’s true. Technologies such as these are moving into the mainstream. Alan Stapleberg, Group Product Manager, Googe Wallet recently made this same point, in the context of the European Digital Identity Wallet that is set to be introduced next year. He says that Google’s commitment to making ZKP tools “openly available“, means that the technology can easily be integrated into the EU wallets and beyond.
Why is this a big deal? Well, remember the recent case of the Tea platform suffered from two major data leaks. First, an unprotected Firebase database containing users’ personal information was breached and then a second database containing 1.1 million personal messages exchanged by the users was opened up. This meant that torrents of the leaked data (users’ driver’s licenses, selfies, and message attachments) were spewed across the web. Why was the web site storing this personal information? It was because of the sign-up process, which required people to take selfies to prove their identity.
In a world of digital wallets with strong authentication, verifiable credentials with selective disclosure, we (ie, the industry) can provide individuals and organisation with both security and privacy, with a means to prove the facts that are relevant to a transaction (eg, that I am a person, that I am over 18) with no need to trade off one against the other.