SDG 16.9 and the Technology Stack: What “Legal Identity for All” Actually Requires
United Nations Sustainable Development Goal 16.9 is deceptively simple: “By 2030, provide legal identity for all, including birth registration.”
The political commitment is clear. The funding mechanisms exist (World Bank ID4D, regional development banks, bilateral aid). The standards are converging (ISO 18013-5, W3C Verifiable Credentials, EUDI ARF). And yet, an estimated 850 million people worldwide still lack any form of legal identity.
The gap isn’t political will or funding. It’s architecture. The technology stack required to provide legal identity to the hardest-to-reach populations has constraints that most digital identity platforms don’t address.
The three architectural constraints of SDG 16.9
Constraint 1: Connectivity. The populations without legal identity are disproportionately located in areas with poor or no internet connectivity. A digital identity system that requires internet connectivity for enrollment or verification excludes the people the SDG is designed to reach. Offline-first verification is not a feature — it’s a prerequisite.
Constraint 2: Device access. 3 billion people don’t have smartphones. Many more have phones that can’t run wallet applications reliably. A digital identity system that requires a smartphone excludes the poorest, the most rural, and the most elderly. Delegated agent models and physical NFC cards bridge this gap — but only if the platform is architecturally designed for them.
Constraint 3: Institutional capacity. The countries with the largest identity gaps often have the weakest IT institutions. A digital identity platform that requires a team of 50 software engineers to operate is not viable for a government with 5 IT staff. The platform must be operable by the deploying government with realistic capacity — which means sovereign deployment, clear operational documentation, and a support model that builds capacity rather than creating dependency.
What the technology stack must deliver
Mapping SDG 16.9 to concrete technology requirements:
Registration at scale. Enrolling millions of citizens — many of whom have never had any identity document — requires registration that works in the field: mobile enrollment stations, delegated agents, and biometric capture (for populations without identity documents to bootstrap from).
Credential formats that work everywhere. The credential must be verifiable in urban offices with NFC readers AND in rural clinics with a feature phone and a USSD code. This means supporting multiple presentation channels: NFC for in-person verification, QR for visual scan, and text-based channels for low-tech environments.
Trust framework for multi-ministry issuance. Legal identity is the foundation — but SDG 16.9’s impact compounds when identity enables access to services: healthcare, education, social benefits, financial services. Each service is managed by a different ministry or agency. The platform must support multi-issuer, multi-credential-type ecosystems governed by a trust framework that the government controls.
Sovereign operation. Sovereign deployment isn’t a luxury for SDG 16.9 — it’s a necessity. Countries investing in identity infrastructure for the next 20+ years cannot depend on a vendor’s commercial viability for that infrastructure to continue operating.
The role of DPI alignment
The Digital Public Infrastructure framework — advocated by the G20 and implemented through programs like India’s Aadhaar and its derivatives — provides a policy alignment layer for SDG 16.9 technology decisions.
DPI-native platforms implement the principles that SDG 16.9 requires: open standards (so credentials interoperate across systems and borders), ecosystem extensibility (so new credential types can be added without vendor dependency), inclusion by design (so non-smartphone populations are served), and sovereign ownership (so the infrastructure survives political and commercial changes).
The technology exists. The standards are converging. The question for 2026 is not “can we provide legal identity for all?” but “will we choose the architecture that reaches everyone, or the architecture that reaches only the connected?”
