Windows News
LSEG Risk Intelligence officially launched its Identity Gateway on June 2, 2026, delivering a Microsoft Azure-built access layer that lets organizations connect through a single API to a broad range of trusted digital identity schemes. The move marks one of the first major commercial implementations designed specifically for the emerging EU Digital Identity Wallet ecosystem, promising to slash integration complexity and accelerate adoption of interoperable digital identity across financial services, e‑commerce, government, and beyond.
Behind the launch is a clear recognition that the fragmented landscape of national e‑ID schemes, bank‑ID protocols, and private digital wallets has become a significant drag on cross‑border business. With the EU Digital Identity Framework (eIDAS 2.0) mandating mutual recognition of qualified electronic identities by 2027, firms now face an urgent deadline to modernize their onboarding, KYC, and authentication systems. LSEG’s gateway aims to solve this by providing a single entry point that normalizes disparate identity providers — whether it is Germany’s Smart‑eID, Italy’s SPID, the Danish MitID, or a private provider like itsme — into one consistent developer experience.
The Architecture: Built on Microsoft Azure
At its core, Identity Gateway is a cloud‑native service running entirely on Microsoft Azure. LSEG engineers chose Azure for several reasons: its global footprint, compliance certifications, and native integration with Azure Active Directory (now Microsoft Entra ID).
The service is deployed across Azure’s European data centers to meet data residency requirements, and it leverages Azure API Management to handle throttling, authentication, and versioning of the unified API. Underneath, a microservices architecture orchestrates calls to multiple identity scheme endpoints, translating between proprietary protocols (SAML, OpenID Connect, eIDAS‑eID profiles, SIOPv2) and a simplified REST/JSON interface that developers can consume with just a few lines of code.
For Windows‑centric enterprises already invested in the Microsoft stack, this design will feel familiar. The API documentation is published through Azure API Portal, and integration can be done directly from Visual Studio or using the Azure SDK. Organizations that rely on Azure Logic Apps or Power Automate can trigger identity verification flows as part of broader business processes, such as loan approvals or account openings.
Simplifying Digital Identity with a Single API
Typically, connecting to a national e‑ID system involves months of legal and technical onboarding, bespoke SDKs, client certificates, and a tangle of bilateral contracts. Identity Gateway condenses this into a self‑service model. A developer registers a project on the LSEG portal, selects the identity schemes they need, obtains an API key, and starts testing in a sandbox environment.
The unified API exposes a small set of endpoints:
/verification/initiate— starts a verification session, returning a deep‑link or QR code for the user’s wallet app./verification/status— polls the outcome./verification/data— retrieves the attested identity attributes, mapped to a common JSON schema (e.g., given name, family name, date of birth, unique identifier)./schemes— lists supported identity providers and their live status.
Behind the scenes, the gateway handles session management, metadata discovery (for OpenID Federation wallets), and cryptographic validation of responses. For eIDAS‑qualified certificates, it verifies the trust chain against the EU Trusted Lists, ensuring that the identity assertion meets the legal requirements for qualified electronic signatures and seals.
EU Digital Identity Wallet: The Driving Force
The timing of the launch is no coincidence. The European Commission’s large‑scale pilots for the EU Digital Identity Wallet (EUDI Wallets) are scheduled to begin in late 2026, with member states required to issue wallets by 2027. These wallets will store digital versions of national IDs, driver’s licenses, university diplomas, and more, all cryptographically bound to the user’s device.
Identity Gateway was designed from the ground up to act as a relying‑party gateway for those wallets. It supports the draft technical specifications published by eIDAS Technical Working Groups, including the OpenID for Verifiable Credentials protocols (OID4VC). This means a financial institution using the gateway can request, for example, a verified proof of age from a customer’s EUDI Wallet without needing to understand the underlying wallet implementation.
The gateway also accounts for the fallback mechanisms that will coexist during the transition period. Many national e‑ID systems will continue to operate alongside the new wallets for years. Identity Gateway can intelligently route a verification request to the optimal source — wallet, national e‑ID node, or bank‑ID — based on the user’s jurisdiction and the level of assurance required.
Key Features and Capabilities
LSEG has packed several enterprise‑grade features into the initial release:
- Multi‑scheme orchestration — support for over 20 identity schemes at launch, with a roadmap to add all EU member state wallets as they go live.
- Consent management — the API enforces user consent collection, logging exactly what data was shared and for what purpose, in line with GDPR and eIDAS requirements.
- Audit trail — every verification generates a tamper‑evident log entry, stored immutably on Azure Cosmos DB with point‑in‑time restore, which simplifies regulatory reporting.
- Assurance level mapping — the gateway translates each scheme’s level of assurance to the eIDAS categories (low, substantial, high) so that relying parties can set policies accordingly.
- Tokenized identity — for repeated interactions, the service can return a persistent, opaque identifier that is unique to the user‑relying party pair, enabling passwordless authentication without exposing the underlying national ID number.
- Developer sandbox — a free tier with simulated identity providers allows teams to build and test integrations without any contractual commitment.
Security and Compliance at Scale
Given the sensitivity of the data flowing through it — government‑issued identities, biometric references, tax identifiers — Identity Gateway embodies a defense‑in‑depth security model. Data is encrypted in transit with TLS 1.3 and at rest using Azure Key Vault‑managed customer keys. All sensitive attributes are protected by Field Level Encryption, so even LSEG’s own operations staff cannot see them in clear text.
The service has already achieved ISO 27001, SOC 2 Type II, and is undergoing certification for eIDAS‑qualified trust service status, which would make it one of the few gateways that can be used for qualified electronic signatures without additional provider contracts. Penetration testing was conducted by a third‑party firm in Q1 2026, with results made available to prospects under NDA.
Crucially, Identity Gateway never stores the user’s actual identity data longer than necessary to complete the verification. By default, data is purged within 24 hours, though customers with legitimate retention needs can configure longer periods subject to a Data Protection Impact Assessment.
Real‑World Applications: Beyond Financial Services
While LSEG’s primary market is financial services — banks, insurers, asset managers — the gateway’s potential reaches well beyond that. Any organization that needs to verify a person’s identity, age, professional qualifications, or corporate affiliation can benefit. Early prospects include:
- Online gaming platforms that must enforce age checks across multiple EU jurisdictions.
- Remote notary services that require qualified electronic signatures with high‑assurance identity proofing.
- Sharing economy platforms (ride‑hailing, short‑term rentals) that need to verify driver’s licenses or IDs before allowing transactions.
- e‑Government portals that want to offer citizens a single sign‑on experience across local and national services without building custom adapters for each e‑ID scheme.
In a pilot with a major European bank, Identity Gateway reduced the time to integrate a second national e‑ID scheme from an estimated nine months to just six weeks, while cutting per‑verification costs by 40% through consolidated routing.
The Windows and Azure Ecosystem Connection
For the windowsnews.ai audience, the Azure underpinnings are more than a technical footnote. They mean that any organization that already uses Microsoft Entra ID for workforce or customer identity can extend that investment directly into the realm of government‑issued digital identity.
Microsoft’s own Verifiable Credentials service, which runs on Azure, can now be linked through Identity Gateway to present and verify EUDI Wallet credentials, creating a bridge between decentralized identity ecosystems and traditional federated identity. In practical terms, a user could sign up for a Microsoft 365 trial using their Estonian e‑Residency card, verified through the gateway, without Microsoft ever seeing the raw national ID number — only a signed claim from the gateway.
Moreover, the gateway’s management experience is exposed through Azure Marketplace, allowing enterprises to subscribe and manage billing within their existing Azure commitments. Microsoft’s sales teams are already co‑selling the service as part of their “Digital Trust” solution area, signaling a deep partnership between LSEG and Microsoft that goes beyond infrastructure hosting.
What This Means for Enterprises
For IT leaders, the message is clear: the era of building and maintaining a dozen custom connectors for national e‑IDs is over. Identity Gateway offers a standardized, auditable, and scalable alternative that shifts the burden of keeping up with evolving protocols and certification renewals to a specialist provider.
However, adoption will require careful planning. Relying parties must still map the gateway’s identity attributes to their own internal systems, update privacy policies to reflect the new data flows, and train staff on the new verification workflows. And while the API abstraction reduces complexity, it does not eliminate the need for legal analysis of mutual recognition rules in each member state where the organization operates.
Nevertheless, the time‑to‑value proposition is compelling. The bank in the pilot program calculated an internal rate of return of over 200% within the first year, largely because the gateway enabled them to launch in three new EU markets simultaneously, acquiring customers who previously could not open accounts online.
Future Outlook
LSEG has laid out an ambitious roadmap. By the end of 2026, Identity Gateway will support all 27 EU member state wallets in sandbox mode, with production coverage for at least 15 by mid‑2027. Beyond Europe, the company is exploring integration with UK’s GOV.UK One Login, Australia’s myGovID, and India’s Aadhaar, transforming the gateway into a global digital identity hub.
On the technology side, the next release will include machine‑learning‑based document verification as an optional add‑on, allowing the API to extract data from physical ID cards and passports when a digital wallet is not available. There is also work underway to integrate with Azure’s confidential computing instances, enabling secure multi‑party verification where even the gateway itself cannot see the plaintext identity attributes — only attest to their validity.
Conclusion
LSEG Identity Gateway arrives at a pivotal moment. As the EU presses forward with its vision for a sovereign, interoperable digital identity layer, the burden on relying parties has never been greater. By converging multiple identity schemes into a single, Azure‑backed API, LSEG not only eases that burden but also accelerates the network effects that will make digital ID wallets a daily reality for millions of Europeans.
For Windows shops and Azure customers, this launch represents a natural extension of the tools they already use into one of the most strategically important areas of digital transformation. The gateway is available now with pay‑as‑you‑go pricing through Azure Marketplace, and a free developer tier allows teams to start experimenting immediately.