Dr. Hamza Alakaleek

At the heart of the digital transformation in the financial sector lies a single strategic opportunity: the Unified Financial Digital Identity (UDFI). In Jordan, this initiative is far more than a technical upgrade; it represents a step toward building a more disciplined and transparent financial system capable of connecting scattered client data into a unified, accurate picture. Adopting this model gives financial institutions the ability to enhance financial inclusion and reduce risks.

Successfully implementing the UDFI project requires a sophisticated governance model that balances central oversight with data protection and privacy. The most effective approach is the central supervisor with decentralized structure (Federated Model), which distributes responsibilities to ensure transparency and accountability, allowing banks and financial entities to maintain data accuracy while the Central Bank focuses on supervision and regulatory oversight.

Commercial banks remain responsible for the accuracy and integrity of the data they upload to the unified system, which encourages them to enhance internal processes and ensure high-quality information before sharing it. The Central Bank, in contrast, focuses on Identity Resolution, consolidating multiple client records under a single legal identifier (Canonical ID) to eliminate duplication and contradictions, while setting interoperability standards for secure and efficient data exchange, alongside monitoring quality and regulatory compliance.

Building the UDFI system requires robust and flexible architecture composed of three main components. The first is the Identity Resolution Engine, which links different client records such as email, bank ID, and external identifiers into a single unified identifier, supported by an identity graph to ensure a comprehensive and accurate view of all dispersed accounts.

The second component is the Unified Profile API Layer, which ensures seamless interoperability between banks’ systems and the unified identity database using standardized interfaces. This allows flexible integration and future scalability.

The third component addresses non-functional requirements, including advanced security measures such as JWT-based authentication, role-based access control (RBAC), and encryption of data both in transit and at rest. The system must also deliver high performance and low response times for real-time decision-making, with full logging of every access or modification to ensure legal accountability and compliance with data protection standards.

Lessons from global implementations are critical for Jordan’s strategy. India’s Aadhaar program, the world’s largest digital identity system, covers over 1.3 billion people and forms the backbone of the country’s digital infrastructure, supporting financial inclusion, subsidy distribution, and SIM card issuance. Aadhaar relies on a centralized database as a single source of truth, complemented by the DEPA layer which empowers individuals to control their data and share it securely with consent.

On the other hand, Estonia’s X-Road model offers a decentralized, secure approach to data exchange. Requests flow between the security servers of requesting and providing entities, with each request digitally signed, recorded, and transmitted securely using mutual TLS, without relying on a central database for all messages. This model is particularly suitable for Jordan, allowing the Central Bank to supervise the exchange layer without holding all sensitive client data, reducing cybersecurity risks while maintaining privacy.

No national digital identity initiative can succeed without a strong legal and regulatory foundation. The UDFI system must comply with Jordan’s Personal Data Protection Law, emphasizing digital consent mechanisms and the right of individuals to withdraw approval, ensuring regulatory compliance while empowering users to control their financial records. Regarding legitimate interest as a legal basis, the Central Bank must carefully assess its impact on individual rights compared to global frameworks like GDPR, balancing compliance with innovation and investment opportunities.

Data quality is non-negotiable. Banks must adhere to interoperability standards, maintain data inventory, data dictionaries, lineage records, and quality metrics, ensuring accuracy and reliability in the UDFI system.

Technical standards for interoperability must support open finance innovation, enabling secure and reliable data exchange under Central Bank supervision, without the institution bearing full responsibility for storing all sensitive data.

Ultimately, developing the Unified Financial Digital Identity represents a strategic point for Jordan. It is not a marginal improvement to regulatory compliance but a sovereign investment in national infrastructure. The unified identity serves as a bridge between today’s fragmented accounts and the future of prudent governance and financial justice, enabling Jordan to build a system that is transparent, efficient, innovative, and sustainable.