Digital identity and biometrics trends in Romania: key insights

Mihai Drăghici, Chief Innovation Officer at Power Dynamic Technology, shares insights into the digital identity and biometrics landscape in Romania, elaborating on the main threats, key benefits, and the role of biometrics in the bigger digital IDs picture.

 

When it comes to digital identity and biometrics, what are the main types of threats and the biggest fraud triggers in this space? How about the Romanian market in particular?

Due to the concentrated trust and sensitive personal data stored by digital identity and biometrics platforms, they can be both an enabler and a potential major risk, as they can become a single point of failure in critical infrastructures – be it at a government level, in a bank, or in a tech company app. The centralisation of trust typically entails having one controlling entity that every service depends on for authorisation claims to use the service. Therefore, if this core component is compromised or controlled by the ‘wrong hands’, it becomes a system-wide vulnerability across all integrated parties. For instance, if a national ID system is breached, it could potentially create a downstream effect for mass fraud, impersonation, or even denial of access to services like healthcare, public transportation, taxpayer financial operations, or utility services.

In Romania, the digital identity scene is heating up! The national eID rollout is underway, funded publicly by PNRR and launched in Cluj in March 2025. ROeID, a national digital identity app, already exists. It is available on both iOS and Android app stores, providing a single integration point for services that require citizen authentication. The broader European context is that all EU member states have until 2026 to deliver at least one fully functional EUDI Wallet platform – one that is interoperable and certified at a European level, meaning that any EU citizen can be identified and access services across all states by using their native country’s ID app to show and share information like a driver’s licence, passport, or employment details.

In my opinion, Romania still has more work to do on building a truly digital ecosystem that ties into a convenient, user-friendly, and secure digital identity system. There are plenty of legacy sub-systems which are far behind the optimal level of technical implementation, and Romania still depends on paper in some cases to validate certain ‘trustworthy transactions’ even if the citizen has a ROeID account or the newly issued chip-enabled ID card. 

How can we gain value from digital ID solutions? What are their main benefits?

In order to gain value from having a nationwide digital identity solution, all parties involved in building, implementing, and sustaining this system must work together to govern the processes and take actionable steps to enforce uniform adoption and promote best practices. Technical safeguards must be put in place, such as MFA, biometrics, encryption, decentralisation – with selective disclosure and, more importantly, active network monitoring with advanced AI tools. These can work much faster at detecting anomalies and finding the root cause whenever problems inevitably occur.

Of course, these must follow a set of rules and regulations. It is vital to have the support of proper legislation based on honest transparency regarding how governments oversee and control usage. At the same time, regulations must also allow for innovation to advance at the speed required to ensure high adoption rates among regular people living their day-to-day lives, without adding more stress in case something isn’t working in the EUDI app. If – and when – we do in fact reach a smooth ‘daily operational’ status, people will feel the immediate benefits of having these universally and digitally integrated systems in place: their information will be safe, and their transactions fast and convenient when they travel, go to work, or pay their bills and taxes. As a concrete example from Estonia, their digital ID system has been a core part of society for over two decades, with mandatory use for all citizens. The system is praised for its efficiency and citizen-centric design, reducing bureaucracy and saving individuals significant time and paperwork!

What is the role of biometrics in the bigger digital IDs picture, and what does your solution bring to the Romanian market?

Biometrics play a crucial role, and this technology solves several older problems, such as weak passwords. Biometrics provide a strong authentication mechanism that almost certainly proves who you are, being especially useful during enrolment processes (eKYC) for accessing bank and government services. Now, even social media websites are adding features that require users to take a selfie to confirm their identity.

Back in 2019, I launched the first coffee shop in Bucharest where customers could pay with their face, a service called PayByFace. This was before anyone started talking about digital IDs or biometric wallets in the local mainstream media. We then onboarded over 50 shops in Bucharest that had our iPads and provided this payment option. After several years of testing and experimenting with adoption and technical feasibility worldwide – and participating in Startupbootcamp, Visa Innovation Program, and Mastercard’s Biometric Checkout Program –, we learned some very valuable lessons on how to truly build a user-centric biometric and digital identity wallet ecosystem with a fun and interactive experience so that customers actually want to use it on a daily basis.

We created the first biometric wallet that lets you be ‘Spiderman’ or ‘Cinderella’ (as aliases in the programme) when you buy milk and eggs at the supermarket – and your face becomes your card. We started with what people want, and we worked our way backwards to technology and scalability by spending years of focused product design and listening to our customers’ feedback every step of the way. We built the system with a privacy-first and GDPR-compliant approach before even considering monetisation and profit. It was a huge risk, but we kept our investment to a bare minimum and bootstrapped everything. I even wrote all the code by myself – over 10 million lines in the source code repository!

After almost seven years of perseverance, dedication, and hard work, we partnered with Power Dynamic Technology in Bucharest to build the next-gen digital identity platform, in line with the EUDI Wallet initiative. The solution is called SecureID, and we have created an entire ecosystem of products where your face becomes your key to everything you do throughout the day – and all you need to know is that you are ‘Spiderman’. The rest is taken care of automatically and seamlessly as needed within the context of your transaction (for securing trust and ID verification services/payment processing, and so on).

People worry about their data getting hacked or their privacy being invaded, and any shift toward biometric digital IDs must align with data protection values and regulations, such as GDPR. How do you ensure you protect your Romanian users’ privacy and stay compliant?

That’s a very valid concern, and as the creator of PayByFace, I’ve shared it myself. That’s one of the reasons why I wanted to build something better than what was already available on the market. There have been times when I have lost my bank card or even left my phone in a taxi, only to wake up the next day panicked that my data, identity, and other personal information could be stolen.

We have been working on our systems for over seven years now, and we are constantly adapting to technical challenges to keep up with the latest developments and security enhancements necessary for providing the best quality and experience to our users and customers. We leverage cutting-edge technology to protect our transactions and cloud systems through encryption and tokenization with decentralised storage, access controls, and daily audits. We have eight monitors on the wall in our Bucharest software command centre, for instance, that show us in real time all the key insights from our systems. Therefore, we keep a vigilant eye on the infrastructure to respond as quickly as possible to any potential instability.

With the emergence of AI-driven assistants and data analysis becoming increasingly critical, we have also begun adding these modules into our monitoring and eKYC platforms. Additionally, we partnered with Viva Wallet as our payment processor in Romania, and they bring a highly secure, reliable, and dependable platform for secure payments and quick transfers between cardholders and merchants. We have also created a new, dedicated position within our company – the Data Protection Officer, with a key role in helping us maintain compliance and functionality in both our online and offline internal and external processes related to GDPR and best practices in this space.

 

About the author

 

Mihai Drăghici is a Romanian-born serial entrepreneur and software architect with nearly two decades of experience building startups globally. After spending his early life and career in the US, he returned to Romania and founded PayByFace in 2019 – a biometric payments platform enabling users to pay with a selfie. He is currently Chief Innovation Officer at Power Dynamic Technology.

 

About Power Dynamic Technology

Founded in 2006, Power Dynamic Technology SRL is a 100% Romanian-owned tech firm with nearly 20 years of experience in software development, consulting, and complex system integration for banking, logistics, and security sectors. Headquartered in Bragadiru (Ilfov), the company has innovated advanced solutions such as biometric facial-recognition technology for access control, automated payments, and process automation since 2025.