What Makes a Passkey Different from a Password?
Passkeys are a modern approach to authentication that stores a cryptographic credential on your device.
SpruceID Blog
Thoughtful perspectives on identity, interoperability, and the systems that turn public policy into usable services.
Why Signing Keys Are an Important Part of Your Credential Program
A verifiable digital credential program's trustworthiness depends not only on the credentials it issues, but on how the signing keys behind those credentials are protected, managed, and governed throughout their lifecycle.
Credential Lifecycle 101: From Issuance to Expiry, and Who Owns Each Stage
From identity proofing to renewal, the long-term success of a verifiable digital credential program depends on clear ownership at every step.
What Is a Credential Format, and Why Does It Matter Which One You Choose?
The format of a digital credential may seem like a technical detail, but it can shape interoperability, privacy, and flexibility for years to come.
What Is a Presentation Request, and Who Controls What Gets Asked For?
Resident control begins before a credential is presented, with rules that determine what information can be requested.
What Does "Resident-Centric" Actually Mean in a Digital Identity System?
Resident-centric digital identity is not a marketing claim, it is a set of design decisions that determine who controls data, privacy, and participation.
What Is the Difference Between Authentication and Identity Proofing?
Before a digital credential can be trusted, a system must answer two questions: who is this person, and are they the rightful holder of the credential?
SpruceID at the 2026 Utah Data Governance Summit
At Utah’s 2026 Data Governance Summit, SpruceID demonstrated how marriage licensing can serve as a model for scalable digital trust.
What Is a Digital Signature, and Why Does It Matter for Government Credentials?
Just as physical IDs use visible security features to support trust, digital credentials use cryptographic digital signatures to make that trust verifiable.
What Does ‘Open Source’ Mean for a Government Digital Identity System?
Open source can make digital identity infrastructure more transparent when it’s paired with the governance, maintenance, and support agencies need to trust it long term.
What Is the Difference Between Remote and In-Person Identity Proofing?
Before a government program can deliver trusted digital services, it has to decide how residents will prove they are who they say they are.
What Happens to Your Digital ID If You Lose Your Phone?
Losing your phone shouldn’t mean losing control of your identity, and with a well-designed digital credential, it doesn’t.
