Interoperability Is a Policy Decision, Not Just a Technical One

State governments today face pressure to modernize their digital identity systems, whether for mobile driver’s licenses, benefits access, permitting, or online services. As states move from pilot projects to statewide deployments, a recurring challenge emerges: how do we ensure that systems built today can work with systems built tomorrow, and with systems in other jurisdictions?

That challenge is interoperability.

Interoperability is often treated as a technical choice: which protocol to adopt, which standard to implement, or which vendor to select. But technology alone doesn’t create interoperability. States do, through the policy decisions they encode into procurement requirements, certification criteria, governance structures, and vendor evaluation. These decisions determine whether identity systems remain flexible, competitive, and future-proof, or whether they lock in silos that will be costly to unwind.

This blog post outlines why interoperability should be designed as a policy requirement from the outset and provides practical recommendations for state CIOs, digital services leaders, and procurement teams. The goal is to help states build digital identity infrastructure that can evolve, avoid vendor lock-in, and integrate across agencies and jurisdictions.

Designing Openness Into Procurement

We recommend that states encourage a diverse ecosystem of vendors. This can be achieved by maintaining open certification and procurement processes that don’t exclude smaller companies and startups. This ensures that the market does not consolidate around a single provider, allowing innovation and healthy competition to flourish.

Specifically for states considering a statewide digital identity program, there should be no requirement that every credential type be issued using the same vendor software. Instead, multiple issuers and technology providers should be able to participate so long as they comply with a common trust framework, a state digital identity profile, and certification standards. This allows, for example, one vendor to issue digital driver licenses and another to issue Veteran ID, giving residents flexibility while keeping the overall system interoperable and cohesive.

Open Standards Are the Foundation for Interoperability

States should prefer that the technical standards used in a state digital identity program be open, freely available, and implementable by the public and private sector without proprietary licensing restrictions. Open standards are critical to ensuring transparency, interoperability, and long-term sustainability.

States that rely on proprietary or niche technologies often find that what looks like a shortcut quickly becomes a long-term constraint. These systems introduce hidden costs—rising licensing fees, custom integration work, and unpredictable upgrade cycles—that drain budgets and slow modernization. Even worse, they create “digital islands” that can’t communicate with the rest of the state’s infrastructure, reinforcing data silos and complicating everything from inter-agency coordination to seamless resident services.

For digital identity programs, the stakes are even higher. A credential that isn’t interoperable across jurisdictions or recognized by key private-sector partners loses much of its value. And beneath it all is the biggest risk of all: vendor lock-in. When states depend on a single provider for ongoing maintenance and upgrades, they lose leverage and flexibility—while niche or unsupported systems introduce real security risks. End-of-life or obscure software is far more likely to harbor vulnerabilities, making vendor-neutral, standards-based approaches essential for any resilient digital government strategy.

Building on open standards is the most effective way for states to avoid vendor lock-in, improve security, and future-proof their infrastructure. Open standards—like ISO mDL, W3C Verifiable Credentials, and IETF SD-JWTs—ensure interoperability, portability, and transparent community-led governance. This approach breaks down data silos, strengthens security through broad peer review, reduces costs by fostering competitive markets, and gives states the flexibility to upgrade or integrate new technologies without starting from scratch. 

With most organizations now increasing their reliance on open-source and standards-based tools, it’s clear that open foundations create a more resilient, innovative, and cost-effective path for digital government. We discuss this more in our blog, “A Practical Checklist to Future-Proof Your State’s Digital Infrastructure.”

Using Certification to Operationalize Policy

Interoperability is best achieved by enforcing statutory principles rather than mandating a single technology. When states ground their ecosystems in requirements like privacy, minimal disclosure, unlinkability, and user control, they create a resilient framework that can adapt over time. This approach ensures that interoperability endures even as vendors, tools, and industry practices change.

To put these principles into practice, states can require wallets and issuers to actively demonstrate compliance. This shifts the focus from choosing a preferred technology to verifying measurable outcomes. It also creates a clear baseline of expectations that every participant in the ecosystem must meet.

A certification framework strengthens this model even further. By standardizing safeguards across vendors, it provides a transparent way to evaluate and compare solutions. It also encourages competition, supports accountability, and keeps the system aligned with policy goals as technologies continue to evolve.

For a deeper look at how certification utilizes these principles, read our post, “Digital Wallet Certification: The Foundation for Interoperable State Identity Systems.”

Preserving Future Flexibility and Governance

To maintain relevance and adaptability, states should also establish a governance process for updating their digital identity profile. This process should include structured input from public agencies, private vendors, civil society, and technical experts, and ensure that updates are guided by both statutory principles, technology maturity, and real-world market adoption.

States should also create structured avenues for ongoing engagement and collaboration with partners. This includes convening advisory groups with representatives from financial services, healthcare, education, retail, and consumer advocacy and social welfare organizations, as well as with federal and interstate partners.

By framing requirements around these principles, states can remain open to innovation, avoid vendor or protocol lock-in, and maximize interoperability across jurisdictions and sectors. This approach ensures that vendors can propose solutions aligned with mature, well-supported ecosystems while also leaving room for emerging technologies to demonstrate value.

Bringing Policy and Practice Together

Interoperability isn’t a byproduct of technology, it’s the result of clear policy choices. By incorporating openness into procurement, enforcing standards through certification, and refining governance through practical implementation, states can make interoperability a built-in feature of the system rather than a byproduct. By grounding digital identity programs in statutory principles such as privacy, minimal disclosure, and open standards, states maintain a healthy competition and an adaptable ecosystem.

For agencies defining digital identity strategy, SpruceID can help operationalize privacy, interoperability, and open standards in your state’s identity ecosystem.

About SpruceID: SpruceID is building a future where users control their identity and data across all digital interactions. We build privacy-preserving digital identity infrastructure that empowers people and organizations to control their data. Governments, financial institutions, and enterprises use SpruceID’s technology to issue, verify, and manage digital credentials based on open standards.