Terminal 3 co-founder and CEO Gary Liu says decentralised identity is gaining traction among enterprises because it reduces compliance, privacy and security costs while giving users greater control over their personal data. He said businesses are increasingly ready to adopt decentralised identity solutions, but consumers still do not fully understand the benefits of user-owned digital identity.
Speaking at AIBC Asia 2026, Liu argued that decentralised identity could fundamentally reshape how organisations handle personal information by reducing the need to store vast amounts of user data.
“I think the industry is ready, and in fact, we are starting to see more and more decentralised identity use cases in the enterprise world, but users may not be ready because they do not really know what decentralised identity is,” Liu said.
According to Liu, many businesses have spent years accumulating large volumes of customer data despite deriving little commercial value from it. “We have been convinced over the course of the last 20 years that companies need to hoard large amounts of user data, but the problem is that the vast majority of companies in the world never monetise that data,“he said.
“They do not use it, so it is purely a cost centre. It costs to store it. It costs to keep it secure. It costs every single time you have a privacy breach.”
Liu believes that decentralised identity offers organisations a way to access the information they need without assuming the financial and regulatory burden of maintaining extensive databases.“Companies are waking up to the idea that decentralised identity allows them to have access to the users the way that they need and the way that they want without the cost of all of that data storage and compliance.”
Liu’s argument is supported by growing concerns around the costs of storing large volumes of personal data. A 2026 congressional report in the United States estimated that major data broker breaches contributed to approximately $20.9 billion in identity theft losses, highlighting the financial risks associated with centralised data collection and storage.
The World Economic Forum (WEF) has also argued in its 2023 report titled ‘Reimagining Digital ID’ that decentralised digital identity (DID) models can provide individuals with greater control over personal information while reducing reliance on centralised databases that are frequent targets for cybercriminals.
Traditional centralised identity systems store massive amounts of sensitive personal data in single locations, creating highly attractive “honeypots” for hackers. DIDs mitigate this risk by distributing data and shifting data ownership back to the individual.
While decentralised identity promises stronger privacy and user control, Liu acknowledged that compliance remains one of the biggest barriers to wider adoption.
According to the Terminal 3 CEO, many decentralised systems struggle when regulators, law enforcement agencies or compliance teams need to verify transactions. “Right now, the way that most of these decentralised networks and decentralised identity stacks are architected, compliance is where it breaks down,” Liu said.
Liu’s concerns about compliance mirror one of the most frequently cited challenges in decentralised identity research. A 2024 academic review of decentralised identifiers (DIDs) and verifiable credentials found that while self-sovereign identity systems offer significant privacy and security benefits, regulatory compliance and interoperability remain among the biggest barriers to large-scale adoption.
Similarly, the US National Institute of Standards and Technology (NIST) has continued to update its Digital Identity Guidelines to address the growing need for secure, privacy-preserving , and trustworthy digital identity systems as online services proliferate.
“At some point, a regulator or somebody from the police or maybe your own compliance officer in your company is going to come to you and ask, ‘Who made this transaction? Where did the money come from? What is it being used for?'”
In many decentralised environments, Liu said the answer is often unclear. “In a decentralised ecosystem, the answer is ‘don’t know, don’t know, don’t know’. And that just does not work.”
To address the issue, Liu argued that decentralised identity systems must support traditional compliance requirements, including know-your-customer (KYC) and anti-money laundering (AML) checks. “What we need to do is be able to do compliance, KYC and AML the same way as we always have but then allow that compliance to be usable on-chain.”
Liu also discussed how decentralised identity could alter the way organisations approach data governance and compliance obligations. Using the European Union’s General Data Protection Regulation (GDPR) as an example, he explained that decentralised identity shifts the role of data controller from the company to the individual user.
“In a decentralised identity or decentralised data world, the data controller becomes the user,” Liu said. “The user is the one who is in full control of what data is stored and how it is allowed to be used.”
According to Liu, this change could significantly reduce regulatory burdens for businesses.“That relieves enterprises and corporations from the regulatory weight of being a data controller.”
However, he noted that companies would still retain some responsibilities. “The data processor still remains the platform, the cloud storage service and potentially at times the end customer because they will be the ones that are actually manipulating the data for use.”
Liu believes Asia may be particularly well-positioned to embrace decentralised identity because many countries already operate sophisticated national digital identity systems. Asked whether decentralised identity represents a leap forward or an additional layer of complexity, Liu was unequivocal. “It is definitely a leap forward.”
Rather than replacing government-backed identity systems, Liu said decentralised identity can build upon them. “The way that decentralised IDs and verifiable credentials are actually being used across Asia is as an extension of national ID systems.”
By linking cryptographically secure credentials to government-issued identities, users can prove specific information without sharing sensitive personal documents.
“Applications can verify your identity, verify your residency, verify your age, verify your asset ownership, verify your educational status and your employment status without you needing to hand over your driver’s licence, your passport or your national ID number,” Liu said.
According to Liu, the result is stronger privacy, enhanced security and easier access to digital services. “You and I are safer. We can remain more private while all of these products and services we want to use are still able to verify identity claims for us.”
The WEF has similarly argued that decentralised digital identity could improve access to digital services while enhancing user privacy. According to the organisation, approximately 850 million people worldwide still lack official identification.
As businesses face rising compliance obligations, cybersecurity threats and data storage costs, decentralised identity is increasingly being viewed as a practical solution rather than a purely theoretical Web3 concept. Liu believes enterprise demand is already emerging, even if consumer awareness remains limited.
