Mark Medum Bundgaard is a Computer Scientist from Aarhus University, Denmark. He has extensive experience in cloud-native architecture, infrastructure as code, and blockchain architecture. His work has had a huge impact on products used today in industries such as fintech, IoT, and Telco.
Partisia is a blockchain company specializing in privacy-preserving technologies through advanced cryptographic methods, particularly multiparty computation (MPC). Its platform enables secure data collaboration and decentralized applications (dApps) that protect user confidentiality while maintaining transparency. By combining blockchain with MPC, Partisia empowers developers and enterprises to build scalable Web3 solutions that prioritize data privacy, trust, and interoperability across ecosystems.
In this interview we explore how the company is leveraging privacy-preserving blockchain technologies and MPC to redefine digital identity, streamline KYC processes, enhance data privacy, and pave the way for decentralized identity systems in finance and beyond.
You have a unique background blending data science, software engineering, and even festival logistics—how has that shaped your approach as Chief Product Officer at Partisia?
I am driven by curiosity, trying to find new paths by understanding all the small details in everything, and most certainly not taking the most straightforward path. So I have throughout life tried to absorb new information, and use that information for building new products.
Just imagine a large festival with 40,000 people arriving, how would you check their tickets? And how would you guarantee that the name on the ticket fits the person standing in front of you? This is actually a really hard question to answer and even harder to implement a solution for, which works in real life. Now suddenly you look at a challenge like that, and combine it with solutions protecting privacy, while still considering how it would be possible to do flow analytics of a crowd… Really finding the small pieces and seeing how they fit, even when others may see them differently.
So I would say that I bring an interesting perspective to some classical challenges, and try to put the pieces together in a unique way based from all the different experiences I have.
What problem is Partisia ultimately trying to solve with privacy-preserving digital identity, and why is now the right time for this solution?
Everything is moving towards a digital world, membership cards and driver’s licenses are examples of recent additions to our digital identity. But the current technology is often centralized at a few primary entities that handle most of our digital identity (Facebook, Google, Microsoft and governments) which gives them a lot of power to monitor and track their users.
One common example is when you wish to register for a new service, a lot of smaller services allow you to verify yourself using one of the larger platforms such as Google or Facebook. But this often comes at a cost of privacy, as they will know which services you use and when you login. Privacy-preserving digital identities aims to solve breach of privacy by providing the user with a digital identity that can be verified without contacting the issuing party during the verification.
Another core challenge is oversharing private information when sharing your identity. Often the service you’re trying to access only requires a small amount of information, but to share this information you have to “leak” additional sensitive information such as your full social security number just for proving your age. Strictly speaking the only required information is the yes/no question of whether you’re above a certain age, but often we share our full name, birthday and social security number among other private information when sharing our drivers license for what should be a simple yes or no age question.
Privacy preserving digital Identities solve this challenge by providing the user with a platform to only share the information required while keeping the rest securely hidden behind cryptographic properties. Some of the common features to solve this are Zero Knowledge Proofs (ZK proofs), which can prove statements without leaking additional unrequired information, and Selective Disclosures which keeps information hidden unless explicitly disclosed.
Why is it the right time to secure the privacy of our Digital Identities? There has been an increasing focus on empowering citizens and their rights/ownership of their own personal data. Especially within the EU there has been an increased focus on privacy-preserving digital identities with the eIDAS 2.0 regulation requiring member states to provide a EUDI compliant wallet by the end of 2026.
The “definition” of what it means to be a EUDI compliant wallet also gives a common understanding of which protocols/specifications should be supported by the parties issuing and verifying digital credentials. This enables interoperability among EU countries, allowing citizens to use their identities across borders for a better user experience.
How did the partnership with TOPPAN Edge come about, and what makes this collaboration strategically important for both companies?
We were lucky to discuss the future of digital identities and digitalisation with Toppan, through our contact at the Royal Danish Embassy in Tokyo, Japan. Through our conversations both parties understood that we were providing one piece of puzzle for creating a seamless digital experience in our everyday life. Toppan Edge with their CloakOne system for managing digitalization of entities (Finance, Health and Education) and Partisia with our technology for creating Digital Identity with privacy at its core. With that we also shared the same belief that the future is about activating data, but in a way where no one should just give it all away, but rather own and decide for themselves what their sensitive and personal data is used for and with that suddenly have control of one digital identity that potentially can be used everywhere in the world.
Can you explain, in simple terms, how Multi-Party Computation (MPC) and blockchain work together to protect personal data while still allowing it to be verified?
At Partisia we are currently using blockchain to run a registry of identities. The registry contains an identifier for each issuer along with information used to verify digital identities issued by this party.
This enables the verification of issued credentials without communicating directly with the issuer, thus, decoupling our digital identity from the issuing party.
How is your platform different from traditional KYC or identity verification systems used in banking today?
Our platform provides a cryptographically secure way of performing Know Your Customer (KYC) through digital identities. A bank defines a list of required information and establishes which credential issuers they trust (e.g. the government or trusted sources such as banks). The user receives aKYC request from the bank, and can then, using digital credentials, send the requested information back to the bank.
This means the identity is verifiable, not by the bank itself, but by any entity which uses a verification service – Just imagine being KYC at a bank, and carrying that to your insurance company, healthcare provider or car renting company, where they can verify that “You are You” seamlessly.
How does your platform address the challenge of AML and fraud detection without breaching data privacy regulations?
The privacy-preserving digital identity solution is one component in the process of Anti Money Laundry (AML), here you suddenly have a way of really verifying the identity across borders, and with some of the extension like Multi-Party Computation, banks could build a large scale AML network, for running Confidential Computing between them for building large scale Fraud Detection Maps, where AML “alarms” can be raised in not just one bank, but multiple.
Is your system already being piloted or used in financial settings, or are there any upcoming deployments you can share?
Our privacy-preserving digital identity solution is not yet used in a financial setting, but the core component of creating a verifiable digital identity, sets the foundation for continuing into banking, whether that is more “classical” banking or web3 does not matter.
What infrastructure or regulatory hurdles still stand in the way of broader adoption by banks and governments?
While there has been a shift and increased focus on privacy-preserving digital identity solutions from tech companies, there is yet to be a widespread consumer-faced adoption from large companies.
Which likely stems from a fear of being an early mover in a field that is still waiting to settle completely. There exists a variety of different protocols, specifications and standards that can be used to achieve privacy-preserving digital identities, such as ISO-18013-5(mDL), OID4VP(OpenID for verifiable presentations), and OID4VCI(OpenID for verifiable credential issuance).
However, recently Android/Google announced early native support for privacy-preserving digital identities, supporting some of the widely adopted protocols required to become an EUDI wallet. This should hopefully lead to a wider adoption soon.
Within the OpenID community there is also work being done on a “High Assurance InteroperabilityProfile” that defines a list of technologies that should ensure high interoperability across different digital identity solution providers.
But we are also at a precipice where changes are coming, rapidly, but with a lot of uncertainty. Here we see that places like Japan or South America have a potential to move first, simply because they need to find new solutions that are potentially different from what is being done in Europe.
Do you see decentralized identity playing a critical role in open banking and data portability initiatives?
Absolutely! As individuals we should have the opportunity to authenticate ourselves, no matter where we go, but also to do it in a way where I am not exposing information about myself. Even when considering portability, we should consider the combination of Open Banking and eIDAS2, where you now carry credentials issued by your bank, which is used both for payments but also for proving that I am me – this will hopefully create easier paths to KYC, cross-border payments etc.
What is your long-term vision for how identity and data privacy will evolve in the financial sector?
Identity and data privacy should be a natural part of our everyday lives, but not necessarily as a thing you need to consider every time you do something, but rather as a thing that is inherent in our every day. With enough imagination, there exists a future where banks collaboratively eliminate fraud by doing encrypted computations together, and connect identities across borders without the individuals’ privacy ever being exposed.
If we look just a bit closer at the near future, we see regulations such as DORA, PSD3, eIDAS2 setting the stage for not just more collaboration, more security and privacy, but also seamlessness in payments that is guarded and verified by your identity – this will be a gamechanger!
Lastly, what’s next for the Partisia and TOPPAN Edge partnership, and what should the finance world be watching for over the next 12 months?
The next year ahead is with a focus on running a PoC together with the Okinawa University in Japan (OIST), but also extending our joint solution out in the market, not only combining universities, but also corporations together in a network.
And this is just the beginning of our strong collaborative partnership. The majority of the work is about having Identity as the foundation for more innovative solutions. Here, payment plays an important role in every day life of everyone, and connecting that with real provable identity makes new things possible.
Thank you for the great interview, readers who wish to learn more should visit Partisia.