The Case Against the "Super App" Silver Bullet—Why a Backup Will Always Be Required

Within the market context of a massive uptick in Identity (ID) digitization, cross-application usage, and increased government-mandated requirements to verify identity for novel use cases, such as for online access to age-restricted content and responsible individuals within organizations registered with Companies House in the United Kingdom, a convergence is happening in the digital ID world. South Africa is the latest nation embracing this approach, with the State Information Technology Agency (SITA) launching a pilot for a “Citizen Super App” named MyMzansi scheduled for phased rollout in 1H 2026, which aims to simplify government service access by uniting multiple domains on a single platform.

This echoes an approach seen in nations including Singapore, where SingPass serves 97% of residents aged 15+; India, where the voluntary Aadhaar system is claimed to have issued 1.42 billion numbers (around 100% of the population, because access is available to non-citizens); and China, where the exceptionally popular WeChat super app integrates virtualizations of government-issued IDs.

This is by no means a phenomenon exclusive to Asia-Pacific. The Eesti.ee app in Estonia exemplifies Estonia’s pioneering approach to digital transformation of government services, with everything from tax administration and voting, to marriage licenses and prescriptions, available through the system.

The adoption of this approach in South Africa is another domino in the row. While the initial rollout will combine a few core government services—access to birth certificates, police clearance certificates, and similar documents—the “super app” declaration makes the vision clear. In a country where fixed Internet connectivity remains relatively limited, and considerably surpassed by smartphone usage, there are clear benefits to this approach. However, there are clear security risks in linking sensitive systems that must be addressed.

One of the most time-consuming elements of instigating a high-impact attack against an individual is collating information. If a citizen’s most critical data and verification functions are to be collocated in one convenient access point, it is clear that the security requirements are exceptionally high.

The challenge in service convergence is in managing the interplay between security domains, with the addition of low-sensitivity use cases from stakeholders with limited maturity and expertise in security threatening the overall system if inter-domain permeability is not tightly controlled. “Secure-by-design” principles of minimal sharing is an essential component in managing this risk, but this is not just a security issue. The right to self-determine the access, transfer, and storage of personal data is a growing ethical concern. In the European Union (EU), the natural continuation of the General Data Protection Regulation (GDPR) lies with the goal of controlled sharing of credential characteristics in EU Digital Identity-compliant wallets, i.e., necessary elements of identity should be shared, rather than full records—and with informed consent.

However, “self-sovereign identity” means different things to different players. To some, the core of the issue is ownership, and provided citizens are empowered to make individual decisions, a degree of sovereignty has been achieved. However, some take the concept further, favoring a fully decentralized approach. Distributed ledgers or Decentralized Identifier (DID) credentials that function similarly to public keys provide the ultimate autonomy, but require a total reimagining of accepted infrastructure.

Clearly, the “super app” approach to government ID has its advantages. It has been embraced in certain regions with gains in convenience improving access to services for some. However, there are considerable risks to consider.

• Digital Inclusion: For those with limited access or capability in using mobile apps, the super app solution represents a digital inclusion threat that goes against stated policy goals in numerous governments across healthcare, finance, and overall citizen welfare
• Sovereignty: While mitigated by ensuring full clarity and consent with each transaction, unless granular data control is robustly enforced (with suitable, reliable litigation for rulebreakers if required), citizens are likely to lose ownership of their own information, with successful cyberattacks likely to produce exponentially more impactful results. The “informed consent” element is more complex than may first appear, because data routing is not always transparent. Cloud sovereignty is a concern, with most Internet-transmitted data passing through the United States at some point, despite conflicts with personal data regulations in the EU.
• Availability Attacks: If virtually all services are delivered via one system, there is only one system that must be disabled to cause nationwide havoc. In a tense geopolitical climate with a growing shift toward availability attacks over data breaches, this could have extreme impact on the daily lives of citizens.
• Public-Private Partnership Risks: While Mitek in Western Europe demonstrates the ability for private companies to fulfill the role of the centralized ID Access Point (AP), where super app-style convergence grows the volume of transactions and erodes a citizen’s ability to evade usage (therefore, pressuring a free-to-consumer model), effective business models become more complex. Should identity verification services be integrated with commercial ones, the traditional “free-to-consumer” model of monetizing data becomes extremely challenging, requiring innovation and potential separation in business practices, even if masked in the consumer interface.

The key measure to address these concerns is optionality—the super app cannot be the sole means of access. Continuing or implementing adequate support of alternatives is a prerequisite for both citizen consent and digital inclusion, and this cannot be viewed as a short-term rollout measure to be phased out.

Ensuring robust support of alternative methods is a costly exercise, but the benefits against the list of core challenges is immediately obvious—particularly if efforts are made to ensure full de-coupling, such as providing decentralized options alongside familiar legacy approaches. Ensuring sufficient differentiation between methods address the myriad, often unexpected factors at play in digital inclusion, while fully isolating back-end dependencies provides strong redundancy in the event of an availability attack. Sovereignty is supported, with citizens empowered to manage the centralization and access of their personal data, limiting the risk of data breaches among other sovereignty concerns. The risks involved in public-private partnerships in this sphere are mitigated by ensuring that governments can engage in these partnerships without forcing usage on citizens, ensuring that private companies can continue to innovate in this sphere, and avoiding single government-issued monolithic contracts.