New identification requirement: acceptance of mobile identity cards for public and private face-to-face procedures

Royal Decree 255/2025, of April 1, which regulates the National Identity Document, formally introduces the digital version of the DNI, managed by the Ministry of the Interior through the General Directorate of Police, and accessible via a mobile device.

This digital version is not simply a technological complement, but is configured as a fully valid means of identification, with the same legal validity as the physical DNI.

This Royal Decree establishes a clear obligation for all entities, both in the public and private sectors, to adapt. From April 2, 2026, the digital DNI must be accepted as a valid means of in-person identification, on the same terms as the physical document. This digital version has full legal validity to demonstrate identity to authorities, public administrations, and in relationships with the private sector, so its rejection for format reasons will have no legal basis.

This new reality requires an operational adaptation of internal identification procedures, as well as the systems and protocols used to verify identity.

It will also be necessary to train the staff who interact with users and clients to recognize the validity of the digital DNI and know how to correctly use the verification mechanisms enabled by the Ministry of the Interior. All this must be addressed from a comprehensive perspective of regulatory compliance, reviewing data protection policies, fraud prevention, and, if applicable, KYC/AML obligations in regulated sectors.

What is the digital DNI and why is it important?

The digital DNI is the official version of the National Identity Document that can be carried on a mobile phone, through an application managed by the National Police. It is not a simple photo of the DNI: it is a secure system that allows displaying personal data in real time, directly from official servers.

This new format has exactly the same validity as the physical identity document for in-person identification, both in front of public administrations and private companies (for example, in a hotel, store, bank, clinic, or office). Therefore, from April 2, 2026, all entities will be obliged to accept it when a person identifies themselves in person with their mobile phone.

What changes for companies and entities?

Until now, many organizations only accepted physical identity documents. With the new regulations, they will no longer be able to reject an identity document simply because it is in digital format.

This means that companies and public bodies will have to review how they identify people: at reception desks, counters, access controls, client registration processes, or in-person signatures. They will also need to train their staff to recognize the digital identity document and verify it correctly.

Digital identity cards can be verified in various ways:

• using the application installed on the same mobile device;
• using the official verifiers available on the miDNI website (including the QR verifier and the downloadable executable provided by the Ministry of the Interior); or even
• developing custom verification solutions that integrate these functionalities into corporate systems.

Failure to comply with this new obligation may have significant consequences: from client complaints and damage to reputation to legal risks arising from the denial of a service or procedure when the citizen has validly identified themselves. The non-acceptance of the digital DNI may lead to formal complaints, reports, and possible administrative or judicial proceedings, with consequent liability for the entity that has unduly rejected a legally valid means of identification.

Informative note prepared by the Data Protection Department of ECIJA Madrid.