Inside The Hashgraph Group: Interview with Stefan Deiss on enterprise trust infrastructure

As enterprises move beyond experimentation with blockchain, the focus is shifting toward infrastructure that can provide verifiable trust at scale. From digital identity to supply chain transparency, organizations increasingly require systems that allow independent verification of data, ownership, and actions.

The Hashgraph Group, led by CEO and Co-Founder Stefan Deiss, is building such infrastructure across multiple verticals, including identity, carbon markets, and digital product passports. We spoke with Deiss about where real enterprise demand is emerging, how regulation is shaping adoption, and why cryptographic verification may soon replace detection-based approaches in areas like deepfakes.

Building enterprise trust infrastructure

Much of THG’s product portfolio may look broad at first glance, spanning identity, carbon markets, product passports, asset custody, and support infrastructure. But according to Deiss, each product addresses the same underlying challenge: enabling businesses, regulators, and counterparties to independently verify that something is true.

GNcrypto: A lot of Web3 companies talk about enterprise infrastructure, but very few become indispensable. What is the one area where THG believes it can become non-optional?

Stefan Deiss: Supply chain verification. Digital Product Passports become mandatory for EU exports in 2027 under the Ecodesign for Sustainable Products Regulation. That’s a legal gate  TrackTrace is purpose-built for: real-time tracking from origin, ethical sourcing verification, carbon emissions data, all anchored to Hedera so the audit trail is cryptographically immutable. We’re building the infrastructure layer that makes regulatory compliance possible.

GNcrypto: THG builds across identity, carbon markets, product passports, asset custody and support infrastructure. What ties that portfolio together?

Stefan Deiss: Every product solves the same underlying problem: how do you prove something is true in a way that a counterparty, regulator or auditor can independently verify? IDTrust proves identity. TrackTrace proves provenance. EcoGuard proves climate action. AssetGuard proves custody and governance. HashCare ensures the infrastructure beneath all of that works in production. The common thread is verifiable trust, anchored in cryptographic proof on a public ledger. We are building a trust infrastructure layer with multiple entry points, depending on which compliance or operational problem an enterprise encounters first.

GNcrypto: Where will the first truly durable enterprise market for trust infrastructure emerge?

Stefan Deiss: Digital identity, because everything else depends on it. You cannot issue a credible carbon credit without verifying who issued it. You cannot create a Digital Product Passport without authenticated supply chain participants. You cannot custody assets without knowing who controls the keys. Identity is the root dependency, which is why IDTrust was the first product we built and why it integrates into TrackTrace, EcoGuard and AssetGuard. The enterprise market for identity is also the most regulation-ready: eIDAS 2.0 in Europe, the UK Digital Identity Trust Framework, Switzerland’s e-ID legislation. Carbon and DPP will follow, but identity is the foundation.

GNcrypto: IDTrust is described as self-sovereign and privacy-first, but enterprise buyers still want control and auditability. How do you stop self-sovereign identity from becoming centralized permissioning with better branding?

Stefan Deiss: By making the architecture enforce the principle. IDTrust uses Hedera’s Consensus Service in a stateless proof model – we anchor cryptographic proofs without storing personal data on the ledger. The individual holds their credentials in their own wallet. When a verifier checks a credential, they verify the proof against Hedera without accessing the underlying data. The individual decides what to share, with whom and for how long.

Enterprise buyers absolutely need auditability, and they should have it. The question is where control sits. An employer can define which credentials are required for system access. They can audit that a valid credential was presented. What they cannot do is access, revoke or modify the credential itself. The issuer issues, the holder holds, the verifier verifies. Those roles are architecturally separated, not just contractually promised.

From pilots to real-world deployment

A recurring issue in enterprise blockchain has been the gap between proof of concept and production. Deiss argues that this is less about a lack of interest and more about operational complexity, legacy systems, and support requirements.

GNcrypto: Your BEEAH partnership in the UAE offered a real deployment case. In a crisis, does anyone really buy “decentralization” – or are they buying continuity and an audit trail they can trust?

Stefan Deiss: Nobody in a crisis cares about the word “decentralization.” They care that systems keep running, that records are intact and that they can prove what happened. Our BEEAH deployment provides decentralized digital identity across smart real estate communities, healthcare facilities and environmental services. If a single point of failure goes down, identity verification keeps working because no single node controls the system. If records need auditing after an incident, the cryptographic trail is immutable and independently verifiable. Beyond the narrative hype, “decentralization” is an architectural property that delivers practical outcomes – resilience, tamper-resistance, auditability. This is what Enterprise buyers in the Gulf are interested in.

GNcrypto: Carbon markets remain fragmented and difficult to trust. What can on-chain infrastructure actually fix, and what is clearly not a technology problem?

Stefan Deiss: On-chain infrastructure can fix provenance and double-counting. EcoGuard anchors a cryptographic proof at each step of the carbon credit lifecycle – creation, verification, issuance, tracking, retirement. You can independently verify that a credit was legitimately issued, has not been counted twice and has actually been retired when claimed. What technology cannot fix is the quality of the underlying offset. If a reforestation project is poorly managed, or if the baseline methodology is flawed, no cryptographic proof changes that. That is a governance, standards and enforcement problem. EcoGuard provides the trust layer for carbon data. It does not replace the human judgment required to determine whether a carbon project is genuine. The technology ensures that whatever decision is made is transparently recorded and verifiable. 

GNcrypto: Your PwC tie-up suggests you are willing to reach enterprises through consulting channels. Does that make THG more scalable, or more dependent on services-heavy implementation?

Stefan Deiss: More scalable, and deliberately so. Our partnership with PwC Switzerland and PwC Germany is a go-to-market collaboration. PwC has existing relationships with the largest enterprises in energy, manufacturing and financial services. When those organizations implement a verifiable trust layer, PwC brings them to us. We provide the technology solutions, PwC provides the advisory context.

GNcrypto: HashCare signals that enterprise DLT still needs a support layer. Why do so many projects stall after the pilot phase?

Stefan Deiss: What often breaks down is the transition from proof of concept to production deployment. Pilots have executive sponsorship and ring-fenced budgets. Production requires integration with existing systems, IT security review, change management and ongoing support. HashCare was built to bridge that gap – providing support from self-service through to expert technical escalation, so projects don’t quietly die when IT teams inherit the integration work.

GNcrypto: THG operates exclusively within the Hedera ecosystem. Has this lack of chain-agnostic flexibility ever cost you a major contract?

Stefan Deiss: Enterprise procurement teams sometimes ask about multi-chain support. But in practice, the enterprises and governments we work with are not choosing between ledgers the way a developer might choose between cloud providers. They are choosing between trust models and governance structures. Hedera’s Governing Council – which includes Dell, Google, IBM, and FedEx – provides a governance framework that no other public ledger offers. When a government ministry evaluates DLT, they ask, “who governs this network, and will it still exist in ten years?” That question favors Hedera decisively.

Why verification matters more than detection

The same logic THG applies to enterprise infrastructure also informs Deiss’s view on synthetic media. As major platforms expand their AI deepfake detection tools, he believes the long-term answer lies not in trying to catch fake content after the fact, but in proving what is authentic from the outset.

GNcrypto: Platforms like YouTube are expanding AI deepfake detection tools for public figures and journalists. Do you see detection as a viable long-term answer?

Stefan Deiss: Deepfake detection is turning into a catch-up race Big Tech can’t win. The AI generating fake images, video and audio is improving faster than the systems trying to catch it, and every new detection tool effectively teaches the next wave of deepfakes how to evade it. By the time a platform identifies a convincing fake, the damage may already be done.

The real solution isn’t chasing fakes after they spread – it’s proving what’s real from the start. Cryptography already underpins much of the internet – from banking and messaging to cybersecurity and digital identity. The same principles can be used for media. With technologies like distributed ledgers, content can carry cryptographic proof of where it was created and whether it has been altered. Instead of endlessly trying to detect deepfakes, we can verify authenticity mathematically and instantly.

GNcrypto: Five years from now, what would count as a real failure for THG?

Stefan Deiss: If in five years enterprises are still running pilots instead of using our technology in production, we got the timing wrong. We built the infrastructure before the market was ready to use it.

But that’s not what we’re seeing. The regulations driving demand are real and on schedule. From 2027, any product exported to the EU needs a Digital Product Passport – a legal requirement, not a nice-to-have. Europe’s new digital identity rules are embedding verifiable credentials into national systems. Carbon markets are demanding proof that credits are legitimate. These are compliance deadlines that force enterprises to adopt verifiable infrastructure.

The conversations have changed too. Three years ago, we were talking to innovation teams about interesting technology. Now we’re talking to procurement departments about implementation timelines.