If you're talking about self-signed IDs then nothing - that's the reason they have to be manually-trusted by the recipient, by installing the keyfile. Normally that keyfile is sent via a completely-separate route so its origin can be checked.
If you purchase a root-linked digital ID from a commercial supplier (which will be trusted automatically by Acrobat and Adobe Reader) they will perform identity checks, just as they do when issuing a certificate for a website.
Absolutely nothing, but you can control whether you trust a certificate. With self-signed digital IDs, you should only add the corresponding certificate to your list of trusted identities if you can trust its source.. For example, if someone hands you a flash drive containing it, emails it to you just after you talk with them on the phone to arrange it, or some other scenario that allows you to trust the source. If an imposter uses the same name and email and sends you a signed document, it will fail validation if you haven't added the certificate to your list of trusted certificates. This is know as a direct trust relationship. You have to take care to only trust certificates that you receive from confirmed sources.