With governments poised to accelerate national digital ID programs, and as the chair of the Digital ID workgroup at the Secure Identity Alliance (SIA), we commissioned a study to uncover lessons learned from innovative, real-life digital ID deployments around the world.
Providing ‘on the ground’ insights and perspectives, the study, in partnership with onepoint, gives a unique voice to stakeholders from 25 innovative sovereign digital ID schemes. Their shared learnings highlight the guiding principles and best practices that are critical for driving usage, adoption, and success – regardless of the digital ID model adopted.
Defining the digital ID value proposition
While the vision for a digital ID model may be to open universal access to online public and private services for all, finding ways to ensure it can address the needs of everyone – the elderly, the very young, people with disabilities, those without internet coverage – represents a key challenge.
As Charlotte Jacoby, Head of Office for Division for Infrastructure Development in Denmark, succinctly puts it; “It is important to recognize that there will always be someone out there who can’t manage the solution. So, no matter how digitalized we get, we still need to supply a way for them to interact with the public sector.”
Alongside creating adapted solutions for hard to reach groups, other inclusivity recommendations include the co-provision of physical alternatives such as verbal solutions based on call centres, reverse QR codes, and native offline validation options for older populations.
Stakeholders also emphasized the importance of finding the right balance between a seamless user experience and security to assure citizen acceptance and adoption. While France is adapting security as citizens become more confident and progress to more complex services, the Austrian government’s eID scheme featured strong privacy and security mechanisms from the get-go. Without affecting the user experience, the scheme ensures individual service providers use a different cryptographic identifier derived from each residents’ ID number.
Fostering private-public sector collaboration
To help finance the costs of digital ID programs, many governments are exploring new business models with private sector organizations. For example, Denmark’s third generation digital ID – MitID – is financed and co-owned by the government and financial sector. Building a single infrastructure that offers attractive pay-per-use fees, can be used by multiple sectors, and puts digital ID at the heart of citizens’ daily lives, represents a highly pragmatic and cost-effective approach for a country with a population of just 5 million people.
Other governments have adopted a federated model, regulated by government frameworks and governance mechanisms. In Italy, the Public System of Digital Identity (SPID) allows accredited private identity providers (IdPs) to offer digital IDs to citizens and businesses. Entirely financed by private IDPs, the scheme eliminates the burden of managing ID issuance and credential maintenance from the state to provide a secure and reliable system to Italy’s public administration.
Technology implementation – be open and agile
Keeping up with fast evolving technology and use cases means digital ID task forces need to select open standards technologies and adopt a plug-and-play approach for credentials and identity providers – so they can modernize in line with changing user needs.
For many countries, this means evolving from a centralized to a federated model where the government acts as a trusted credential and identity issuer, provides legal frameworks and standards, and creates the regulatory space for innovation.
It’s an approach that’s taken root in The Netherlands, as Michiel Van der Veen, Director Innovation & Development at the National Office for Identity Data explains; “We introduced the notion of what we call a digital source identity: a legal piece of information which makes secondary identification, applications and systems possible. It’s a kind of building block in the digital economy.”
Go to market strategies: incentivizing citizen adoption
To accelerate citizen acceptance and usage, governments prioritized high frequency use cases like online banking and other target groups (big business, SMEs, civil servants), before introducing digital by default strategies on services such as pensions, taxes, and petitions.
The incentivized mass uptake the Portuguese government applied incorporated some truly innovative thinking to create a leap in user adoption by introducing multiple enrolment channels for its Digital Mobile Key (CMD). As a result, citizen enrolment has jumped from 1,000 a month to 4,000 a day.
Meanwhile, the Italian government introduced the first scheme in Europe to offer citizens a unique remote video and audio onboarding process with live validation that takes just 20 seconds. During the COVID-19 outbreak, there was a steep jump in citizen requests for this fast remote registration procedure. Other countries are now testing and deploying remote verification technologies to deliver a more streamlined experience for citizens.
Looking to the future
As Sylvan Fux, Head of Business Consulting Finance/Justice and E-Government Liechtenstein explains; “We think that the future will be mobile. The main argument to support our choice to change to the mobile ID is the usability.”
ABI research in its latest webinar stated it forecasts that by 2025, government driven initiatives will enable over 700 million citizens around the world to be equipped with a civic mobile ID.
Offering advantages like trusted and reliable security, remote enrolment, biometric authentication and privacy mechanisms, governments are now adopting a ‘mobile first approach’ that enable them to add new features as they go along; for example, enabling the integration of COVID-19 proof of vaccination into digital ID wallets. As discussed in a previous blog, digital identities have never been so relevant in the era of a pandemic.
If you would like to get more insights from the 25+ interviews we ran as part of the Secure Identity Alliance with government digital ID schemes representatives from around the world, deep dive into innovative use cases, governance and process, technological choices and go-to-market strategies, download the ‘Giving Voice to Digital Identities Worldwide’ research report.
Uniquely, the report goes beyond simple project ‘overviews’ to capture the real world operational experiences of countries and organizations through a series of 25 in-depth interviews with key project stakeholders.
Ultimately, digital identity national ecosystems vary from country to country according to a multitude of cultural, technological, and organizational criteria. There is no single ‘right answer’ or a single digital identity system that can be reproduced everywhere. However, by sharing best practice, sovereign states and agencies can avoid the pitfalls and develop cohesive, effective and future-proofed programs.
If you have any questions, comment below or tweet us at @ThalesDigiSec
The post Giving Voice to Digital Identities Worldwide: Lessons and Insights from Around the World appeared first on Cybersecurity Insiders.
March 14, 2021 at 09:10AM
0 comments:
Post a Comment