Document fraud, specifically the counterfeiting and forgery of travel documents such as passports, represents a significant threat to everything from personal identity to national security.
Embedded in national electronic identity (eID) cards, electronic passports, driver’s licenses, and now smartphone apps, a digital identity provides access to essential public and private services for billions of people worldwide. This includes proving one’s identity, accessing health care, being able to travel, opening bank accounts, and much more. A recent report from Juniper Research1 forecasts that over 3 billion citizens around the world will be equipped with a government-initiated mobile ID app by 2024. Many national mobile ID initiatives are underway, notably Estonia, Norway, Belgium, Qatar, Oman, The Netherlands, Iceland, Finland, and Moldova, to name a few.
The European Union recently introduced its Digital Wallet2 project, where national IDs, driver’s licenses, payment systems (including a digital euro), and healthcare data can be securely stored on a smartphone and accessed only by the corresponding agencies. Combining the SIM card, or another secure element, and biometric data offers more security than traditional cards.
According to the EU Commission, today, only about 60% of the EU population in 14 member states can use their national electronic ID cross-border. Only 14% of key public service providers across all member states allow cross-border authentication with an e-identity system, such as proving a person’s identity on the internet without the need for a password.
“Every time an app or website asks us to create a new digital identity or to easily log on via a big platform, we have no idea what happens to our data in reality,” said Ursula von der Leyen, President of the European Commission, in her State of the Union address on Sept. 16, 2020.3 “That is why the Commission will propose a secure European e-identity: one that we trust and that any citizen can use anywhere in Europe to do anything from paying your taxes to renting a bicycle. A technology where we can control ourselves, what data is used, and how.”
Officials envision the wallet allowing a customer renting a car at an airport, for example, to complete the necessary ID checks and documents digitally and thereby skip the usual wait at an agency counter. Nightclub goers could show the app to security guards at the door to prove their ages.
Some countries already issue digital IDs for everyone
One example is Estonia’s eID.4 Unlike in many other countries, every Estonian, irrespective of their location, has a state-issued digital identity.
Over the past decade, the Estonian government heavily invested in developing a solid, accessible digital identity and digital administration system. According to their government,5 Estonia has by far the most highly developed national ID card system in the world. Much more than a legal photo ID, the mandatory national card also provides digital access to all of Estonia’s secure e-services. The chip on the card carries embedded files, and using 384-bit ECC public-key encryption, it can be used as definitive proof of ID in an electronic environment. Thanks to this, Estonia is years ahead of countries still trying to work out how to authenticate people without physical contact.
Spain is another country that has developed a government-issued digital identity. This is based on official digital signatures embedded in national ID cards or obtained from government agencies. These digital signatures can be used throughout e-card readers or installed on browsers or smartphones.
Using the digital signature, any resident can access government services, pay taxes, open a bank account, or digitally sign any document. This has proven especially valuable during the pandemic, as it is possible to perform many administrative tasks online with the same security as being in person.
Additionally, some regional governments, such as Catalonia, also have their own digital services platform using smartphones, providing a range of services accessible through the app.
The SIM chip as secure digital ID
Obviously, all these platforms providing a secure, certified digital ID require strong encryption and authentication. It is not surprising that Europe, as the birthplace of the SIM card, contactless technology, and eSIM, uses the same technology to store credentials for those digital IDs.
Companies such as Giesecke+Devrient (G+D), NXP Semiconductors, Infineon Technologies, Gemalto, and Indra Sistemas provide governments with securely encrypted chipsets, ID cards, e-Passports, and secure authentication of smartphone IDs based on a secure element of the SIM card.
Infineon cryptovision currently offers its SECORA ID6 solution combining hardware, packages, antenna inlays, OS, applets, and support.
The system’s ready-to-go Java Card solution is optimized for all eID applications. It enables security printers and card manufacturers to accelerate their time to market through ready-to-use applets supporting rapid project migration.
G+D offers VERIDOS, a mobile driver’s license application in Kosovo. G+D also provides the VeriGO TrueID, which can be integrated into Veridos’s IMAGO identity document issuance application or be easily customized to work within an existing application process. It delivers seamless workflows for the relevant issuing authorities, supported by a convenient in-app payment mechanism. TrueID facilitates governments seeking to digitize and streamline internal processes, thereby improving their service delivery and cutting costs simultaneously.
Both applications use the SIM card or eSIM unique digital keys to certify the documents, adding another layer of security to passwords, biometric authentication, or both.
As full digital IDs, the solutions can also be used on mobile devices to open bank accounts or access age-restricted services. Mobile driver’s licenses and eIDs could speed up a service provider’s internal processes, save time and money, and prevent other problems accompanying weaker means of identification.
A fast-growing market for digital IDs
Clearly, the market for digital IDs is experiencing significant growth. Additionally, Covid-19 has accelerated the demand for solutions that can be used for secure authentication without physical presence.
According to Juniper Research,7 the number of digital identity apps in use will exceed 6.2 billion in 2025, from just over 1 billion in 2020. Furthermore, civic identity apps, in which government-issued identities are held, will account for almost 90% of digital identity apps installed globally in 2025.
As we carry on into an unfamiliar future, disturbed by the pandemic, this entwined world of identity-security-privacy will perform an essential part in securing our internet, workplace, government services, and banking as safe havens.
[1]Digital Identity Executive Summary.
https://www.juniperresearch.com/researchstore/fintech-payments/digital-identity-research-report
[2]“European Digital Identity | European Commission”.
https://ec.europa.eu/info/strategy/priorities-2019-2024/europe-fit-digital-age/european-digital-identity_en
[3]State of the Union Address by President von der Leyen.
https://ec.europa.eu/commission/presscorner/detail/en/SPEECH_20_1655
[4]“One Country’s Uber-Convenient, Incredibly Invasive Digital ID System”. May 9 2019.
https://www.wsj.com/articles/the-digitization-of-your-identity-11557403060
[5]e-Estonia Digital Identity.
https://e-estonia.com/solutions/e-identity/id-card/
[6]SECORA ID security solutions.
https://www.infineon.com/cms/en/product/security-smart-card-solutions/secora-security-solutions/secora-id-security-solutions/
[7]Digital Identity Apps in Use to Exceed 6.2 Billion By 2025.
https://www.juniperresearch.com/press/digital-identity-app-in-use-to-exceed-2025
