Creating User-Centric Citizen Identity Programs
Implementation of best practices must be employed
- By Steve Warne
- Mar 01, 2019
Governments are implementing innovative programs
that are revolutionizing how the world looks at identity
and citizenship. There are many examples of nations
that are using trusted identities to redefine how
they interact with and deliver services to their citizens,
from India’s Aadhaar project for bringing personal identification to
a record-breaking 1.2 billion people, to Tanzania and its quest to deploy
an e-Passport program that anticipates future needs.
There are numerous system elements that are required for launching
a successful citizen identification program. These elements cover
the whole identity journey from data capture and enrollment through
application processing, adjudication, and data preparation to personalization
and issuance. A truly end-to-end solution also must include
supporting functionality for these processes such as lifecycle management,
key management systems and signing and certification services.
For a successful project delivery, implementation best practices
must be employed. No two projects are ever the same and therefore it
is essential that there be an initial assessment of the legacy system, a
full understanding of the customer’s requirements and a study of all
relevant project constraints. In the program design and deployment
stage, it is important to consider all necessary system elements and
how they interact with any legacy processes, and take a customized, modular approach to ensure the best fit with user requirements. It is also crucial to anticipate
the support and maintenance any identity
solution will need and ensure that local
IT and integration support is available and
that these resources are fully engaged in the
deployment process.
As governments look to optimize their
investments, new systems should enable the
issuance of different types of ID documents
using the same core system components.
New and emerging standards and market
requirements must also be addressed and
incorporated into the solution in a simple
and frictionless manner, and its document
management system should be able to support
the move to mobile IDs as well as the
verification infrastructure for authenticating
them.
Key Ingredients
The key to a successful end-to-end citizen
identification solution is to fully understand
how each aspect of the system affects
the user journey. Figure 1 shows how HID
Global categorizes the steps in this journey
in its HID Integrale solution.
The program should enhance the user
experience at every step. This of course
means recognizing that there are many users
of such a system, and that while program
success metrics starts and ends with the
citizen experience, it is critical to consider
the needs of other users including frontline
government staff, the team that manage
the back-end software and the authorizers
and verifiers who use citizen identities in
the field. All user needs must be met while
adhering to the highest standards of security,
privacy, quality and efficiency, whether
the identification system is implemented in
a centralized data center or a distributed
environment. All captured application data
must be encrypted both at rest and in transit,
ensuring the citizen’s information always
remains safe.
Take for example the enrollment process.
It is clear that the system should support a
variety of application environments and
the software should integrate with multiple
quality-checking tools such as International
Civil Aviation Organization (ICAO) photo
standard check or fingerprint quality assessment.
The solution should perform data
verification and validation as well as biometric
identification, while also supporting
integration with the citizen database/register.
But what about the citizen experience? The
citizen wants the process to be comfortable,
convenient and efficient, so it needs to be
simple to understand, easy to undertake and
performed correctly each time.
It is also important to consider where
enrollment will be performed and whether
it will need a desktop, mobile suitcase or
self-enrollment kiosk, or perhaps even a selfenrollment
option using a mobile device. On
the other side of the process, the front-line
government officials performing the enrollment
have different requirements. They need
a process that is easily explained and efficiently
carried out with the citizen, but they
also need clear easy-to-use software with a
localized graphical user interface (GUI) that
reflects and supports their process and language
requirements.
The next stage is application processing,
which requires tools for performing
Automated Biometric Identification System
(ABIS) deduplication, watchlist and database
checks, and exception-case handling.
The system should be fully customizable so
that it can adapt to any workflow requirements,
both today and as they evolve. Here,
too, the focus should be on the customer experience.
In many cases a citizen may need
to wait while this process is performed. It
therefore needs to be quick and accurate
and provide clear feedback should there be
any issues. From the government side there
are similar requirements. Accuracy and clarity
are paramount to enable prompt action
if there is an issue, which might range from
simply explaining to citizens that they will
need further checks to detaining an individual
for fraud or other offenses.
Once the application is approved the
next step is secure data preparation, which
requires software for handling document
signing, chip script generation and document
output control. The system must be
capable of securely formatting and signing
data with country keys as preparation for
chip personalization with a chip operating
system. Another key component is the
PKI system for managing the keys and certificates
used to sign personalized e-Documents
and enable their verification at control
points. The solution should be capable
of handling all aspects of key and certificate
creation, management, revocation and associated
policies. This process should be performed
seamlessly in a secure environment
to minimize the risk of exposing citizen data
or country secrets. At the same time, it also
requires customized software outputs for
operators, presenting information in a way
which is easily understood and that batches
the data in a way which suits the upcoming
personalization process.
The data preparation step is followed
by personalization and quality control. The
software must encompass a variety of capabilities
including pre-personalization, personalization
control, chip encoding, quality
control, and assurance and inventory
management. The personalization and chip
encoding section of the solution should be
capable of handling all aspects of graphical
personalization, secure chip encoding, print
job creation and the final quality assessment
of the document. It should support multimachine
configurations and integration
with major personalization machine brands
while also handling multiple chip operating
system configurations. Additionally, the
software must support the operators of the
process by providing clear feedback on the
documents that are manufactured as well
as rejects and rework plus the health and
status of equipment and the maintenance
schedules they must apply.
The final component of an end-toend
system is issuance. The software must
handle the e-Document collection process,
post-issuance control, self-service kiosk solutions,
e-Document application upgrades
and e-Document data renewal. It should
simplify the management of the e-ID card
lifecycles and inventory control, from the
blank document through all personalization, issuance and post-issuance updates.
The card management system should feature
a localized GUI to retrieve document
status in real time while also enabling such
post-issuance operations as on-card application
updates. Issuance and post-issuance
processes again need to take into account
the user experiences of both the citizen
and government officials. Citizens want to
receive their documents quickly, efficiently
and securely whether through the mail, a kiosk
or in person. When they make changes
or updates, they want to be sure that these
are done quickly, accurately and in a way
which does not compromise their use of the
document or the service it enables. Meanwhile
the government officials want to be
sure that documents are provided to the
right citizen and that the post-issuance processes
are secure and efficient.
Planning for Mobile IDs
Governments must also plan an easy path
to offering mobile identities to their citizens.
New technologies enable identity credentials
to be enrolled, provisioned and used on mobile
devices, presented in a way that does not
compromise security or privacy, and authenticated
without requiring specialized training.
These technologies also give citizens
greater control over what identification information
they share, in person or remotely,
including over the telephone, on websites, or
when accessing other digital services.
As countries move from paper or electronic
documents to mobile IDs, they
can streamline proof of identity issuance
through over-the-air provisioning directly to
citizens’ phones. This model protects privacy
with end-to-end encryption and multiple layers
of fraud-fighting security mechanisms,
while post-issuance technologies keep mobile
IDs current and trustable.
Mobile ID solutions should be an extension
of the infrastructure used for physical
e-Document programs and should be backed
by the same high security standards for data,
communication and privacy protection. The
solutions should enable issuing authorities
to easily add other government agencies and
authorized private-sector entities into their
ecosystem. This creates new opportunities
to improve communication between governments
and their citizens while opening the
door for people to carry many different government
and commercial IDs in one convenient
mobile application.
In addition to the modular software
suites employed for physical and mobile
IDs, a provisioning mechanism is required
to securely manage the delivery of the identity
to the correct mobile device. Such a
provisioning mechanism can be managed
on premise by governments or in the cloud
and managed by the Government or offered
as a service by an external vendor. These
platforms manage the provisioning of fully
encrypted mobile identities from a central
issuance system to citizens’ smartphones
while ensuring the privacy of all personal
information. An early example is the HID
goID Gateway that HID Global has added
to its end-to-end e-Passport solution. Deployed
by the government of Tanzania,
the platform makes it possible to provision
mobile “electronic passports” to citizens’
smartphones as insurance in case their
physical passport booklets are stolen or lost
in another country. The gateway also creates
the opportunity for any public entity to
deliver localized and dedicated mobile ID
services to Tanzanian citizens in the future.
Another key element of a citizen mobile
ID program is the smartphone app. This app
should include off-the-shelf data structures
that enable governments to issue mobile
credentials that will comply to standards
currently being developed by ICAO and the
International Organization for Standardization
(ISO). The most flexible way to create
the smartphone application is to provide a
software developer’s kit (SDK) so that local
developers can produce an application
which is customized to local requirements
and based on trusted, proven technology.
The mobile identity is delivered into the
smartphone app by the provisioning service
where it is secured to the device using the onboard
security mechanisms. The identity can
be securely shared on-line or off-line using
Bluetooth, NFC or other device-to-device
communication technologies.
Finally, a mobile identity solution requires
a method for authentication or verification.
The provisioning infrastructure must enable
the secure distribution of verification applications
for incorporation into hardware devices
or other software systems. The role of the verification
application must be managed by the
issuer to ensure that the security and privacy
of the citizens is protected at all times.
The latest end-to-end citizen identification
solutions include all requirements for a
successful program as part of a comprehensive
and coherent issuance and verification
framework. They provide a customized,
modular approach to deploying the major
back-end system elements while meeting
the exact needs of users and enhancing
their experience at each step. These solutions
also acknowledge and pave the way
for IDs to be carried on citizens’ mobile
devices. A complete, end-to-end solution
bridges the gap between the physical credentials
of today and the mobile credentials
of the future, so governments can issue
a physical or mobile credential, or both,
from a single source, and
authenticate them via a
single, low-cost verification
infrastructure.
This article originally appeared in the March 2019 issue of Security Today.