Convergence of Digital Identity Policies Will Enable Next Generation Services

December 1, 2016

Blog

Marta Ienco, Head of the Government & Regulatory affairs, Personal Data  

marta-ienco-headshot-v2That the future of public services is digital is becoming increasingly apparent in Europe and internationally. Italy, for example, has launched its nationwide Public System for Digital Identity Management, or SPID, which facilitates faccess to e-government and public services by citizens and companies alike and will be available across multiple computing platforms. SPID has already been adopted by many of the nation’s universities and 3,300 municipalities, while all of Italy’s public administrations are due to offer SPID-based services by the end of the year. Finland’s government is acting in concert with mobile operators to encourage wholesale migration of services online, driving uptake in a country where more than 90% of the population have both a mobile device and internet access. In the UK, the government’s GOV.UK Verify initiative verifies  identity through certified companies, enabling citizens to access a variety of public services such as welfare applications, tax returns and reporting medical conditions. Perhaps the most striking example at present is Estonia which, by issuing every citizen with an eID at birth, has been able to offer fully 99% of its public services online. Consequently, hospital queues have dropped by a third, and police work has become a staggering fifty times more efficient.

These are just a few of the national identity initiatives that have sprung in Europe over recent years. But there are also a number of pan-European regulations designed to accelerate the uptake of digital identity services amongst Member States.  One such milestone is the EU eIdentification and Trust Services (eIDAS) Regulation which enables citizens and businesses to use national digital identity solutions to access public services in other EU countries. The revised Payment Services Directive (PSD2) also opens up multiple opportunities for third parties – such as Mobile Network Operators – to provide identity attributes and authentication in the payments space. Importantly, PSD2 aims to mandate for secure strong customer authentication, which will improve consumers’ protection for online payments and that mobile operators are in a good position to deliver seamless and without frictions.

There remains, however, much to be done to bring this digital future into being across Europe. For public sector services, in October, the European Commission published the e-Government Report for 2016, its benchmarking survey on the state of digital services across the EU. It finds that while 81% of services in EU countries are now available online, growth across member states is highly uneven, with a significant number lagging behind in adoption and quality. Crucially, a lack of mobile-readiness in e-government services has proved a barrier to accessibility. The report finds that, while the use of mobile devices to access the internet has taken off in earnest over the last five years, “still only 1 in 3 public websites is ‘mobile-friendly’.”

The implications for efficiency are discouraging. For instance, the number of e-government services using simple authentication services as databases to pre-fill online forms has grown by only 2%, bringing the total to still less than half, at 49%. Cross-border services were shown to inhibit business mobility, with 25% of those required by foreign entrepreneurs being wholly offline, requiring a physical encounter for completion. The number of automated services was found to be wholly static, remaining stable at 3% of all services since the first measurement. The authors therefore urge “an acceleration in order to keep up with private sector, and citizens’ expectations”. As was made clear in the report’s findings, digital identity is a key enabler for both public and private sector services but is not yet being used to its full potential.

The need for harmonisation of standards in digital identity is recognised beyond Europe. National eID initiatives have been brought forward in Canada, India, Australia and New Zealand; the direction of travel is clear, but for the journey to be completed, users’ expectations must be met in a coherent way both within and between national contexts.

In early November, the 54th session of the United Nations Commission on International Trade Law (UNCITRAL) Working group IV on Electronic Commerce in Vienna, building on the preparatory work of the its first colloquium, reached broad consensus on the fundamental importance of addressing the legal issues for identity management and trust services for electronic transactions, with the aim of improving international trade and commerce by removing legal obstacles and enabling international cross-border interoperability

The National Institute of Standards and Technology (NIST) in the US is also reviewing two important public consultations. One on Developing Trust Frameworks to Support Identity Federations, and a more extensive special publication guiding the industry on Digital Authentication. This resource aims to facilitate agreements between communities in the development of federated identity frameworks – and thereby accelerate the pace of digitisation in services through enhanced public trust in their security – through four guiding principles concerning privacy, security, interoperability and accessibility. Indeed, these criteria seem to be the bedrock for many national ID schemes, and are providing the basis for which the private sector can develop solutions that can work on a global scale.

One such solution developed by the private sector, Mobile Connect, is well-placed to aid this growing move towards harmonisation on a global scale. Its design, for example, is in accordance with the relevant guiding principles set out by NIST, eIDAS and PSD2. Last year, Mobile Connect was successfully trialled in cross-border authentication for public sector services. The trial was the first of its kind to be fully compatible and in line with eIDAS Regulation and was applauded for its successful results.

Because Mobile Connect gives the user control of who they share their data with, it maintains the maximum level of privacy that can be afforded to the user. And as an operator-led solution, it places data in the hands of those best-able to monitor and identify potentially fraudulent activity. The GSMA report ‘Mobile Connect: Mobile High-Security Authentication’, explains how Mobile Connect can deliver improved security and privacy for consumers authenticating themselves online and authorising digital transactions, and how the solution will evolve in future.

As the demand for digital services grows, private sector service providers and governments will increasingly feel the need for an interoperable identity solution that can be used securely and conveniently anywhere on the globe. Mobile Connect’s utilisation of a mobile, the piece of technology the vast majority carry on them as a matter of course, offers as much convenience and accessibility as can be hoped for.

Back

Driving Mobile Connect Usage – Turkcell Looking to improve its customers’ experience and further differentiate its proposition, Turkcell launched Mobile Connect initially on its self-care mobile application and websi...

Read more | See all Identity Resources

Mobile Connect London Summit: Presentations Taking place on the 25th and 26th April, the Mobile Connect London Summit was a forum for leading figures in the wider mobile industry to debate the most pressing issues in the...

Read more | See all Identity Resources

The PSD2 Opportunity: Mobile Operators and Fintech This paper discusses the opportunities relating to the partnership between mobile network operators and fintech companies, and how both parties can benefit from each others&#...

Read more | See all Identity Resources

SK Telecom: Integrating Existing Identity Solutions into Mobile Connec In December 2016, SKT adapted both T-Auth and T-ID to comply with the Mobile Connect specifications. The goal was to make it easier for international customers to use SKT’s app...

Read more | See all Identity Resources

Seminar Presentations from Mobile World Congress 2017 Mobile World Congress 2017 hosted three industry seminars on Mobile Connect and the future of digital identity.  You can find out more about each of these subjects by downloadin...

Read more | See all Identity Resources

SIM Toolkit Device Requirements to Improve Mobile Connect Customer Exp This document presents the requirements for the device to improve the user experience of the Mobile Connect SIM applet authenticator. The ETSI (The European Telecommunications St...

Read more | See all Identity Resources

Will Latest Cyber Attack Unite the Digital Community? Although data breaches and cybercrime are increasingly the hallmark of the age we live in, last week’s WannaCry attack has drawn out uniformly strong calls for the wider tech i...

Read more | Visit Identity Blog

Summit Demonstrates Growing Demand for the Various Offerings of Mobile Industry event reveals how Mobile Connect has evolved well beyond its authentication moorings LONDON — Last week, global leaders in the mobile industry and adjacent sectors...

Read more | Visit Identity Blog

Trust & Privacy will be Increasingly Important to eID Market ‘Cybercrime keeps Climbing’. This was one of the principal findings from PwC’s Global Economic Crime Survey 2016, and a reminder that many businesses are unprepared for -or...

Read more | Visit Identity Blog

The Next Phase of Cross-Border Public Services With over 3 billion enabled users worldwide and its federated distributed architecture, Mobile Connect is a leading example of a mobile identity and authentication solution for g...

Read more | Visit Identity Blog

Mobile Connect’s collaboration with leading brands during MWC17 poin Mobile World Congress revealed many ways in which mobile technology is evolving to deliver a new range of digital services. Inside the event’s GSMA Innovation City, we were giv...

Read more | Visit Identity Blog

Restoring Trust in the Digital Age – the Great Debate at MWC Industr The security of customer data has never been more crucial. In our digital world, the risk of fraud has reached unprecedented heights and consumers are increasingly cautious about...

Read more | Visit Identity Blog

Mobile World Congress Shanghai June 28, 2017 Mobile Connect will be present at this year’s Mobile World Congress Shanghai – Asia’s biggest mobile event. Bringing together the global mobile industry’s C...

Read more | See all Personal Data Events

MWCS17 Seminar: Mobile Connect: Deploying mobile identity services acr June 29, 2017 Mobile Connect is the global mobile industry’s secure universal identity solution.  By March 2017 it had been made available to over 3 billion consumers worldwide and with ope...

Read more | See all Personal Data Events

Contact GSMA Legal Email Preference Centre Copyright © 2017 GSMA. GSM and the GSM Logo are registered and owned by the GSMA.