MyID helped Middle Eastern country take national ID from smart cards to citizen mobile devices

A Middle Eastern state had already successfully deployed a smart card based national ID scheme to citizens and residents. As part of a process of digital transformation, the government wished to enable citizens to access digital services directly from their own mobile devices. A key requirement was to simplify citizen access to services while maintaining the highest security standards. 

THE CHALLENGE

The government specified a number of strategic goals of the mobile national ID solution: 

  • Mobile - The ID should be contained within a government app and should work on any citizen mobile device.
  • PKI - A certificate from the existing national PKI should be used to identify citizens.
  • Low impact deployment -The issuance should be a low operational cost, reuse the existing infrastructure and bind the mobile ID to the existing smart card based eID.
  • Usage policy - The government wanted control over the use of an additional second authentication factor including PIN, fingerprint or facial ID.
  • ID Provider - the government app should be capable of providing a citizen authentication service to third parties such as banking or healthcare providers.

THE SOLUTION

The existing MyID credential management system, already in place for smart card based national identities, was extended to enable the delivery and usage of PKI based national identities on mobile devices. Meeting each one of the government’s stated goals: 

  • Mobile – The MyID mobile SDK was embedded within the government app, enabling ID usage on citizen iOS and Android device.
  • PKI – The mobile SDK connects back to the MyID server which is in turn connected to the national PKI, taking care of key generation and certificate delivery.
  • Low impact deployment – Citizens authenticate themselves with their eID card at one of the existing citizen self-service kiosks, the mobile certificate collection is then triggered by scanning a QR code displayed on the kiosk ensuring the right people get the correct mobile ID.
  • Usage policy – The mobile SDK supports PIN, fingerprint and facial ID and provides policy control enabling the government application to decide which can be used for which operation.
  • ID Provider – The mobile SDK provides a simple standards-based interface enabling third party apps to call into the government app to identify a citizen on their behalf. Ensuring the digitally signed authentication occurs within the government app maintains the security of the digital Mobile ID and avoids the need to share keys between applications.

MyID was successfully extended to incorporate mobile identity issuance and usage with the mobile SDK being embed in the government app on iOS and Android platforms. The program has been live for over two years with millions of Mobile IDs now issued and in use.

THE ​BENEFITS

DIGITAL TRANSFORMATION 

Digital identities are a critical enabler of digital transformation programs, with strong, easy to use authentication now available from their own mobile device, citizens are able to interact with cloud and mobile based government services simply and securely.

SECURE

By using the gold standard of two factor authentication security - PKI, the government can be sure that citizens interacting with digital services really are who they claim to be, reducing fraud and extending citizen access.

Download the case study

Discover ​how one Middle Eastern country took national ID from smart cards to citizen mobile devices.

DOWNLOAD

Trusted by Governments and Enterprises Worldwide

Where protecting systems and information really matters, you will find Intercede.  Whether its citizen data, aerospace and defense systems, high-value financial transactions, intellectual property or air traffic control, we are proud that many leading organizations around the world choose Intercede solutions to protect themselves against data breach, comply with regulations and ensure business continuity.