NATIONAL MOBILE ID
How one Middle Eastern country took national ID from smart cards to citizen mobile devices.
A Middle Eastern state had already successfully deployed a smart card based national ID scheme to citizens and residents. As part of a process of digital transformation, the government wished to enable citizens to access digital services directly from their own mobile devices. A key requirement was to simplify citizen access to services while maintaining the highest security standards.
The government specified a number of strategic goals of the mobile national ID solution:
- Mobile – The ID should be contained within a government app and should work on any citizen mobile device.
- PKI – A certificate from the existing national PKI should be used to identify citizens.
- Low impact deployment – The issuance should be a low operational cost, reuse the existing infrastructure and bind the mobile ID to the existing smart card based eID.
- Usage policy – The government wanted control over the use of an additional second authentication factor including PIN, fingerprint or facial ID.
- ID Provider – the government app should be capable of providing a citizen authentication service to third parties such as banking or healthcare providers.
The existing MyID credential management system, already in place for smart card based national identities, was extended to enable the delivery and usage of PKI based national identities on mobile devices. Meeting each one of the government’s stated goals:
- Mobile – The MyID mobile SDK was embedded within the government app, enabling ID usage on citizen iOS and Android device.
- PKI – The mobile SDK connects back to the MyID server which is in turn connected to the national PKI, taking care of key generation and certificate delivery.
- Low impact deployment – Citizens authenticate themselves with their eID card at one of the existing citizen self-service kiosks, the mobile certificate collection is then triggered by scanning a QR code displayed on the kiosk ensuring the right people get the correct mobile ID.
- Usage policy – The mobile SDK supports PIN, fingerprint and facial ID and provides policy control enabling the government application to decide which can be used for which operation.
- ID Provider – The mobile SDK provides a simple standards-based interface enabling third party apps to call into the government app to identify a citizen on their behalf. Ensuring the digitally signed authentication occurs within the government app maintains the security of the digital Mobile ID and avoids the need to share keys between applications.
MyID was successfully extended to incorporate mobile identity issuance and usage with the mobile SDK being embed in the government app on iOS and Android platforms. The program has been live for over two years with millions of Mobile IDs now issued and in use.
Digital identities are a critical enabler of digital transformation programs, with strong, easy to use authentication now available from their own mobile device, citizens are able to interact with cloud and mobile based government services simply and securely.
By using the gold standard of two factor authentication security - PKI, the government can be sure that citizens interacting with digital services really are who they claim to be, reducing fraud and extending citizen access.
By utilising the security capabilities built into the mobile devices such as secure key storage and biometric identification, the MyID mobile solution avoids the need for proprietary hardware (such as a SIM) and is designed to work with newer version of mobile operating systems as they become available.
By working with the infrastructure and systems already in place, MyID enabled the program to be deployed quickly and with low risk. The comprehensive and easy to integrate set of APIs and SDKs provided with MyID enabled the government to take complete control of the look and feel of the solution, providing a seamless experience for citizens.
Download the case study
In this case study we look at how MyID credential management has been deployed by a national government to issue and manage citizen digital identities across their mobile devices.
Trusted By Governments and Large Enterprises Worldwide
Where protecting systems and information really matters, you will find MyID. Whether its citizen data, aerospace and defence systems, high-value financial transactions, intellectual property or air traffic control, we are proud that many leading organisations around the world choose MyID to protect themselves against data breach and ensure business continuity.