How one Middle Eastern country took national ID from smart cards to citizen mobile devices
A Middle Eastern state had already successfully deployed a smart card based national ID scheme to citizens and residents. As part of a process of digital transformation, the government wished to enable citizens to access digital services directly from their own mobile devices. A key requirement was to simplify citizen access to services while maintaining the highest security standards.
The government specified a number of strategic goals of the mobile national ID solution:
Mobile – The ID should be contained within a government app and should work on any citizen mobile device
PKI – A certificate from the existing national PKI should be used to identify citizens
Low impact deployment – The issuance should be a low operational cost, reuse the existing infrastructure and bind the mobile ID to the existing smart card based eID
Usage policy – The government wanted control over the use of an additional second authentication factor including PIN, fingerprint or facial ID
ID Provider – the government app should be capable of providing a citizen authentication service to third parties such as banking or healthcare providers
The existing MyID credential management system, already in place for smart card based national identities, was extended to enable the delivery and usage of PKI based national identities on mobile devices. Meeting each one of the government’s stated goals:
Mobile – The MyID mobile SDK was embedded within the government app, enabling ID usage on citizen iOS and Android device
PKI – The mobile SDK connects back to the MyID server which is in turn connected to the national PKI, taking care of key generation and certificate delivery
Low impact deployment – Citizens authenticate themselves with their eID card at one of the existing citizen self-service kiosks, the mobile certificate collection is then triggered by scanning a QR code displayed on the kiosk ensuring the right people get the correct mobile ID
Usage policy – The mobile SDK supports PIN, fingerprint and facial ID and provides policy control enabling the government application to decide which can be used for which operation
ID Provider – The mobile SDK provides a simple standards-based interface enabling third party apps to call into the government app to identify a citizen on their behalf. Ensuring the digitally signed authentication occurs within the government app maintains the security of the digital Mobile ID and avoids the need to share keys between applications.
MyID was successfully extended to incorporate mobile identity issuance and usage with the mobile SDK being embed in the government app on iOS and Android platforms. The program has been live for over two years with millions of Mobile IDs now issued and in use.
Digital identities are a critical enabler of digital transformation programs, with strong, easy to use authentication now available from their own mobile device, citizens are able to interact with cloud and mobile based government services simply and securely
By using the gold standard of two factor authentication security - PKI, the government can be sure that citizens interacting with digital services really are who they claim to be, reducing fraud and extending citizen access
By utilising the security capabilities built into the mobile devices such as secure key storage and biometric identification, the MyID mobile solution avoids the need for proprietary hardware (such as a SIM) and is designed to work with newer version of mobile operating systems as they become available
By working with the infrastructure and systems already in place, MyID enabled the program to be deployed quickly and with low risk. The comprehensive and easy to integrate set of APIs and SDKs provided with MyID enabled the government to take complete control of the look and feel of the solution, providing a seamless experience for citizens
Trusted by government and large enterprises, worldwide
Where data really matters, you will find MyID. The security, reliability and interoperability of MyID software sets it apart and is why we are proud to help many leading organisations around the world manage the secure digital identities they issue, whether that's governments managing citizen ID or enterprises managing employee, contractor and supplier IDs.