François Chung, Ph.D.

Category: My projects

Digital identity wallet

Digital identity wallet

Zetes project @Brussels, Belgium (2022). For many years, transactional and online services have relied on end users using devices such as desktop computers and laptops. Therefore, solutions for remote identity proofing and digital signatures have been designed to the characteristics of such devices. However, these devices are more and more replaced by mobile devices such as tablets and smartphones, which raises new challenges.

For example, smart cards and tokens, which are typically connected to desktop computers and laptops using USB devices, cannot be easily connected to smartphones, or cannot at all. Furthermore, given developments in cloud computing, solutions have emerged in the last few years where the process of digital signature creation is done in a distributed way by different systems that may be controlled by different actors.

This is why recent standards have introduced the concept of mobile identity (e.g. driving licence in association with a mobile device) and electronic signature created using a remote signature creation device (i.e. electronic signature device is replaced by cloud-based services offered and managed by a trusted service provider), which can be both made available to the end user through a digital identity wallet as a smartphone app.

The related standards are:

  • ISO/IEC 18013-5:2021 - Personal identification, ISO-compliant driving licence, Part 5: Mobile driving licence (mDL) application;
  • ETSI TS 119 432 - Electronic Signatures and Infrastructures (ESI), Protocols for remote digital signature creation;
  • CSC standard - Architectures and protocols for remote signature applications.

In this project, my tasks are first related to the analysis of these standards so as to investigate how they could be implemented in practice and what is their impact on the project scope. Then, my tasks are related to the analysis of business needs (whether internal or from the customer), software implementation (e.g. software releases and documentation) and project management (e.g. project coordination with the customer).

References

Identity proofing

Identity proofing

Zetes project @Brussels, Belgium (2021). Identity proofing consists in verifying for a given level of assurance that a person, who is claiming an identity, is indeed the correct person. This identity proofing process can be performed manually by a human operator, either on site (through physical presence) or online (remotely through videoconference), but also automatically (e.g. fully automated online or in a controlled environment).

At the European level, the European Telecommunications Standards Institute (ETSI) is working on technical specification ETSI TS 119 46 to lay the foundations on a new identity proofing standard, whose aim is to be applicable in areas such as the issuance of electronic identity (eID) and Know Your Customer (KYC) processes, with several person types considered: natural person, legal person, and natural person representing a legal person.

One of the objectives of this specification is to provide controls against two main identity proofing threats:

  • Falsified evidence: A person claims an incorrect identity using forged evidence;
  • Identity theft: A person uses valid evidence associated with another person.

Therefore, implementing identity proofing requires a risk-based and outcome-based approach where requirements can be tuned up to a desired level of assurance (i.e. degree of certainty) of the result, depending on the context (e.g. purpose of the identity proofing, regulatory environment, acceptable risk regarding the result of the process).

In this project, my tasks are related to the analysis of technical specification ETSI TS 119 46 so as to investigate what parts of the identity proofing process are already developed and available at Zetes (and therefore could be reused), how the missing parts can be implemented in practice and what are the possible impacts of the implementation on the existing products and solutions.

References

Project

Related articles

Learn more

ETSI - European Telecommunications Standards Institute

PKI for identity documents

PKI for identity documents

Zetes project @Brussels, Belgium (2021). A Public Key Infrastructure (PKI) is a set of physical components (e.g. computers and hardware), human procedures (e.g. checks and validation) and software (e.g. system and applications) intended to manage the public keys of the users of a system. The objective is the secure electronic transfer of information for a range of online activities, such as e-commerce and electronic identification (eID).

In the case of electronic identity documents, such as the identity card, a PKI makes it possible to bind public keys to the identity of citizens, whose personal information is not only printed on the identity card, but also stored in the identity card chip. This system not only allows citizens to use their card to identify themselves online (authentication), but also to sign digital documents using a Qualified Electronic Signature (QES).

A PKI can also be used in an international scheme, such as for the verification of passports at country borders. In that case, a country emits passports for its citizens and also puts in place a PKI to allow other countries to check those passports. This means that, when a citizen presents a passport at the border control, the inspection system checks the identity information both printed on the passport and stored in the passport chip.

As a Functional Analyst and Product Owner within Zetes People ID’s development team, my tasks are related to the analysis of PKI software needs, whether internal or from the customer (e.g. requirement gathering and product presentation), PKI software implementation (e.g. software releases and documentation) and project management (e.g. project coordination during change requests).

References

Related article

Identity proofing (Zetes project)

Learn more

Trends debate: technology and privacy

Trends debate: technology and privacy

Fujitsu project @Brussels, Belgium (2020). In the midst of the Covid-19 pandemic, and the development of contact tracing applications to help track and stop the spread of the coronavirus, Trends organized an online debate around technology and privacy entitled: “Does saying yes to technology mean saying no to ethics and privacy?”. The debate has been published as an article in Trends, which is a Flemish financial-economic magazine presenting analyses of current economic, political and social news.

Participants in this debate, who are experts in technology, ethics, privacy or legislation, are representing the following organizations:

  • Atos;
  • Everest Law;
  • Fujitsu;
  • Icapps;
  • Ministry of Privacy;
  • Nutanix;
  • Privaco;
  • SiriusLegal;
  • Universiteit Gent.

The main topics of discussion around this debate are as follows:

  • Should a contact tracing application be considered as a Pandora's box whose consequences cannot be estimated?
  • Is GDPR sufficient as a security mechanism? Or do we need to develop a clearer framework to regulate the potential misuse of technology?
  • To what extent does fragmentation, at political, geographic or economic level, hinder the efficiency of contact tracing applications requiring a global reach to be efficient?
  • Who decides what can be allowed with the possibilities offered by the technology? And how can we enforce that?
  • What is the correct mechanism to determine when a technology is needed? And when can a market be considered as ready?

As a Digital Business Analyst representing Fujitsu for this debate, I shared Fujitsu’s vision and values regarding technology and privacy in the context of the global Covid-19 pandemic, with topics such as working from home (technologies and benefits), extending the legal framework, including GDPR, to regulate Artificial Intelligence and building a human centric future with ethical technology. The debate has been published as an article in Trends on 13th August 2020.

References

Publication

Related article

Learn more

Digital Annealer

Digital Annealer

Fujitsu project @Brussels, Belgium (2019). Using a digital circuit design inspired by quantum phenomena, Fujitsu’s Digital Annealer (DA) computational architecture bridges the gap to the quantum world and paves the way for much faster, more efficient solving of today’s business problems. The solution is designed to solve large-scale combinatorial optimization problems, which are unsolvable using today’s classical computers.

Among the various quantum computing methods that exist in the market today, DA is categorized as an example of the annealing method, which focuses on solving combinatorial optimization problems and the achievement of successful results with rapid operational capabilities. Unlike classical computers, Digital Annealing does not require programming, simply setting parameters allows calculations to be performed.

DA solution is applicable for a wide range of use cases, across various sectors, such as:

  • Finance: investment portfolio optimization through risk diversification;
  • Pharmaceutical: molecular similarity search for drug discovery;
  • Marketing: clustering for big data utilization;
  • Logistics: route optimization for reducing traffic congestion;
  • Manufacturing: manpower management, production control scheduling.

Within the Digital Business Solutions (DBS) team, my role consists in supporting DA activities in Belgium and across EMEIA region, and includes tasks related to presales (e.g. DA solution presentation), business analysis (e.g. analyzing client’s business needs), data science (e.g.converting optimization problems into mathematical formulation) and project management (e.g. project coordination during the implementation phase).

References

Related articles

Quantum computing and physics (Udemy training)
DataNews 2020 (FR) (magazine article, French version)
DataNews 2020 (NL) (magazine article, Dutch version)

Learn more