François Chung, Ph.D.

Tag: zetes

Digital identity wallet

Digital identity wallet

|

Zetes project @Brussels, Belgium (2022). For many years, transactional and online services have relied on end users using devices such as desktop computers and laptops. Therefore, solutions for remote identity proofing and digital signatures have been designed to the characteristics of such devices. However, these devices are more and more replaced by mobile devices such as tablets and smartphones, which raises new challenges.

For example, smart cards and tokens, which are typically connected to desktop computers and laptops using USB devices, cannot be easily connected to smartphones, or cannot at all. Furthermore, given developments in cloud computing, solutions have emerged in the last few years where the process of digital signature creation is done in a distributed way by different systems that may be controlled by different actors.

This is why recent standards have introduced the concept of mobile identity (e.g. driving licence in association with a mobile device) and electronic signature created using a remote signature creation device (i.e. electronic signature device is replaced by cloud-based services offered and managed by a trusted service provider), which can be both made available to the end user through a digital identity wallet as a smartphone app.

The related standards are:

  • ISO/IEC 18013-5:2021 - Personal identification, ISO-compliant driving licence, Part 5: Mobile driving licence (mDL) application;
  • ETSI TS 119 432 - Electronic Signatures and Infrastructures (ESI), Protocols for remote digital signature creation;
  • CSC standard - Architectures and protocols for remote signature applications.

In this project, my tasks are first related to the analysis of these standards so as to investigate how they could be implemented in practice and what is their impact on the project scope. Then, my tasks are related to the analysis of business needs (whether internal or from the customer), software implementation (e.g. software releases and documentation) and project management (e.g. project coordination with the customer).

References

Identity proofing

Identity proofing

|

Zetes project @Brussels, Belgium (2021). Identity proofing consists in verifying for a given level of assurance that a person, who is claiming an identity, is indeed the correct person. This identity proofing process can be performed manually by a human operator, either on site (through physical presence) or online (remotely through videoconference), but also automatically (e.g. fully automated online or in a controlled environment).

At the European level, the European Telecommunications Standards Institute (ETSI) is working on technical specification ETSI TS 119 46 to lay the foundations on a new identity proofing standard, whose aim is to be applicable in areas such as the issuance of electronic identity (eID) and Know Your Customer (KYC) processes, with several person types considered: natural person, legal person, and natural person representing a legal person.

One of the objectives of this specification is to provide controls against two main identity proofing threats:

  • Falsified evidence: A person claims an incorrect identity using forged evidence;
  • Identity theft: A person uses valid evidence associated with another person.

Therefore, implementing identity proofing requires a risk-based and outcome-based approach where requirements can be tuned up to a desired level of assurance (i.e. degree of certainty) of the result, depending on the context (e.g. purpose of the identity proofing, regulatory environment, acceptable risk regarding the result of the process).

In this project, my tasks are related to the analysis of technical specification ETSI TS 119 46 so as to investigate what parts of the identity proofing process are already developed and available at Zetes (and therefore could be reused), how the missing parts can be implemented in practice and what are the possible impacts of the implementation on the existing products and solutions.

References

Project

ETSI TS 119 46 (PDF)

Related articles

EAB Research Projects Conference 2022 (EAB conference)
Digital identity wallet (Zetes project)
PKI for identity documents (Zetes project)

Learn more

ETSI - European Telecommunications Standards Institute

PKI for identity documents

PKI for identity documents

|

Zetes project @Brussels, Belgium (2021). A Public Key Infrastructure (PKI) is a set of physical components (e.g. computers and hardware), human procedures (e.g. checks and validation) and software (e.g. system and applications) intended to manage the public keys of the users of a system. The objective is the secure electronic transfer of information for a range of online activities, such as e-commerce and electronic identification (eID).

In the case of electronic identity documents, such as the identity card, a PKI makes it possible to bind public keys to the identity of citizens, whose personal information is not only printed on the identity card, but also stored in the identity card chip. This system not only allows citizens to use their card to identify themselves online (authentication), but also to sign digital documents using a Qualified Electronic Signature (QES).

A PKI can also be used in an international scheme, such as for the verification of passports at country borders. In that case, a country emits passports for its citizens and also puts in place a PKI to allow other countries to check those passports. This means that, when a citizen presents a passport at the border control, the inspection system checks the identity information both printed on the passport and stored in the passport chip.

As a Functional Analyst and Product Owner within Zetes People ID’s development team, my tasks are related to the analysis of PKI software needs, whether internal or from the customer (e.g. requirement gathering and product presentation), PKI software implementation (e.g. software releases and documentation) and project management (e.g. project coordination during change requests).

References

Related article

Identity proofing (Zetes project)

Learn more

Zetes People ID

Languages

Recent articles

Categories

News

Recent (Twitter) & Popular (Reddit)

Search