Sessions » Making a success of eIDs

Making a success of eIDs



Knowledge Theatre
Wednesday 27 June


13.40
Introduction

 
13.45
Recommendations for vendors and governments on eID Projects implementation
Sergey Yeliseyev, Business Development Director Government eID, X Infotech, Latvia

Today, many forward-looking countries are continuously investing in eID document projects. Implementation is a complicated, sophisticated and complex subject not only for vendors, but also for governments. How to effectively negotiate with customers and make everything clear, simple and transparent? How to agree on procedures, terms and deadlines in advance, aiming to build a perfect and effective system?

We would like to share our “This Is The House Which Jack Built” approach. Implementing a document system in a country - is like building a house. Let’s see, if country citizens can play the role of your family. Contractors for the project are workers, hired to build the house. The one who goes prime in the project – is the foreman of the worker team. By keeping things simple, let’s work on some useful recommendations which will help us to effectively communicate with governments worldwide. Let’s build a perfect house together.



14.05
Let’s talk about money: Refinancing electronic identity card projects
Klaus Schmeh,Consultant, Cryptovision, Germany

An authority deploying an electronic identity card needs to invest dozens, if not hundreds, of millions of dollars. It is therefore a legitimate question whether these investments can be refinanced in some way other than by charging each owner of an eID document. One possibility is to demand fees from the service providers using the authentication or signature function of a card. Several models of this kind have been proposed, including payment per authentication/signature, payment per registration, and payment per certificate validation – but not all of these work well in practice. As a different refinancing concept, an eID authority can offer card sponsoring to credit card companies and other payment suppliers, in exchange for including a payment function in the card – a concept that is, for instance, applied in Nigeria. Combining an eID card with a payment card provides interesting applications, such as granting discounts based on information stored on the card. Other refinancing models exist in the health and traffic sectors, including the concept of inter-authority charging (e.g. the identity authority may charge the traffic department for storing driving license information). This presentation will introduce the most important eID card refinancing models and cover their pros and cons.
 

  • As deploying an electronic identity card is expensive, it is legitimate to ask whether these investments can be refinanced.
  • One way of refinancing is to charge fees from the services using the authentication or signature function of a card. Several models have been proposed.
  • Other refinancing options include sponsoring by credit card companies, inter-authority charging, and fee-based health applications.

 

14.25
Challenges and best practice examples for complex PKI infrastructures for the issuance and verification of eIDs
Heiko Bihr, Principal, Division Homeland Security, Software Development, secunet, Germany

This presentation will give an overview of the challenges when implementing complex Public Key Infrastructures (PKI) for the issuance, management and checking of electronic identity documents (eIDs).

PKI systems comprise the powerful background infrastructure to create, use and manage digital certificates used to regulate secure and authorised access to eIDs. Issuing and border control authorities worldwide implement these highly secure, certificate-based authentication solutions as a means for reliably checking the authenticity of eIDs, and for preventing manipulation and unauthorised access.

The presentation will focus on use case examples from current European ePassport and eID card projects, addressing requirements for both PKI worlds in the area of eIDs - X.509 PKIs (ICAO PKI, PKIs according to ETSI/eIDAS regulations) for the authentication and verification of eIDs, and the EAC PKI for the protection of fingerprints in eIDs. We will address the most recent requirements for the system design with a focus on increasing security (including CC evaluation with respect to CIMC-PP), enhancing certificate quality as well as improving performance for eID PKI systems.

The presentation will highlight best practice examples from different countries that have implemented a complete PKI system or components thereof, for example Country Signing Certification Authority (CSCA), Country Verifying Certification Authority (CVCA) and Document Verifying Certification Authority (DVCA), National Public Key Directory (N-PKD) as well as Terminal Control Center (TCC).

•    Challenges during the implementation of complex Public Key Infrastructures for eIDs;
•    Use case examples from current European ePassport and eID card projects;
•    Requirements and best practice for X.509 PKIs (ICAO, ETSI/eIDAS regulations) and the EAC PKI. 

 
14.45
Questions and answers


Share this page :
Follow us on :

Title Sponsor


See more

Premier Sponsors


See more

Sponsors


See more

Strategic & Premier Partners


See more

Media Partners


See more

Supporting Associations


See more