sharing best practices for success

Sharing Best Practices for SuccessXavier Fricout, Deputy Board Member, Secure Identity Alliance

World eID Congress, September 2013

2

Introducing the Secure Identity Alliance

• The Secure Identity Alliance is committed to helping public bodies across the world deliver e-government services to citizens through the widespread

adoption of secure e-document technologies.

• Founded in March 2013 by leading eDocument and eService Companies

• Members at date:

World eID Congress 2013

3

Its Objectives

Accelerate the transition to smart eDocuments to support an open, interoperable and efficient roll-out of eGovernment online services by:

Describe and promote use cases of convenient value-added eGovernment services

Share experiences and best practices between industry and governments modernizing their services, in particular towards ensuring the privacy of end-users’ personal information

Promote standardization of relevant and appropriate industry specifications Make recommendations on the most up-to-date means to properly address

the governments identity and privacy challenges• eDocument hardware, software and secure printing technologies, materials and physical security

expertise • Deliver the level of confidence and assurance needed for the rapid adoption of eServices that can

be trusted by citizens

Provide consistent reference information on security, identity and privacy challenges in a transparent manner

World eID Congress 2013

In short, the Secure Identity Alliance offers a trusted partner for governments when defining their eDocument strategies and implementing associated

eGovernment services.

4

Its Workgroups

World eID Congress 2013

5

Best Practices in eDocument Security Workgroup

It’s about defining the best solution based on the factors that need to be considered of:

Usages and environment / convenience, privacy, durabilityBest practice in security measures and featuresReal threats towards defending security measures and

featuresAppropriate international standards and regulationsService levels and customer serviceLogisticsOverall cost of the solution

World eID Congress 2013

6

@

Environmental factors – Big data

World eID Congress 2013

Cell phone N°AddressInterestsPurchase history

Health StatusBlood groupInsuranceAddress

Tax statusSocial securityBirthdayBirthplaceGenderNationality

Credit ratingIncomeAddressTravel habitsWork details

7

Environmental factors – Standards & Regulation

“an online environment where individuals and organizations will be able to trust each other because they follow agreed upon standards to obtain and authenticate their digital identities.” NSTIC

Regulations

NSTIC in the US (National Program Office of the National Strategy for Trusted Identities in Cyberspace)

e-IDAS in Europe (regulation on eIdentification, eAuthentication and eSignatures and Trusted Services)

National specific initiatives: Sweden, Estonia, etc.

Standards: CEN, ETSI, ICAO, ISO, GixelIN and others

Initiatives : GSMA Mobile ID

World eID Congress 2013

8

The Security Awareness Model

Introducing

World eID Congress 2013

9

Data, material flow & support services during life time secure credential

World eID Congress 2013

Document delivery

Document usage

Design documentSecurity Optical

Procurementmaterials

Manufacturingblank document

Secure environment Controlled varieties

Transportblank document

DATAFLOW

EntitlementPost

issuance mngt

Data preparation

SUPPORT PROCESS

IT security

Reject/waste handling(remake process)

Enrolment

PersonalizationDocument/

Document IssuanceBiographical data protection

Logical Security

MATER

IAL FLO

W

Treatment Materials and

Blanks

Facility Security

10

The Secure Awareness Model

Based on real world expertise, experience and best practice

Based on use casesUse of historical dataVisionary level of future state

developmentWill incorporate self assessment

scheme for end users to define their current development status.

Will provide users a report to define their next steps in improving their solution

Will incorporate anonymous reports to provide position in region / world

SIA Maturity Index Creation eg. Wasada University Model

World eID Congress 2013

Waseda Model

11

What makes the model unique

SIA is a global organization

SIA covers the full lifecycle of secure documents including physical and logical security

SIA is an expert through its collective heritage and expertise

SIA is a trusted partner: making recommendations for the interest of governments and citizens/ non profit

Timeline: first draft of the model available at cartes’13

World eID Congress 2013

12

Interested to participate?

Government agencies interested in participating in the model first draft can contact the Secure Documents Workgroup Chairman:

Neil Rudeforth at neil.rudeforth@secureidentityalliance.org

Actors of the Secure Identity interested to join the Alliance can contact the Secretary General or the Marketing & Communication Consultant:

Jean-Claude Perrin at jean-claude.perrin@secureidentityalliance.org

Stéphanie de Labriolle at stephanie.delabriolle@secureidentityalliance.org

World eID Congress 2013

www.secureidentityalliance.orgXavier Fricout, Deputy Board Member, Secure Identity – xavier.fricout@secureidentityalliance.org

Thank You