MIA - My Identity App

Merging video identification with mobile identity solutions to replicate mobile money's success in the field of identity management

An analysis of this challenge’s central problem reveals that the desired registration and identification solution shall:

• imply limited direct and indirect costs
• rely on a simple procedure
• avoid the necessity of long-distance travelling

OeSD’s solution relies on a combination and replication of five proven success-stories:

• Bosnia’s central civil register
• OeSD’s video identification service for the banking sector
• India’s registration system which allows enrolments based on an introducer’s testimony
• The mobile money revolution
• Liberia’s mobile banking identity “LUCIA”

We focus on an approach to register the largest possible number of citizens as well as a method that allows newly registered persons to use their legal identity in their daily lives.

According to our solution, registration is mainly done via a video call. During this video call, introducers, whose main task is to verify an unregistered person’s identity data, are securely identified by trained agents. Subsequently, both, the introducer and the person to be registered position themselves, in front of the camera. The agent takes a picture of the unregistered person, which is matched against a database for the purpose of deduplication. As soon as the verified data are (automatically) forwarded to the electronic civil register the new legal identity is established. Finally, the agent sends the now registered person a registration QR code via e-mail.

For the registration of infants OeSD’s concept contains an additional method. Their birth is very recent, which is why certain “trusted persons” (e.g. doctors or village leaders) shall be able to gather personal data of the infant and the child’s parents with a dedicated registration app. This app automatically forwards the data to the civil register. As soon as this simplified registration procedure is completed, the system transmits a registration QR code to the child’s parents.

In both cases, the QR code itself does not contain any identity information. It is rather a key to the newly registered person’s identity.

If the person in question has a mobile phone (smartphones and feature phones are supported), the QR code serves as an enrolment token to onboard with “MIA”, OeSD’s mobile phone-based identity solution. Once this is done, the mobile device can be used to generate one-time-tokens. If citizens transfer such a token to a verifier (i.e. an entity that wants to verify a citizen’s identity) the system’s underlying backend downloads the requested identity data including a picture in real time from the central register and provides them to the verifier enabling a reliable person identification. An explicit approval step as wells as a timeline function ensure citizens’ privacy and data control.

If the person in question does not have a mobile phone, they can transfer a printed version of the static registration QR code to the verifier, which again triggers a real time identity data transfer from the civil register to the verifier. For security reasons, OeSD suggests limiting the applicability of this paper-based approach to selected use-cases (e.g. identification at schools, hospitals or to buy a mobile phone).

The solution is based on an innovative way of combining existing and therefore well-proven solutions. This gives security as the solution's individual components have already proven to be successful. By combining these individually successful approaches we will be able to replicate and transfer existing success stories to the field of identity management.

1) The identity solution as such is based on tokens which do not contain any personal information - they are rather the key to a person's identity.

2) Every identity verification procedure includes an approval step. 

2a) Before a citizen approves to a data transfer, the system clearly informs about who the verifier is and which identity attributes are about to be transferred.

2b) Only upon the citizen's approval will the system release the citizen's identity data to the veriifer.

3) The solution supports certain use-cases. By default only the amount of personal data that is required for a particular use case is transferred.

4.) A dedicated timeline funtion allows the user to keep the transfer of identity data under control. 

The solution enables reliable identity verifications in the physical and the digital world. 

For online authentications we promote the use of biometric factors whenever possible. Inthis context we follow the FIDO protocol. If the device does not support biometric factors, a password applies.

In any case, data are only transferred upon the citizen's explicit approval.

To enable an easy integration of third-party systems, OeSD provides adequate SDKs.

The solution allows an identification of citizens in the physical as well as in the virtual world. Particularly in the latter case OeSD leverages biometric factors to enable reliable identity verifications online.

Since the solution is based on open standards (e.g. OpenID Connect or FIDO) it is easy to integrate relying parties into our identity ecosystem.

From a user perspective, the procedures for identification in the physical world and in the virtual world are very similar: 1) generate a token, 2) transfer token, 3) approve of data transfer 4) authenticate biometrically.

The solution is based on open standards (e.g. OpenID Connect or FIDO) which contributes to the system's interoperability and to the prevention of vendor lock-in.

By providing SDKs for third-party service providers, we make it very easy, to integrate MIA into different systems.

The system is characterized by intutitve standard workflows comprising 3-4 steps which apply to identity verifications in the physical and the virtual world.

If a smartphone is used, a clear symbol is assigned to every button. Furthermore, it is possible to have the buttons' functions read aloud. 

The smartphone-based approach also enables identity verifications in an offline environment (not however the feature phone approach).

Digital identity solutions are the future for contries of different development stages. They increase security and user convenience. Furthemrore, they are a necessary answer to the continuous shift of transactions to the virtual world thus preparing the ground for prosperous digital economies.

Most importantly we need to ensure that different solutions are interoperable to allow people in different jurisdictions to comprehensively benefit from their respective solution.

Mainly governmental organizations (including central banks) and private banks.

Our company employs highly-skilled IT engineers with the necessary technological expertise for digital identity management systems. After recruiting from different IT areas, these engineers undergo specific in-house training and education measures to improve their skills regarding digital identities.

OeSD's preferred revenue model is based on a per-user fee. However, we are also open to different models including the payment of a lump sum which allows the use of our solution in a particular country irrespective of the number of users. In the latter case, a maintenance contract can be concluded to be entitled to updates and support.

Additionally, OeSD is willing to cooperate with its clients as business partners: this includes options to offer "identification as a service" to relying parties as well as the joint replication of a well-funtioning system in a different country.

The solution's source code will not be made (publicly or in other ways) available.

First of all we think that our solution can significantly increase the world's "invisible billion's" chances to improve their socio-economic situation.

Furthermore, the solution will be of value to whole societies of all development stages. 

A formal approval of our solution by the World Bank's experts would increase our chances to attract these markets' attention. 

The establishment of digital identity solutions represents a drastic paradigm shift. So far governments are reluctant to take the first step, even though they know that there is a need for digital identity solutions.

As a rule, the topic "digital identities" is the responsibility of different government bodies (Ministry of the Interior, Ministry of Communication and IT, Prime Minister's Office). It is a difficult task to reconcile different actors.