Digital identity: frontrunners, innovation, and lessons learned

June 11, 2024

Beyond Products

The eIDAS 2.0 regulation establishes a framework for digital identity and authentication, with which it aims to create confidence in electronic interactions and digital services within the EU. But how do we set up such a framework, and, more importantly, how do we create confidence in these new digital services? In this article, we explore digital identity frameworks in Estonia, India, Singapore, and Sweden to glean valuable insights.

Developing DigiD: trial & error

With eIDAS 2.0, European citizens, residents, and businesses will soon have a digital identity that is recognized anywhere in the European Union. Every EU citizen and resident will be able to use a personal digital wallet (the EUDI wallet), with which they can identify themselves or prove personal information. EUDI wallets will be able to store and exchange information provided by governments such as your name, date of birth, and nationality. Digital identity is not a new concept. In the Netherlands, DigiD has been around for about twenty years. In 2008, DigiD became mandatory for all Dutch government organizations that want to make personal data accessible online. In 2010, the government also released eHerkenning, the digital identity system for businesses, and in 2011, it became mandatory for businesses to use this system. In 2017, the DigiD app was released, and a couple months later, users became able to check their passport, driver’s license or identity card with the app – providing organizations more certainty about who logs in. In August 2020, DigiD was officially recognized as a European login method, therefore complying with the eIDAS regulation. Yet, the development of DigiD has not been without problems – and issues still arise. In March 2023, the Algemene Rekenkamer (General Audit Office) published a report on digital identity, arguing that the government is insufficiently prepared for new forms of digital identification. Additionally, it notes that organizations are increasingly opting for stronger and more complex security for both DigiD and eHerkenning, which leads to the risk that it becomes more difficult for citizens to use government services. In the report, the Office calls for more support to citizens that have problems accessing digital services. This call is enforced in a report from the National Ombudsman, who signals issues for legal representatives and people who want to do digital business with the government on behalf of a loved one.

Digital identity worldwide

The goal of eIDAS is to facilitate seamless digital services in the EU for all EU citizens, and create trust in electronic interactions. It therefore becomes even more important to ensure eIDAS is implemented in a good and efficient manner, by taking into account the lessons learned in previous frameworks. One way of doing so is by looking at countries, across the EU and internationally, which have been building their own version of digital identity. What can we learn from these countries and their digital identity systems? In this article, we discuss examples of digital identity frameworks in Estonia, India, Singapore, and Sweden.

Estonia: digital identity driven by motivation, not obligation

“Any nation looking to keep a seat at the digital table will need to embrace the strides Estonia has made with e-identity,” Security Magazine points out. In 2002, Estonia issued its first digital ID card, the so-called eID card. As of 1 January 2017, 96% of Estonians had a valid identity card. The eID provides online access to voting, paying taxes, and viewing health care records, among other government services. With most of the European Union digital signatures being given in Estonia, using the ID card to sign documents digitally alone saves an individual in Estonia at least five business days each year, according to the Baltic state. Why does it work so well? According to Raul Kaidro, a key player in the digital transformation, it was about finding use cases. He says: “We (…) created initiatives that motivate users to use the eID instead of old passcode-based authentication solutions. Therefore, the private sector and especially the banks were the ones who actually drove the whole user experience.” Additionally, Estonia uses an interoperability platform, named X-Road, as national data exchange system. This is the base of digital Estonia as it enables the connections between different organizations and provides for the once-only principle, which means that the government is not supposed to ask for information that it already has, Raul adds in the interview.

India: the world’s largest digital ID program

In 2016, India introduced the Aadhaar card with the establishment of the Unique Identification Authority of India. Aadhaar is a 12-digit unique identification number that is issued to every resident of India. The Aadhaar card contains the biometric details of the cardholder, like fingerprints, iris scans, and photographs, and serves as a valid proof of identity, address, and date of birth. The card enables access to a range of government and non-government services, such as banking, telecommunications, education, and healthcare. Applying for the Aadhaar card is voluntary. However, the card has become mandatory for a range of services such as applying for almost all welfare benefits, opening bank accounts, and filing taxes. Because of this, Aadhaar is now the world’s largest digital ID program with biometric and demographic details of over a billion residents. However, contrary to eIDAS, the system is centralized: a single entity controls identifying credentials. Last year, global rating agency Moody’s Investors Service flagged a range of concerns over the system, questioning the reliability of biometric technology and warning of privacy and security risks. “The system often results in service denials, and the reliability of biometric technologies, especially for manual labourers in hot, humid climates, is questionable,” Moody’s said in its Decentralized Finance and Digital Assets report.

Singapore: increasing productivity with a one-stop solution

Singpass (Singapore Personal Access) is Singapore’s national digital identity system, launched by Singapore’s National Digital Identity (NDI) initiative in 2003.  The NDI initiative is part of Singapore’s Smart Nation program, aiming to increase total factor productivity, improve the lives of Singaporeans, retain local talent, and attract foreign talent. In 2018, the Singpass app was launched, which should be seen as a one-stop solution for government and private sector services online and in person. In the app, users can create login shortcuts to frequently-used government digital services, customize their profile for personal information, and digitally sign electronic documents. Singpass has more than 4.5 million users, covering 97% of Singapore residents aged 15 and above. More than 3.5 million users are on the Singpass app, and Singpass facilitates more than 350 million transactions annually. Singpass is lauded for its robust security measures, combined with the integration of biometric authentication and mobile services. Its success has led countries such as South Korea and Japan to seek guidance from Singapore in setting up digital identity frameworks.

Sweden: enabling the digital identity ecosystem

With an adoption rate of 98%, the Swedish BankID is the largest and most popular electronic identification in the Nordic country. The first digital identity in Sweden was issued in 2003. Seven years later, the mobile-based solution was launched, leading to a rapid change of pace in adoption. BankID is not created by the government: it’s established by the company Finansiell ID-Teknik BID AB which in turn is owned by seven Scandinavian banks. The BankID system allows Swedish citizens to prove their identity with a digital passport or driver’s license, and to conduct various online transactions such as filing taxes, signing contracts, and opening a bank account. In addition to its strong security measures, BankID is praised for its user-friendliness. However, what really has been the key to its success, is the enablement of a digital identity ecosystem, Jonas Brännvall of BankID notes in an interview. “Starting from the banks and then coming to governmental services and the market, we have provided an enabling technology to build a more digital society.”

Getting ahead with digital identity

Motivating users to make the switch to digital identity, implementing strong security measures, improving user experience, or getting the private sector involved: these are all factors that can help implement a digital identity framework successfully – and should therefore be taken into account in the discussions surrounding eIDAS 2.0 and the EUDI wallet. Want to share your thoughts? Join us for an in-depth discussion about eIDAS 2.0 and its implications for governments on Thursday, June 27. To register, click here. This webinar will not only be informative but also interactive. You will be able to engage with the speaker, asking questions, and sharing insights through a live discussion. It’s your chance to delve deeper into the subject and better understand eIDAS 2.0’s impact.