1 / 22

European Electronic Identity Practices

This document outlines the current status and infrastructure of the electronic identity (eID) system in Belgium as of May 25, 2005. It details the responsibilities of Certipost as a joint-venture CA between National Post and National PTT, and provides insights into legislative frameworks surrounding eID, including the related EU regulations. Key features of the eID card, its functionalities, user data, costs, and plans for widespread adoption are discussed. The anticipated number of cardholders and future goals are also highlighted, demonstrating Belgium's commitment to digital identity services.

pierce
Download Presentation

European Electronic Identity Practices

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. European Electronic Identity Practices Country Update of Belgium Speaker: Maes F. Date: 25 May 2005

  2. CA organisation • Responsible CA organisation: Certipost • The background of the organisation (private/public): 50/50 (Joint-venture National Post & National PTT) • Description of the existing CAinfrastructure (e.g. registration authority, card factory etc):

  3. Status of National legislation on eID • Are eID specific regulations enacted and in place? Yes (EU DigSig law + eID Legislation) • Name and date of the regulation(s): • Main elements of the regulatory system regarding: • Official Ref Certificate Practice Statement @ ”status.eid.belgium.be”

  4. Status of National deployment of eID • Name of the project: BELPIC • Plans, piloting or implementation? Full roll-out to all citizens > 12years • Is the card obligatory? Yes • Starting date of issuance: Sept 27th 2004

  5. Status of National deployment of eID • Envisioned total number of cardholders:8.5 Mi (excl foreigners) • Number of cards/certificates issued by 23-05-2005: 584.573 (1.169.146 certs) • Number of inhabitants: 10.3 Mi • Yearly growth rate (percentage): • Expected number of cards/eID certs by end of 2009: 8 Mi cards/ 16 Mi certs

  6. Status of national deployment of eID • Basic functionalities of the eID card:- official ID document: Yes - European travel document: Yes - support of on-line access to e-Services: Yes • Validity period of the card/certificates: 5 years

  7. Status of national deployment of eID • Price in Euros of the cards:- for the citizen: €10,00 + Local Tax- for the card issuer: €10,00- price for the card reader and software: €20,00- any additonal costs for the user/relying party:None • From whom and how may the citizen obtain the end/user packages Pc suppliers

  8. Basic ID function • What cardholder data is electronically stored in the card: - national identifier- family name, given name - sex - date of birth - nationality - Address- Photograph

  9. Basic ID function • Are these data elements in a dedicated data file? Yes - Is the file ’openly accessible’? Yes - If not, how is the file protected? PIN or Biometrics - Does the data file comply with the ICAO LDS?No • Is the personal data (also) held in a certificate? Yes (RRn Number + Last & first name)

  10. Basic Authentication function • What Cardholder Verification mechanism is used: - PIN? Yes - Biometrics? Not yet (only the photograph file exist)- If Yes, what biometrics? Will be in line with ICAO- If No, is introduction of biometrics envisioned? Yes • Is there a PKI supported cardholder authentication mechanism? Yes, X509 V3 based • Is there a mutual device authentication mechanism? Yes

  11. Basic Signing function • Is a PKI supported signing mechanism (certificate and keypair) present for e-transaction services (non –repudiation)?Yes, equivalent to handwritten signature

  12. eID based services • What kind of services (include examples) are accessible to cardholders based on acceptance of the cards / eID Certificates: Tax on web, My Data, e-registered letter, ... • Total number of eID based services accessible by cardholders by 31.10.2004: Inventory being made • Goal (in numbers/ percentage) of eID based services to be accessible to cardholders by the end of 2007: Initiatives popping up all over the place

  13. eAuthentication Business models; financial • What are the Charging/Revenue mechanisms? OCSP on SLA basis • What charges are levied for use of the card? Case-by-case • Is there a charge for checking certificates and if so who pays forthis? Only for businesses • Has a cost benefit analysis been compiled for the eID scheme? Ifyes what are the main conclusions? No

  14. eAuthentication Business models; public/private partnership • Are non government bodies allowed to use the IAS or other card functions in support of their services? • Is the card a multi-application smart card? Yes/No • If No, are there any plans for this and in what timeframe? • If Yes, what percentage of the deployed card base is multi-application smart card enabled? 99% • If Yes, are additional services (other than core IAS) loaded pre-issue or post issue or both? Not decided yet

  15. eAuthentication Business models; public/private partnership • What is the level of usage of supported services (number of transactions per card per year)? • What is the approach to and experience with card branding?- folders and radio spots

  16. eAuthentication Business models; cross border usage • Are there agreements with other national smart card issuers for mutual recognition of cards? (Status of Memorandum of Understanding (MOU) with other CAs) • If Yes, what countries are concerned and when was agreement made? • If Yes, what is the current level of usage (average number ofcross-border transactions per card used cross-border per year foreachof the countries and services concerned)?

  17. Other Interoperability issues • What is the level of Current Compliance with each of the following international standards or group activities (Full/Planned/None): • CWA eAuthentication (under development): • CWA 14890 Secure Signature creation device: • CEN 224 –15 European Citizen Card (under development): • ISO/IEC JTC1 SC 37 biometric standards: • ISO/IEC JTC1 SC 17 IS 24727 (under developmment): • ICAO recommendations: • If none or planned, what is the respective target date for compliance?

  18. Current use and plansin Biometrics (if applicable) • Technical solution(s): • Signature, Fingerprint, Face Recognition, Hand Geometry • Iris, Retina, Voice Recognition • Type of project(s): • Evaluation, Pilot for Trial, Working application • Application areas: • Border Control, Immigration • Driver License, National ID, Healthcare, Voter registration • VPN • Physical access • Computer logon • Local government services (please specify)

  19. Next plans • Complete the roll-out • Card applet version 2 • Implementation of Biometrics

  20. Lessons learned so far • Communication to the citizen • Availability of card readers • Folow-up technical evolution • Consolidate of the Now-how

  21. Porvoo Group cooperation issues • List of issues to be overcome and recommended Porvoo Group members actions that would support accelerated deployments: Complete and clear info to all citizens, young and oldMandatoy cardCard reader for citizen & police forces/border control

  22. More information • Web-pages for the project/eID issues:www.eid.belgium.be • email: frank.maes@rrn.fgov.be Thank You!

More Related