The digital wallet is grabbing people’s attention thanks to the many possibilities it offers and the new uses it promises. However, its full potential is only realised when used in conjunction with an electronic identity card. How do these features work together to provide citizens with a more secure and user-friendly digital and physical world? Gregory Kuhlmey, digital identity programme manager at Idemia, gives us some answers.
To create an electronic wallet, all you need to do is access the chip on your electronic identity card (eID). How does this work in practice?
Gregory Kuhlmey: In the first scenario, an optical scan retrieves the Card Access Number (CAN), which protects access to the chip from unauthorised remote reading. You then use your NFC-enabled smartphone to read the information on the eID’s chip. Then the user’s PIN is requested to retrieve the data stored on the chip. You therefore have trusted data stored on the chip and two authentication factors with the PIN and the chip, which is protected against cloning.
If you don’t have an NFC-compatible phone, you need to opt for the second scenario, where you go to the town hall. The staff there carry out a face-to-face check. They have the necessary equipment to read the chip and check the PIN on the card.
No biometrics at this stage?
Gregory Kuhlmey: In France, the use of biometrics can sometimes be a little controversial, so we went with the PIN option. We could have gone down other routes, using biometrics or reinforcing the PIN with facial biometric verification, as a signed reference image is stored on the chip. The integrity and authenticity of this reference image is therefore known and could even be used for initial validation.
Such a shame for Idemia, given you provide facial recognition solutions.
Gregory Kuhlmey: Yes, not only are our biometric solutions world-leading on criteria such as accuracy, but they also have algorithms that are unbiased – and proven to be so – regardless of a person’s ethnicity, gender or age. In France, biometrics are not currently being used, although they may be in other European countries.
Are these the only interactions between the eID and digital wallet?
Gregory Kuhlmey: It depends on the level of assurance you want for your transactions. The Architecture Reference Framework (ARF) is the European Commission document that defines the technical framework and standards to be implemented. The latest version of the ARF, published in February, defines two wallet configurations. One is mandatory and provides the highest level of security. The other is more flexible and should focus on usability. What is certain is that, for transactions requiring the highest level of security, the chip on the eID will once again be used.
Can you give us an example of a transaction involving these different levels of security?
Gregory Kuhlmey: Ah! That’s not easy! As cyber risks increase, higher levels of security are more likely to be used. For the time being, the proposed regulations stipulate that the wallet could also be used in regulated sectors, such as banking or energy. By using the wallet in combination with other risk engines, it is possible to be more flexible in terms of the authentication itself. The private sector could choose configurations that prioritise usability. However, the government will be pushing users towards maximum security.
Which presumably means you need to have your eID with you as well as your wallet.
Gregory Kuhlmey: Exactly. For the highest level of security, you have to re-authenticate, using the eID as the authentication factor associated with the wallet. This connects your identity card to the entire online ecosystem. The wallet works hand in hand with the electronic identity card, because to provide the highest level of assurance, you need to rely on a secure element hardware chip.
It is conceivable that, in a few years’ time, secure elements in mobile phones will be more open and powerful, and we could then load government applets onto the phone and operate the wallet independently. But we’re not there yet, even though there is a wide range of NFC phones compatible with the eID.
Unlike other countries, such as Germany, this type of usage is not yet widespread in France. Why is that?
Gregory Kuhlmey: The real success story is Estonia, the jewel in Europe’s digital crown using Idemia identity cards. Germany rolled out its smart ID card more than ten years ago, so they’ve had time to equip the population and develop compatible applications. France began rolling out its eID two years ago, but not everyone has one yet. The French National Agency for Secure Documents (ANTS) is also working on the France Digital Identity (FIN) project, with the aim of building the mobile application that will use the chip’s features.
With Apple and Android wallets, Idemia wallets, and others, how will people keep track of everything? What compatibility problems will there be between these solutions and the eID?
Gregory Kuhlmey: In France, the FIN application should include wallet functions, because the same team at ANTS is working on both projects. The real hope is that there will be a single ANTS application that both manages FIN for interfacing with FranceConnect and implements the wallet functionality for European transactions or according to the standard wallet formats.
Then there are the other wallets…
Gregory Kuhlmey: In the United States, the wallet leaders are offering digital identity solutions in addition to other digital services such as payment cards, boarding passes, and loyalty cards. This allows people to use their mobile phones to present their ID to access a number of services, including travel.
For example, citizens in the US are now able to present their mobile driver’s license to travel domestically. In the EU, the wallets are still in discussion to support the ecosystem initiative.
Apple and Google are US companies, of course.
Gregory Kuhlmey: Yes, but the situation is different in Europe. The Wallet providers will need to comply with the European requirements. Wallets can coexist with national wallets and may be used to feed sector-specific use cases such as health, education and travel.
Does this not defeat the whole point of the wallet, which is to have all your documents in a single container?
Gregory Kuhlmey: Solving all the problems at once just isn’t possible. The national wallet is designed to be a benchmark, highly secure, sacrificing a few usability features: you have to tap the card against the phone and use the PIN.
Having a Swiss Army Knife wallet may seem like the ideal solution, but sometimes it’s better to have the right tool for the right job. Having a separate knife and fork is more practical for eating than having a knife and fork on the same Swiss Army Knife.
People can also use the eID to log on to websites that use FranceConnect. This is the first step, but what comes next?
Gregory Kuhlmey: Logging on using FranceConnect is the eID’s first application, ahead of the wallet. The eID and FIN app will function as an identity provider with the highest level of security. FranceConnect works primarily with government websites, but is now looking to expand to the private sector. The private sector will be able to choose between the FIN exchange protocol and the wallet format.
FranceConnect almost provides a digital identity. But La Poste is also offering its Digital ID system.
Gregory Kuhlmey: La Poste is an identity provider that is connected to FranceConnect. The ANTS application will be an identity provider in the same way as La Poste, the tax authorities and Ameli are. FIN will be an additional solution, one with a high level of security, whereas La Poste currently only has a substantial level. The advantage of the FIN application is that it means the identity card is connected. It can be used online, making it a way of authenticating and sharing attributes such as age.
As the threat evolves, so must the shield. Has any thought been given to upgrading the security of the eID and its associated applications?
With NFC-enabled phones, you can already have a secure digital identity, using a certified smart card as the trust anchor. The solution has been audited and analysed from a security perspective. So, we can rest assured that this element, which provides the trust anchor for our current and future digital identities, is secure. Rather than relying on an untested chip in any phone, we’re relying on an element that the National Cybersecurity Agency of France (ANSSI) has certified: we’re on solid ground.
What future developments are in store for wallets?
Gregory Kuhlmey: The EU has launched a number of large-scale pilots. The European Commission has selected four consortia to test the use of the wallet on end-to-end use cases. These pilots will provide input to the drafting of standards and regulations, with rapid feedback from the field on usability and usage. Is it compatible with enough phones? Can users create their own wallet?
For example, we’re going to try opening an online bank account with a wallet. Do banking regulations allow this? Do they take digital identity into account? We need to compare how the wallet is used with the reality in the field. IDEMIA is part of POTENTIAL, one of the consortia led by France. We start work on 1 June.