Based on my recent activities in Africa, I have updated my proposed national citizen digital identity strategy to include:
* Benchmark it against Estonia
* Include overview of the number of different RFP's required and show how they can be combined with local and off-shore suppliers
* Compare against what the World Bank's ID4D study recommends
2. Improving Your Economy
• You want to increase GDP per capita, reduce unemployment and be an
African leader in creating an innovative economy
• The attached proposal uses a similarly sized country, Estonia, that has
done this in Europe:
– - In 1987 Estonia’s GDP per capita was about $2,000
• In 2015:
– - GDP per capita is $26,355.4 as compared to your country’s?
– - Unemployment is 6.984% as compared to your country’s?
– - Ranks #15 for ease of doing business as compared to your country’s?
– - Ranks #9 in the Index of Economic Freedom as compared to your
country’s?
• How did they do this?
3. They Leveraged the Internet
• Over 2,000 e-services ranging from e-prescriptions, e-tax, i-voting, e-
health care, e-school to seamless interactions with local banks and
telephone companies
4. They Leveraged the Internet
• More than 245 million digital
signatures have been made, with
more than 1 million active identity
cards and more than 384 million
electronic authentications
5. Their Current Plans…
• Over the next decade, they see the
population virtually growing from 1.3 million
to 10 million by creating “e-residents”
• Their strategy is to enable people outside of
Estonia to make investments in Estonia,
create new businesses there and use the
bridge as a way to commerce in the
European Union
6. They Did This By Creating:
• High level framework
• Principles
• Legal framework
• X-Road
• e-Identity (e-ID)
• Senior government leadership
• E-Residency
8. • At the heart of the Estonian model is a very simple
concept: one citizen-one identity
• When the Estonians were designing their systems in
the late 1990’s and early 2000’s they adopted the same
principle that large Fortune 500 companies were using
– a common unique identifier for every customer,
employee and contractor
• This allowed them to streamline their online and in-
person services
• It also allowed citizen identity lifecycle “triggers” to
then be instantly sent to various government systems
e.g. name change, address changes and death
One Citizen – One Identity
10. Birth
Name Change
Gender Change
Death
Address Change
Tel. Number Change
Parent/Guardian Change
Marriage
Divorce
Authoritative Source
Authoritative Source
Authoritative Source
Authoritative Source
Authoritative Source
Authoritative Source
Authoritative Source
Authoritative Source
Authoritative Source
Business
Processes
Business
Processes
Business
Processes
Business
Processes
Business
Processes
Business
Processes
Business
Processes
Business
Processes
Business
Processes
Citizen
Tombstone
Identity
Directory
National Citizen Identity Lifecycle
11. • One identity per citizen
• Any changes to the identity are then shared
with other apps/services consuming them
– One place for a citizen to change things like
addresses and phone numbers
– Citizens don’t have to fill in the same information
over and over in forms for different apps/services
• Same identity used for access management
Single Citizen Identity
13. Single
Citizen
Identity
Citizen
Accesses via their phone or the internet
Government Portal
Ministry
Apps/Services
Ministry
Apps/Services
Ministry
Apps/Services
Municipalities
Apps/Services
3rd Party
Apps/Services
Crown Corp.
Apps/Services
Citizen Identity Access Management System
All Apps/Services Leverage the Same
Access Management System
14. • A small percentage of your citizens have internet
accesss
• HOWEVER there is a high cell phone penetration
rate
• The proposal seeks to leverage the cell phone and
provide a seamless citizen user experience when
they gain access to a smart phone
• The proposal leverages voice authentication
• Where more sensitive apps or services are
accessed, a 4 digit pin will also have to be entered
Leverage What Citizens Have Today…
15. • Like payments
– Your citizens have to pay for things like
car/motorcycle registration, license renewals,
taxes, paying fines, paying for water and power
bills, etc.
– If citizens could use their cell using things like e-
wallets to pay for these and not have to go into a
government office…THEY WOULD LIKELY BE VERY
INTERESTED
Re-Engineer Government Services
17. • Register infants, obtain a biometric footprint and give
them an electronic identity which is tied to their
parents/guardians identities in the central citizen
national directory
• When the child’s first day of school, obtain digital
fingerprints, voice scan and face scan (Iris TBD)
• Each subsequent first day of school year, update face
and voice scan
• If there is a change to the parent/guardian of a child,
this will be fed automatically from the authoritative
source to the central citizen identity directory
Citizen Identity Lifecycle–
It Starts With Birth
18. • All authoritative sources for birth, name change,
parent/guardian status, marriage, divorce, gender change
and death are tied to the national citizen identity system
via API’s which in turn feed the national citizen identity
directory
• When a adult applies for things like an national ID card,
passport, driver’s license, health care, social security
program, etc., their identity is validated by providing
several biometrics which are then matched against the
national citizen identity directory
• Assuming the match is positive, the citizen’s tombstone
level identity information automatically flows from the
national citizen identity directory through secure API’s to
the ministry application/service
Adults Applying For Various Identity Cards
19. • At regular intervals (e.g. every 5 or so years), all citizens
must update their face and voice prints at a government
office
– This could be done for things like driver’s licenses and national
ID card updates
• For all those citizens who are already adults, then a
grandfather process will be designed to register them
and/or update their biometrics
– This will include business processes including things like police
checks and, electronic verification of birth, marriage, name
change documents against the national citizen identity directory
– As well, all identities will be searched against the death registry
to ensure the person is not masquerading as a person who is
dead
Updating Biometrics &
Grandfathering in Existing Adults
20. • When a person dies, the authoritative source for
recording deaths will then automatically update
the citizen’s entry in the national citizen directory
via API’s tied to the national citizen identity
provisioning system.
– The national citizen identity system will then
automatically notify all ministry apps/services via the
national citizen identity provisioning service and
secure API’s.
– All ministry apps and services will now be updated
and program delivery stopped or adjusted
When A Citizen Dies
21. • When cards like the national ID card are created they will
have the following functions:
– Ability to store a 4 digit pin
• This pin will be something the citizen knows. If the card is swiped
against a card reader, the pin will be checked against the national
citizen identity authentication infrastructure.
– If the authentication is successful, on the service counter screen will appear a
picture of the person
» This must match the person who has presented the card and pin
• As well, a voice authentication can also be taken at the counter and
authenticated against the national citizen identity system
– If successful, the government counter person has a high degree of assurance
the identity is whom they claim to be
• These are practical risk mitigation measures against people who
are trying to masquerade as someone else to the government as
well as to municipalities, banks, telcos, etc.
Re-thinking the National ID Card
22. – Ability to store a digital certificate which is
protected by another 4-digit pin
• When the citizen wants to sign a legal document, they
will swipe their card against a reader and enter their 4
digit pin as above
• If successful, they will then enter a second 4 digit pin.
This pin will also be verified by the PKI infrastructure
associated with the national citizen identity system
• Assuming the pin is valid, then a digital
signature is now used for the legal transaction
Leveraging The National ID Card
For Digital Signatures
23. • As the new emerging US National of Institute’s
Standards (NIST) derived credentials are released,
the government will then slowly implement these
– This will allow for things like physical National ID cards
and driver’s licenses to be electronically installed on
citizen’s smartphones.
– When a citizen loses their phone, the citizen will
simply call a toll free service and report their phone
lost.
• The associated derived credentials on them will also be
inactivated
Create Electronic Copies of Physical Cards
Like National ID, Driver’s License, etc.
24. • This was done by doing many things in parallel
to the national citizen identity strategy
• Provided internet to all schools
• Then they created “e-school”
• Began to teach children how to code
• They encouraged start-up software companies
– Skype is but one example of a company that
began in Estonia
Estonia Raised Their GDP Per Capita
25. Education
• In the last decade, Estonia has ranked in the top twenty in the world in
the domains of reading, mathematics and science as determined by the
Programme for International Student Assessment (PISA).
• More impressively, Estonia has the lowest proportion of low-achievers
of PISA participating countries.
• More than a third of Estonian students from low socioeconomic
backgrounds are among the best performers on PISA.
• Reference: http://www.ncee.org/2014/04/global-perspectives-e-
stonia-how-estonias-investment-in-it-skills-impacted-improvements-in-
the-economy/
26. Students Can Log On At School Using
Their Voice
Single
Citizen
Identity
Citizen
Accesses via their phone or the internet
Government Portal
E-School
Citizen Identity Access Management System
27. • Citizens will be able to call a toll free number
for health care
– They will authenticate using their voice and then
give their permission for a health care worker to
view their health record and then assist them
• SMS vaccination messages will be sent to
parents/guardians of young children
• All health care records will use the same
identity
Leverage the Same Infrastructure for
Health Care
28. Leverage Identity With Health
Single
Citizen
Identity
Citizen
Accesses via their phone or the internet
Government Portal
E-Health
Citizen Identity Access Management System
Citizens able to call a
toll-free health care
number
31. How To Do This?
• I have led, as well as have rescued, many large
Fortune 500 identity projects (including Boeing
and Capital One) and recently was the identity
architect for the Government of Alberta’s digital
citizen identity and authentication project
• I break down large complex projects into crawl,
walk and run phases
• I also leverage wherever possible existing
knowledge, experience and technology
32. Pre-Phase I - Discovery
• Estimated time: 6-10 weeks
• Bring me in to do the first discovery
• I would work with a number of local analysts
• Deliverables:
– Documentation of existing identity workflows and data
structure used for identities today in major government
systems
– Review of current governance/legal framework
– Review of how payments are made today by citizens to the
government
– High level review of existing infrastructure
– Estimates for first phase budget costs and resource
requirements
– Determine who can fund the next phase
33. Crawling
• Estimated time: 6 months
• Deliverables:
– Detailed gap analysis for the following areas:
• Governance
• Architecture
• Identity
• Infrastructure
• Services and Service/Application integration
• Cyber security
• Training/Maintenance
– Numerous RFP preparations to cover the many different
components this program entails
– Detailed proposed implementation plans for the next two
phases
– Budget and resource requirements
34. Team
• The team would include:
– A number of different subject matter experts (SME’s) covering
areas such as:
• Governance
• Identity and access management
• Voice authentication
• Network/High Availability
• Interactive voice response
• Payment portals
• Cyber security
• Health
• Education
– e-Governance Academy Foundation from Estonia
– I want to ensure that there are a number of local national
SME’s as part of the gap analysis to begin knowledge transfer
35. Addressing Security
• Imagine it’s a few years down the road and your country has 1,000 or more
citizen e-services online, similar to what Estonia has
• At that point, the country becomes a prime target for an attack. This is what
happened in Estonia in April-May 2007
• It is totally possible malware could be introduced into the code such that
organized crime could demand a ransom or bring down the services
• It is also possible to create a denial of service attack to do so
• To mitigate against this risk, as part of the crawling phase, we would bring in
folks from Estonia as well as the Nato Cooperative Cyber Security Defence
Centre of Excellence, which is located in Estonia
• Design would then use current best practices
• These systems must be up and available 24x7x365 and have high levels of code
security and mitigation measures for a denial of service attack.
36. Numerous RFP’s Required
• There is no one company that can supply all the different components
• Therefore numerous RFP’s are required:
– Open source identity and access management software, design and implementation
– Contract to assemble a set of test voice prints
– Voice authentication RFP with vendor bake-off using the test voice prints
– Open source interactive voice response software, design and implementation
– Open source payment portal design and implementation
– Back-end payment processing contract for credit, debit and cell phone e-wallet payments
– Contract for Estonia e-government advisory
– Contract for malware and denial of service attack best practice design and implementation
– Contract for high availability design and implementation
– Contract for 3rd party penetration testing
– Contract for open source health care software design and implementation
– Contract for open source education management design and implementation
37. Walking Phase
• Estimated time: 2 years
• Deliverables:
• Implement laws and acts as defined by the gap analysis
and the infrastructure, security and support, etc.
• Citizens will be able to use their cell phones to call into a
government number authenticate using their voice and be
able to pay bills using their voice, via the cell phone e-
wallet, SMS bank account or debit/credit card
• Citizens will also be able to interact with government
services via their cell phone and SMS
• Implement the legal framework gap requirements
• Mesh the infrastructure with new highly available data
centres.
38. Speed Up the Process
• I am proposing your government license from the
Government of Alberta, the intellectual property
for the citizen payment portal and the identity
and authentication system as a starting point
• This will cut down implementation times by a
year
• Then modify it for the use of voice and interactive
voice response with the payment portal
• Note: New Zealand uses voice authentication for
their call centres
39. Running Phase
• Estimated time: 2 years
• Deliverables:
– Implementation of the required governance,
infrastructure, security, support etc. as defined by the
gap analysis to enable introduction and use of the
digital e-National ID Card
– Citizens will be able to digitally sign documents and
begin to access services similar to those offered by the
Estonian government today to its citizens
– Create a National e-Governance Academy Foundation
40. Your People Run the System
• Goals are:
– To have all people who are running the system to be
your country’s national folks
– Your government create their own e-government
foundation academy which can then sell their
knowledge across Africa
• To do this, it means your country has to “walk the
talk” in all aspects of the project
41. Use Me As A Trusted Advisor
• Using all my experience I will:
– Guide the program in the early days to determine all the gaps,
prepare RFP’s and help assemble the various teams required
• Pair me up with Program and Project Managers
– I want to ensure that we successfully implement the program
and various sub-projects
– Therefore, I will help select these people and then train them
to design, implement and then sustain the infrastructure
• I will work with the Government to ensure that RFP’s go to
combined national and other countries experts to build up
local expertise as and where required
• I have a successful track record in integrating complex
systems with numerous vendors
42. In about 5 years…
• Your could be the first in Africa to transform itself
digitally
• GDP per capita would rise, employment would
increase and the way of life for most citizens
would positively change in how they conduct
business and interact with the government
43. Summary
• Your country could
become the Estonia of
Africa - a small
innovative nation that
leveraged the digital
world to rethink itself
• Please contact me:
– 1-604-861-6804
– guy@hvl.net
– www.hvl.net
45. Senior Government Leadership
• Implementing such a radical change in society
requires the most senior government officials to
guide the project
• In Estonia, both the President and Prime Minister
were actively involved in all stages of the project
• This involved shepherding significant change
through their bureaucracies and also keeping a
steady hand when the infrastructure came under
a massive denial of service attack in 2007.
• Work began in 1992
46. World Bank ID4D Study
• Recently the World Bank released a study
“Identification for Development (ID4D)
Integration Approach Study”
• It recommends that countries implement
national citizen identity strategies using a
integration model similar to Estonia’s
48. Is the Answer to Adopt ID4D/Estonia?
• The model in this proposal is very similar to Estonia and
the one ID4D uses
• HOWEVER, the ID4D and Estonia models are built upon all
citizens/residents having access to the internet
• Most of your country’s citizens currently don’t have
internet access
• Thus, from the citizen’s perspective, the cell phone is the
communication technology to start with
• The proposal uses interactive voice response and voice
authentication with the internet infrastructure running
underneath it
• Thus, all citizens can take advantage of the solution if they
are using their cell, a smart phone or a computer
49. Government Will Make & Save Money
• Increase nightly interest payment revenue
– All government payment portal payments go into one
back-end government bank account each night to
leverage interest
• Save money by paying citizens directly into their
bank and telephone accounts (e-wallet) for things
like subsidies, etc.
– Reduce issuing physical cheques and/or having to use
expensive payment card systems
– Give citizens the choice of how to be paid
50. Use Open Source
• The proposal uses open source software wherever possible
– Interactive voice response (IVR) - TBD
– Payment portal - TBD
– Identity and Access Management (ForgeRock)
– API Gateway servers – TBD
– Enterprise Service Bus – optional - TBD
– Monitoring - ELK for monitoring (Elastic Search, Log Stash and
Kabana)
– Environment automation - Ansible for quickly spinning up and down
servers in the various environments
– Health care management – TBD
– Education management - TBD
• It is likely proprietary vendors will be selected for:
– Voice authentication - TBD
– Digital certificates – TBD
51. Biometrics…
• Biometrics are not “perfect”
• A measure of their accuracy is something called
the “Equal Error Rate” (ERR) or “Cross Over Error
Rate” (CER) at which point the false acceptance
and false rejection rates are equal
• Voice ERR is approximately 10%
52. Therefore…
• Voice doesn’t work for everyone
• A few percent of citizens will have trouble
authenticating using their voice. Having
citizens say a longer sentence when
authenticating can mitigate this.
• For those whom it won’t work, they will be
given a username and password to enter via
their cell phone
53. Person Playing Back a Citizen’s Voice?
• For low risk applications, the citizen’s voice alone
will be accepted for authentication
• However, as the service level risk rises,
citizens/residents will be required to enter an
additional 4-digit pin.
• When the e-National ID Card is released,
citizens/residents will be able to use it in a manner
similar to the way Mobile ID is used today in Estonia,
via their smartphone. They will enter a 4-digit pin in
addition to having the digital certificate on their
smartphone.
• All of this is defined in the Credential Assurance
Standard
54. Cell Phone is Shared by Several Citizens?
• Sharing of cell phones is quite common
• To address this the strategy uses the following:
– The primary cell phone holder will be identified in the
central identity data store
– When another citizen wants to use the same telephone
then the primary cell holder will have to provide their
permission
– When any SMS messages are sent to the citizen, it will be
labeled with their name such that the citizen is clearly
determined
– Agreements between citizens, telephone companies and
governments will be obtained such that if the citizen’s
cell phone number changes, the telco will automatically
notify the central identity service
55. All That Glitters Is Not Gold
• The Government of Alberta system is a good place to start but
not to end up. Why?
• Low level identity assurance – If you say you’re Mickey Mouse
the system will accept this
• No second factor authentication
• Can’t do digital signatures
56. So Why Use Them?
• It will reduce implementation times by about a year by
licensing the intellectual property for their:
– Privacy architecture
– Use cases
– Test cases (for only the IAM portion the team developed over 500
test cases)
– Testing tool
• The team supported platform (approximately 15 different browsers and
mobiles.
• For each platform the tests had to be run in each environment. So, just for
the IAM portion alone, it meant running 15 sets of over 500 tests PER
ENVIRONMENT. Therefore, the team wanted to automate the testing as
much as possible and developed a testing tool to accomplish this.
– Data standards
– Implementation guides to allow for services/applications to quickly
integrate
– Software code
57. Bottom Line…
• Your country must develop a solution tailored to fit
your needs and not drop ship or entirely adopt
something developed elsewhere
• HOWEVER, it should LEARN from others wherever
possible
• It needs to develop a solution:
– For your citizens of all types and regions
– Leveraging existing technology citizens have today
– Run by your country’s people and companies
– With an eye to standardizing wherever possible
– To then lead Africa into the new economies which are
rapidly emerging
58. National Leadership
• The proposal seeks to have your country’s
government lead other regional countries in
defining common standards for Evidence of
Identity and Credential Assurance
• It also sees creation of a similar agency to
Estonia’s e-Governance Academy Foundation to
then train other African nations on how to
achieve this
59. Guy Huntington
Guy Huntington is a very
experienced identity
architect, program and
project manager who has led,
as well as rescued, many
large Fortune 500 identity
projects including Boeing and
Capital One. He recently
completed being the identity
architect for the Government
of Alberta’s Digital Citizen
Identity and Authentication
program.
60. Changing the World a Bit
• Guy wants to change the world a bit by assisting
developing countries to leapfrog ahead of most
western societies by:
– Leveraging citizen’s use of the cell phone and their voice
to then access online government services
– Utilize digital versions of their national identity cards on
smartphones to enable use of this for digital signatures
– Using mostly open source products with “standardized
back ends” and customizable “front ends”
– Reusing the same code and intellectual property in other
jurisdictions to dramatically reduce implementation times
and costs