This blog is part of our “Identity in the News” series where we discuss events from the recent news cycle relating to digital identity.
France has recently announced a smartphone-based system for proving digital identity called the “Digital Identity Guarantee Service”' (SGIN, or “Service de garantie de l’identité numérique”). To be used in conjunction with an app that will serve as a mobile extension of a user’s national identity card. The secure digital identity can be used to gain access to government and private services.
As a provider of world-class identity products, we’re glad to see wider adoption of digital identities. Despite its accuracy in verification over more traditional methods, some are still hesitant with the use of digital identities with biometrics, particularly when it comes to government use. However, we’re happy to see several elements of France’s SGIN program that adhere to our fundamental identity principles which should improve user confidence and program success.
The program uses existing government partnerships for identity verification and follows our “don’t hoard data” philosophy of not accessing sensitive data (i.e. personal biometric data) when it’s not necessary. In our “leverage government partnerships” principle, we stress the need for remote validation of identity without compromising privacy. Instead of accessing data directly from government-managed databases, interactions should be limited to only affirmative or negative responses (i.e. yes/no). Our second principle of “don’t hoard data” further builds upon the importance of privacy and security, avoiding storing data permanently. If sensitive data must be stored, it should be hashed or encrypted to meet compliance requirements and preserve user privacy.
In France’s SGIN program, the digital identity app scans a user’s identity cards for identity verification but will not access the user’s biometrics. The app will also be user-controlled so that it is not mandatory for use and allows the user to define what data fields will be shared for any transaction. What’s more, the program and app will fully adhere to EU data laws and regulations governing digital identities.
With so many security, ease-of use and efficiency advantages offered by biometric verification and authentication, we will see further national digital identity programs across Europe as member states move to embrace digital technologies to better serve their citizens. By September 2023, for example, all EU member states must make a Digital Identity Wallet available to every citizen who wants one. With digital wallets the user will be able to choose to download a wallet app to a mobile device where they can store and selectively share electronic documents that might be needed for a specific identity verification transaction, such as when opening a bank account or applying for a loan. Other functions (like e-signing) are also envisaged being supported by these e-ID digital wallets.
Indeed, digital identity proofing, when implemented correctly, greatly improves the accuracy of the verification process, speeds up onboarding processes for nearly all industries, and improves the user experience – without sacrificing security or the user’s desire for data privacy.
To learn more about our implementation principles surrounding the use of biometric technology, read our biometric technology guide: 7 Steps to Overcoming Common Misconceptions.