Inter-Domain Electronic Identification

Inter-Domain Electronic Identification

- Challenges, Benefits and Needs SAM TABIBZADEH

KTH ROYAL INSTITUTE OF TECHNOLOGY

SCHOOL OF ELECTRICAL ENGINEERING AND COMPUTER SCIENCE

Identification

- Challenges, Benefits and Needs

SAM TABIBZADEH

Master in Computer Science Date: June 16, 2019

Supervisor: Sonja Buchegger Examiner: Johan Håstad

School of Electrical Engineering and Computer Science

Host company: Nordea

Abstract

Electronic Identification (eID) systems allow users to authentication digitally to a service, often online. An inter-domain eID solution constitutes a sin- gle eID system which is accepted and used internationally, across borders.

There is not much documented knowledge about inter-domain eID and the challenges, benefits and needs of such a solution in comparison to broker cross-country eID system such as eIDAS, which allows for interoperability of national eIDs within Europe. There is a lack of inter-domain eID solutions out there, but for organizations supporting eIDs, an inter-domain variant would be beneficial, not only from a technical view but also from a business perspective.

However, before implementing such a solution it would be valuable to get an overview of the political, economical, social and technological aspects of an inter-domain eID. This study was done by applying the theoretical frameworks SWOT and PEST to gathered information from interviews with key players and from academic and industrial literature in order to comprehend the challenges, benefits and needs of an inter-domain eID.

The paper concludes with the challenges being mostly in existing differ-

ences between countries when it comes to law, regulation, view on privacy

and identity, technology and infrastructure. On top of these aspects, there are

hindrances in areas such as privacy, user adoption, market monopoly, distri-

bution, vulnerability and maintenance. The benefits of an inter-domain eID

solution are about ensuring one identity for the user, an incorporation of the

private market to cross-country identification, a boost to the European econ-

omy, an opportunity to create a privacy conscious system, bypassing social

media giants and an inclusion of people which are not supported by eID bro-

kers. Regarding needs, an inter-domain eID would remove the need for a com-

pany with customers in many different countries to support and maintain dif-

ferent national eIDs for different users in different countries. The business and

economic need is also present, especially for private companies. Lastly, the

topics of Self-Sovereign Identity, Privacy by Design and Universal Identity are

briefly discussed.

Sammanfattning

Elektronisk Identifikation (eID) är system som gör det möjligt för använda- re att autentisera sig digitalt till en e-tjänst. En inter-domän eID är ett eID- system som accepteras och används internationellt över gränser. Det saknas idag dokumenterad kunskap om inter-domän eID samt utmaningar, fördelar och behov av en sådan lösning i jämförelse med broker, cross-country, eID- system som eIDAS, vilket möjliggör interoperablitet bland nationella eID i Europa. Det finns brist på inter-domäna eID-lösningar ute i marknaden, men för organisationer som stöder nationella eID, skulle en inter-domän variant vara till nytta, inte bara från en teknisk synpunkt utan också ur ett affärsper- spektiv. Men innan en sådan lösning implementeras skulle det vara värdefullt att få en överblick över politiska, ekonomiska, sociala och tekniska aspekter av en inter-domän eID. Denna studie utfördes genom att applicera de teoretis- ka ramverken SWOT och PEST på insamlad information från intervjuer med sakkunniga inom ämnet, men också från akademisk och industriell litteratur för att förstå utmaningar, fördelar och behov för ett inter-domain eID.

Uppsatsen avslutas med att de utmaningar som finns är mest befintliga

skillnader mellan länder när det gäller lagar, syn på integritet och identitet,

teknik och infrastruktur. Utöver dessa aspekter finns hinder i områden som in-

tegritet, användarupptagning, marknadsmonopol, distribution, sårbarhet och

underhåll. Fördelarna med en eID-lösning mellan domänerna handlar om att

säkerställa en identitet för användaren, inneslutningen av den privata markna-

den för cross-country identifiering, en förbättring av europeiska ekonomin, ett

möjlighet att skapa ett integritetdsbaserat system, kringgå sociala medier gi-

ganter och en inkludering av personer som inte stöds av broker eID. Gällande

behov skulle ett inter-domän eID eliminera behovet av ett företag med kunder

i många olika länder att stödja och underhålla olika nationella eID för olika

användare i olika länder. Det affärsmässiga och ekonomiska behovet är ock-

så närvarande, särskilt för privata företag. Slutligen diskuteras ämnena Self-

Sovereign Identity, Privacy by Design och Universella Identiteter.

1 Introduction 1

1.1 Problem and Research Question . . . . 2

1.2 Goal . . . . 3

1.3 Outline . . . . 3

2 Background 4 2.1 Market Analysis Frameworks . . . . 4

2.1.1 SWOT . . . . 5

2.1.2 PEST . . . . 6

2.1.3 Previous Applications . . . . 7

2.2 Identification and Authentication . . . . 8

2.2.1 Level of Assurance . . . . 8

2.2.2 Physical Identification . . . . 11

2.2.3 Digital Identification and Authentication . . . . 12

2.3 Previous relevant eID studies . . . . 14

2.4 Example eID Solutions and Use Case . . . . 15

2.4.1 National eID: Swedish BankID . . . . 15

2.4.2 Broker eID: eIDAS . . . . 16

2.4.3 Use Case . . . . 17

3 Method 18 3.1 Literature Review and Interviews . . . . 18

3.2 Application of the Theoretical Frameworks . . . . 20

4 Results 21 4.1 SWOT and PEST of Inter-Domain eID - Outcome . . . . 21

4.1.1 Strengths . . . . 21

4.1.2 Weaknesses . . . . 23

4.1.3 Opportunities . . . . 25

v

4.1.4 Threats . . . . 27

5 Discussion 30

5.1 Answering the Research Question . . . . 30 5.2 Universal Identities . . . . 32 5.3 Self-Sovereign Identity and

Privacy by Design . . . . 34 5.4 Sustainability and Ethics . . . . 37

6 Limitations and Future Work 38

7 Conclusions 39

Bibliography 40

Introduction

With the internet becoming more and more accessible and business, financial and governmental services now going from physical face-to-face interactions to online services, the issue of identity and identification is more important than it has ever been. High risk online services from the government, health care providers and banks have become mainstream, which yields a need for strong verification of identities on the web.

Today, many countries have their own type of local electronic identification (eID) mechanism, used for authenticating and signing purposes for many of those high risk service providers (E.g. BankID in Sweden, NemID in Denmark and itsme in Belgium).

One initiative to bring all eID in EU into a single network of authentication is eIDAS. The eIDAS network defines a standard in which national eIDs can communicate with services outside the nation in order to enable cross-country authentication with local eIDs. The eIDAS network has been specified for a few years and in 2018 the first countries involved released a first wave of real-life implementations, Sweden among one of them. Thus, eIDAS could be categorized as a national eID broker, allowing the eID methods of EU member states to be accepted by services in other member states.

On top of national eID broker, there is another category labeled inter- domain eIDs. An inter-domain eID solution constitutes a single system which is accepted and used internationally.

While national eIDs are well established, and broker eID networks have been studied and are currently being implemented across some countries, inter- domain eID solutions are not installed into the market yet.

A typical use case for an inter-domain eID is a Swedish user authenticat- ing with his inter-domain eID to Finnish services. Regardless of country or

1

domain, same authentication method should be applied. For organizations spanning over multiple countries, such protocol allowing customers around the world to have the same type of authentication mechanism and being able to access data and services in an cross-country concept, would be beneficial.

This benefit would not only be present from a technical aspect, i.e. only maintaining one protocol instead of many, but also from social, political and economical aspects. There will be less complexity to manage and new part- nerships and revenue streams could be created.

This thesis work is a collaboration between the author and Nordea, a Nordic bank and financial group with presence in 19 different countries around the world.

1.1 Problem and Research Question

There is a lack of knowledge regarding inter-domain eIDs, but also a gap in understanding the different benefits, threats, challenges and what is needed but also wanted for an inter-domain eID solution.

This study will be an overview of the current state of cross-country eIDs and help researchers, both industrial and academic, to get an understanding of the cross-country eID status by using this work as a reference document. It will also help readers understand the barriers to create an inter-domain eID.

Nordea’s general project is to launch an Inter-domain eID solution, and during the period which this thesis is being written they have as a goal to propose a Proof-of-Concept (PoC) which demonstrates the functions of such a solution. The purpose of this thesis, which is a part of the general project, is to research and analyze the market in order to have a clear understanding of the different paths that could be taken for implementing such a solution.

The existence of past studies (see Section 2.1.3) shows that there is a prece- dence of market research and the frameworks chosen in scientific research.

Section 2.3 describes relevant previous studies within the eID field that are used in this thesis. However, there has not been any study combining the mar- ket research frameworks with the topic of cross-country eID, and this is where this study disembarks and fills a research gap.

The main research question is:

What are the challenges, benefits and needs, from an organizational perspective, of an inter-domain eID so- lution?

The answer will be derived from the following three sub-questions:

What are the threats and challenges in proposing an inter-domain eID? What

are the benefits of an inter-domain eID solution? What are the needs for an inter-domain eID solution?

1.2 Goal

The vision of the research has been to define the inter-domain challenges, ben- efits, and needs of such a solution. This thesis also contributes to the growing field of research within eID and especially cross-country eID. For Nordea, the results which detail a market with regards to inter-domain eID, will be useful when choosing a strategical path to take when proposing such eID solution.

Nordea could, with the help of this thesis, decide how to position themselves with regards to cross-country eIDs.

1.3 Outline

Initially, this research is structured with a presentation of the theoretical frame-

works used. Followed this are sections which aim to define the key identifi-

cation and authentication concepts, and then some example solutions and use

case of national and cross-national eIDs are described. Later on, the method is

detailed and next the SWOT and PEST application is depicted. In the discus-

sion section, the findings are summarized in relation to the research question

and concepts such as Universal Identities, Self-Sovereign Identity, Privacy by

Design and Sustainability are briefly reviewed. The entire report ends with

the researchers conclusions of the inter-domain eID challenges, benefits and

needs in contrast to broker eIDs.

Background

Authentication is defined as the process of verifying the identity claimed by a certain person or object against the registered identity information. That infor- mation is most often a username or a unique identifier combined with a pass- word, bio-metric data such as a fingerprint, voice matching or iris-scan, palm vein scan, or a combination of these. There are many challenges in this pro- cess, including how to reduce processing time, improve accuracy of matching for authentication, ensure a seamless experience for identity claimants, counter fraudulent behavior, and find affordable solutions for both the provider and the user [1].

When it comes to authentication methods, passwords are well dominating the market as a way to identify the user [2]. On the other hand, over forty years of research show that these are infested by security problems [3] and are very much openly detested by users [4].

This chapter starts with an explanation of the theoretical frameworks that are applied in this thesis work, then it brings up the different key topics in order to make the eID market more easily understood by the reader, and finally it ends in a brief overview of the current state of eID with a description of example solutions and use cases.

2.1 Market Analysis Frameworks

In this section the two different theoretical frameworks are introduced and briefly explained. Both frameworks were applied to the empirical data gath- ered through the literature review and interviews with various people within the eID field. More on the method can be found in Section 3. In the last part of this section, previous applications of the theoretical frameworks within the

4

context of market research will be described and how this work is related to them.

2.1.1 SWOT

According to Warren [5], organizational analysts often use a method called SWOT analysis, as a favored tool to “kick start” the strategy planning process.

The name SWOT, depicted in Figure 2.1, is an acronym for the four following parameters the method examines:

• Strengths: Characteristics of the project that give it an advantage over others.

• Weaknesses: Characteristics of the project that places it at a disadvan- tage relative to others.

• Opportunities: Elements in the environment that the project could ex- ploit to its advantage.

• Threats: Elements in the environment that could cause trouble for the project.

Baker [6] recognize that organizations can gain a lot from the diagnostic

strength of SWOT if they evaluate issues from a customer-centered perspective

and make use of a focused methodology. On top of SWOT being used in the

industry, it is also very much used in scientific research. M. Helms and Nixon

[7] list and explain different instances where SWOT has been used as a research

tool.

Figure 2.1: The four parameters of SWOT [8]

2.1.2 PEST

According to Ward and Rivani [9] the PEST tool lets organizations analyze the specific external and indirect circumstances that define the business en- vironment which are able to influence the organizational capacity to produce business value. PEST is also known as STEP [10], SEPT [11], or STEEP [12].

The elements of PEST (depicted in Figure 2.2) can be considered as macro- environmental aspects, and its usefulness is in the assumption that organiza- tions and their product placement on the market cannot be understood without having a well-defined business environment [13]. During a PEST analysis, re- searchers and analysts look at Political, Economical, Social and Technological factors of the subject which is being studied. These factors can be explained as following [14]:

• Political factors: The different forms of government interventions and political forces in the marketplace.

• Economic factors: The macro-economic conditions of the external envi-

ronment and market. Concepts such as economic growth, interest rates,

exchange rates and inflation rate are put in the context of the specific

subject being studied.

• Social factors: Social, cultural and demographic aspects of the external conditions in the environment.

• Technological factors: Technology mature level, technology related ac- tivities, infrastructures, incentives based on technology, and technolog- ical changes over time that may affect the market environment.

Figure 2.2: The four factors of PEST [15]

2.1.3 Previous Applications

M. Helms and Nixon [7] describes, with regards to using SWOT in a market research, that many researchers suggest that there is a need of using supple- mentary methods of analysis in addition to SWOT to get a more profound understanding of the market. Therefore, the PEST analysis was incorporated as well in order to complement the market research.

There are many studies that analyzed industries, products or sectors with the help of SWOT or PEST frameworks, some of them cited here [16] [17]

[18] [19]. On top of these, four studies were identified which combined SWOT and PEST as a way to analyze their data: Ha and Coghill [20] examined the e-government in Singapore, Qamar et al. [21] analyzed the e-government in Singapore and Andoh-Baidoo, Babb, and Agyepong [22] looked into the e- government readiness in Ghana while Wang and Tang [23] investigated the construction of incentive system for state-owned enterprises’ scientific researchers.

No study was identified having applied SWOT, PEST or a combination of

those on the identification, authentication, eID or cross-country eID market.

2.2 Identification and Authentication

In this section the author writes about key concepts, namely Level of Assur- ance, Physical Identification, Digital Identification and Digital Authentication which are important to understand eIDs and how they are used.

2.2.1 Level of Assurance

Assurance of identity is when a relying body identifies or authenticates some- one with a level of certainty, using personal identity attributes, that a claim to a person’s identity can be trusted to actually be the claimant’s real identity.

The degree of confidence for the security assurance depends on the tech- nique that is used to identify the claimant. These different degrees of confi- dence are referred to as Level of Assurance (LoA).

The history of LoA first started in the United States e-government. During the early 2000s, a variety of different identification solutions developed, both internally for the authorities but also for the common person. In order to pro- vide a basis for harmonization and promote interoperability, in 2003, the U.S.

Office of Management and Budget (OMB) produced a guide for electronic identification called M-04-04 [24] [25].

OMB M-04-04 defines four confidence levels based on online services pro- tection needs. The need for protection is based on possible consequences that may arise in the event of a security breach. The document would be used as a support to guide the people behind online services to choose the right as- surance level requirement [24] [25]. The International Organization for Stan- dardization (ISO) has published a guideline with regards to LoA [26]. The guideline, with the name ISO/IEC 2915, also uses the four assurance levels that OMB M-04-04 first defined [24]. In Europe, under the EU’s eIDAS framework [27], three different levels of assurance are established. These are: Low, Sub- stantial, and High. They can be compared to levels 2, 3, and 4 in the ISO/IEC 2915 definition [27]. Level 1 is not covered in the eIDAS framework.

The different assurance levels depend on the security strength of the au-

thentication and identification process. Figure 2.3 depicts the different levels

of assurances and shows that the higher the LoA, the lower is the risk that ser-

vice providers will be identifying a compromised personal identity. For iden-

tity proofing, the LoA relies on the technique of identification, this includes

the amount of personal information that is gathered during a registration or

enrollment of a certain person, and the extent of confidence that this gathered

information is validated [28].

Figure 2.3: Different Levels of Assurance [28]

When it comes to authentication, the confidence level depends on the strength of the authentication technology used. Different types of actions require differ- ent LoA. One example could be when a bank supports different LoA authenti- cation. The bank may require a low LoA if the user only wants to view his/her bank balance, while requiring a higher LoA if the user needs to make a transfer.

The greater the potential and reach of a negative consequence by authenticat-

ing the wrong person, the greater the assurance level has to be. Most often, a

single factor authentication such as a password is not satisfactory enough to

verify a person’s identity and yield accurate authentication. That authentica-

tion method may be strong enough for certain use cases (e.g. logging in to

Spotify or Skype) but higher security actions (e.g. logging in to an e-bank or

viewing current student loan debts) may require stronger types or/and multi-

ple factors of authentication to augment the confidence level of the user being

the person he/she claims to be [28]. As stated before, different actors and

eIDs support different LoA, but some even support multiple LoA and put the

control, of how much information to share during an authentication, in to the

users hand. Thus, the concept of LoA is very much important when surveying

the eID landscape. The following four parts of the section describe what the

four different LoA defined by ISO/IEC 2915 are, how they relate to the eIDAS

framework and what level and kind of risk they encompass.

Level of Assurance 1

At LoA 1, there is minimal or no assurance in the claimed identity of the indi- vidual, but some assurance that the individual is the same over multiple authen- tication occasions. LoA 1 is normally used when minimum risk is associated with false authentication. There is no particular requirement for authentica- tion methods used. A broad variety of available methods and technologies, including the those associated with higher LoAs, can satisfy the authentica- tion requirements. There is no similar LoA in eIDAS.

One example for LoA1 may be when an individual uses a self-registered username or password on an anonymous social media to write a text or get access to forums.

Level of Assurance 2

At LoA 2, there is some assurance in the claimed identity of the individual.

LoA 2 is normally used when some risk is associated with false authentication.

At this level, single-factor authentication is accepted. The authentication is de- pendent on the individual proving, through a secure authentication protocol, that the he/she has control of the credential. It is recommended that eaves- dropping and guessing attacks shall be prevented. In the eIDAS framework, this corresponds to a Low LoA.

An example for LoA 2 is when a website requires the user to provide per- sonal information, such as name, address and age. If the wrong individual authenticates to another person’s account, then there will be some personal information that is accessible to the wrong individual.

Level of Assurance 3

At LoA 3, there is high assurance in the claimed identity of the individual.

LoA 3 is normally used when there is a substantial risk with false authentica- tion. LoA 3 requires at least a two-factor authentication. At this level, identity proofing procedures shall be dependent upon verification of identity informa- tion. Any personal information exchanged during the authentication protocol shall be cryptographically secured. The eIDAS network considers this LoA Substantial in its own framework.

An example of LoA 3 is when a user wants to send a small amount of

money to another account through his/her e-bank. If false authentication oc-

curs, it would have substantial effects for the actual owner of the bank account.

Level of Assurance 4

At LoA 4, there is very high assurance in a claimed identity of the individual.

LoA 4 is normally used when a high risk is associated with false authenti- cation. This is the highest LoA. LoA 4 is similar to LoA3, but it adds the requirements of in-person identity proofing for and the use of tamper-resistant hardware devices for the storage of all secret or private cryptographic keys.

On top of that, all personal information associated with the user and other sen- sitive data included in the authentication protocol shall be cryptographically protected. LoA 4 is called High LoA in the eIDAS framework.

An example of LoA 4 is when someone wants to conduct a money trans- fer of an extensive amount. The bank will then require an in person identity proofing in order to have the highest possible confidence of the user’s identity.

2.2.2 Physical Identification

In the physical world, usually a trusted party such as a government or bank is- sues physical credentials which can certify the claimant’s identity. They enable the connection of the attributes claimed by a person to the physical document which then allows for identification and identity authentication [29]. Different physical document containing identity credentials are used depending on the authority. Examples can be a driving licence when it comes to proof of cer- tification for driving and a passport for international travelling. The strongest identity documents, such as passports, are often accepted universally because of the trust for the party issuing the document (e.g. a Spanish bank is going to accept a Swedish passport). A weaker but domain specific physical identi- fication document could be an ID-badge for employees or a card proving your membership in a sports club. These type of ID documents are normally not accepted anywhere else than their intended restricted application area.

According to GSMA and Alliance [30], verifying identity in the physical world is a relatively straightforward task. Claimants present themselves phys- ically to the third party requiring a proof of identity and with the help of their government and/or their service provider generated credentials (e.g. passport or driving licence) the third party will be able to verify the claimant. This normally involves, given a set of personal attribute data such as name, photo, birth area, a third party entity is able to do a verification that the person asking for the claim is actually the person that has all the attributes.

Physical identification, in comparison to digital identification, provides

more anonymity for the person claiming an identity. In most cases, the claimant

shows his/her passport or ID-card and only the authenticity of the document is

verified. The person verifying the identity does not save any of the claimants personal information.

2.2.3 Digital Identification and Authentication

According to the World Bank [28], a digital identity is a collection of cap- tured and stored identity properties through digital means. These properties uniquely defines a person within a given context and they are often used in the application of electronic transactions. The properties that constitute the digital identity of a person include: biographic data (for example name, age, gender and address) and biometric data (for example fingerprints, iris scans and palm vein scan) as well as other properties described in this section. When that data is collected and verified, it can be applied for identification of a person by asking and capturing an answer to the question who are you? [2]. These mentioned properties which are connected to a person, together with attributes issued by the service provider (for example a unique ID number) can then be used for authentication. The question that needs to answered in that case is are you who you claim to be? [2], and more about that can be found in the following sub sections.

Digital Identification

The rise and improvements of identification technologies, the fast spread of digital identification schemes, and the increasing number of services that are dependant on strong identification have reached a level never seen before. To- day, users can be identified with the help of, among others, their fingerprint or iris scan and can assure who they are with strong confidence [31]. A paper written by Smith and McKeen [32] outlines the growing importance that digi- tal identification plays for organizations. With increasing numbers of services being provided on the internet, from transactions in commerce to accessing organizational data assets, organizations have to confidently authenticate and identify their customers, businesses, employees and other parties using their services.

In many countries around the world, there are challenges in offering paper-

based systems for identification, according to the World Bank [28], digital

identification enables a potential transformative solution to that global chal-

lenge. Digital identification provides countries the capability to "leapfrog" the

creation of paper-based identification systems and quickly establishes a solid

identification infrastructure.

Another published document by the World Bank [33] specifies that there is evidence which suggests that well implemented digital identification systems and infrastructures can potentially have a serious positive impact on gender equality, financial inclusion, social safety nets, access to health services and governance.

Identification schemes are meant to grow the assurance about online iden- tities [34]. Cameron [35] for example, perceives the function of digital identi- fication schemes as avoiding a loss of trust and enabling users on the internet to feel a "deep sense of safety, privacy and certainty about who they are relating to in cyberspace" [35].

Digital Authentication

While digital identification is most often non-secret and non-private informa- tion given by the user to be identified and could be available to the people behind the system and also other users within the system, digital authentica- tion handles secret, private information. The different authentication methods are depicted in Figure 2.4 and can be categorized into three different methods [36]:

• Knowledge-based authentication: What the user knows (for example password, PIN or question and answer). It is established on secret or private information given by the user.

• Possession-based authentication: What the user has (for example USB stick or smart card tokens). It is established on private physical items that the user has in its possession.

• Biometric-based authentication: What the user is (for example finger- print, iris scan or palm vein scan). It is established on physiological, anatomical, or behavioral attributes of the user.

The authentication methods can be used separately or in combination. If only one method is used, it is called a single-factor authentication. If two types are combined, it is named a two-factor authentication. Lastly, if all three types are used, it is called a multi-factor authentication. To be considered strong, the authentication method must include at least two-factors [2].

While all these three methods provide some level of secure authentication,

each of them provides its own benefits and drawbacks. These benefits and

drawbacks are well explained in the study by Zviran and Erlich [2].

Figure 2.4: Different authentication methods [2]

2.3 Previous relevant eID studies

In 2016, a study analyzing how cross-country eID within Europe could strengthen the European market, drive innovation and deliver growth was published [37].

The study was used in the results chapter based on the SWOT and PEST anal- ysis (Chapter 4).

A research paper published by the European Commission, Institute for

Prospective Technological Studies examines four different areas of eID: 1) Rel-

evance, legal state-of-the-art and future perspectives; 2) Digital natives and the

analysis of the emerging behavioural trends regarding privacy and identity and

their legal implications; 3) The "prospective" use of social networking services

for government eID in Europe; and 4) Facial recognition, privacy and identity

in online social networks [38]. The extensive research and its conclusions is

used for many different aspects in this thesis work, including for the results section, but also for the author to get a better understanding of the eID space.

In a report by E-legitimationsnämnden, the demands and conditions as- pects of foreign eIDs in Sweden are investigated through discussions and sur- veys with Swedish local governments and agencies [39]. Another study by the Swedish Tax Agency analyzed the same aspects of foreign eIDs in Sweden.

It concluded that security and privacy were the biggest concerns in integrat- ing foreign eIDs to Swedish governmental services [40]. The aspects here are central to the aim of this thesis when it comes to demand, challenges and benefits.

An analysis which was commissioned by the Dutch government explores the different eID means in eleven different EU countries and it concluded that the cultural and historical contexts, as well as the administrative culture, are of great importance for the choice of public, private or both eID means in a national eID scheme [41]. This study is used in order to get a good under- standing of different actors in the environment and the reasons they decided to design their eIDs as they did.

When it comes to global eIDs, a paper was written in 2013 which compares users’ perceptions of and willingness to use Google, Facebook, and Google+

Single-Sign-On (SSO) functionality [42]. This source was used in the result section and in the aim to put social media SSO solutions in relation to inter- domain eIDs.

2.4 Example eID Solutions and Use Case

This section describes examples of a national eID, a broker eID and then a use case where the example of banking is used to explain how national, broker and inter-domain could be used.

2.4.1 National eID: Swedish BankID

In 2001, various authorities in Sweden have begun to discuss the creation of an eID where an electronic signature becomes equal to a physical one. But for the government to re-identify an entire population and issuing eIDs on top of physical ones is both time-consuming and costly. Therefore, the authorities started to look at the part of society which had the largest electronic customer base who could guarantee a person’s identity: the internet banks. In Sweden, the banks also traditionally had and still have a high level of public confidence.

At the time, the internet banks together had 2.7 million customers and were

deemed to be able to safely provide an eID which corresponds to a physical one [43].

A consortium was formed which included most of the large Swedish banks.

The purpose was to develop a general infrastructure for digital identification, which not only had to meet the requirements of authorities and banks but also be accepted by the public and the industry. In September 2002, Finansiell ID-Teknik BID AB was created and later the company’s product BankID was released [43].

BankID is a Swedish national eID that enables individuals to authenticate and sign documents with services and organizations in Sweden. It is also an electronic ID document that is comparable to passports, driving licenses and other physical identification documents. All private individuals who have a Swedish personal ID can obtain a BankID through their bank. A BankID has the same value and is used in the same way, regardless of which bank issues it.

At the end of 2018 around 7 million persons in Sweden had BankID [44].

It is predicted that during 2019, 7.5 million people will have BankID [45]. It is also estimated that the number of BankID use instances will be around 4 billion in 2019 [45].

2.4.2 Broker eID: eIDAS

Regulation (EU) 910/2014 [27], also called the eIDAS regulation, arranges a standard to enable secure and seamless electronic authentication between organizations and citizens in Europe. The eIDAS network makes it possible for people and organizations in EU to use their own national eIDs to access public services in other EU countries where eIDs are available. This results in an European trust network on electronic services that require authentication or signing by ensuring that they will work across borders and have the same legal status as conventional paper based systems.

This federation solution consists of a network of European member states, each one is subscribed to a federated operator, namely an eIDAS node. Each node has the role of an identity provider for the national eID scheme from any other country. All national service providers participating in the network have to be subscribed to the national eIDAS node. This results in every citizen being recognized by a member state and thus recognized within the trust net- work at European level, enabling the use of services in other member states.

The eIDAS project enables cross-border authentication of EU citizens with-

out a unified inter-domain eID authentication solution [46]. In other words,

the eIDAS network acts like a broker between different national eID solutions within the EU.

2.4.3 Use Case

In this section, the use cases of national eIDs, broker eIDs and inter-domain eIDs is brought up with the help of an example from banking.

In order to combat fraud and money laundering, governments across the world have placed strict requirements on banks to know their customers. The use of eIDs enables two important scenarios when it comes to banking:

1. Registration and opening a bank account 2. Money transaction

Regarding scenario 1, banks are obliged to identify and know their cus- tomers before doing financial business with them. Opening a bank account has one major aspect which is required: Know your customer (KYC) [47].

Generally, a person that wants to open an account with a bank must go to

the bank’s physical office and present an identification document so that their

identity could be verified in-person. An eID identification and authentication

of LoA 4 (see Section 2.2.1) removes the need to visit the bank’s physical

office and thus, enabling people to open a bank account remotely. A LoA 4

eID would deliver verified personal information about the user to the bank al-

lowing the bank to meet the KYC requirements [48]. Scenario 2 is about the

signature of transactions. Bank customers are able to electronically, with the

help of their eID, sign financial transactions. An example of such eID is the

national Swedish BankID (see Section 2.4.1). But as a national eID, Swedish

BankID is only limited to Swedish users and only within Swedish services. An

eID broker such as eIDAS (Section 2.4.2) enables national eIDs to be used in

a cross-country fashion. A Swedish user would be able to register for a French

bank account with the help of his/her Swedish eID, and then sign transaction

with the same eID in the French bank. With an inter-domain eID, all the cit-

izens in EU would only need one eID solution to conduct the two mentioned

scenarios.

Method

The research paradigm is of an empirical and qualitative nature where the re- searcher’s observation on the information gathered is in focus. The empirical data of this study was collected from both a literature review and interviews.

3.1 Literature Review and Interviews

The goal of the literature review was to critically evaluate the existing knowl- edge presented in the theoretical frameworks, but also to find other work that has been done when it comes to market analysis. The literature study was also done in order to review the sources of data that are relevant to eID. That data was primarily collected from books, articles, conference papers, reports, government and commercially produced statistics, industry data as well as e- resources. The author mainly found the resources on online databases such as Google Scholar.

When it comes to the interviews, the author conducted them in an ex- ploratory fashion. In other words, many different interviews took place with many different people, both inside of Nordea and people working in external organizations and with people in different roles. The value of the information gathered through these interviews was evaluated once the interview was done and only used in the thesis work if relevant enough to the project. The author was given contact information to interviewees by the supervisor at Nordea, but also independently reached out to companies and people that are working in the eID field.

Nine people were interviewed, all of them selected based on their experi- ence with identity systems and expertise on managing or implementing eIDs.

Of these nine interviews, three were not used in this thesis work considering

18

the information that was gathered did not give any valuable input in the work, mostly because of their absence of knowledge in the cross-country eID field.

The six interviews that are used in the thesis are with:

• Adam Cooper - Director at ID Crowd and Chief Architect at ID2020.

• Anneli Hagdahl - Head of Section, Division for Digital Government at the Government Offices of Sweden.

• David Suomalainen - Advisor, Division for Digital Government at the Government Offices of Sweden.

• Roger Fagerud - IT Strategist at DIGG, Swedish Agency of Digital Gov- ernance.

• Niclas Westén - Senior Product Manager BankID at Nordea

• Kristofer von Beetzen - Product Manager Freja eID at Verisec

The interviews were done in a semi-structured approach with a few con- stant questions that were asked to every interviewee together with many vari- able questions which were based on the background and profile of the inter- viewee. All the interviewees were approached with mainly these questions:

– What issues can you identify with broker eIDs?

– Do you see a business or technical need for an inter-domain eID?

– Do you see any benefits from the user, organization and/or technical per- spective for an inter-domain eID in comparison to a broker eID system?

– Do you see any disadvantages from the user, organization and/or tech- nical perspective for an inter-domain eID in comparison to a broker eID system?

– What challenges would there be if an inter-domain eID was to be imple- mented and adopted by users?

On top of these constant questions that were asked with some modifica-

tions to every interviewee, other questions that were based on the background

and profile of the interviewee were used as well. These variable questions

were about the interviewee’s background, work, thoughts, knowledge of sim-

ilar projects, future prognosis, technical anticipation and more.

3.2 Application of the Theoretical Frameworks

In order to answer the research questions, the theoretical frameworks brought up in Section 2.1, namely SWOT [49] and PEST [50], were applied on the cur- rent eID market. The author conducted a literature review and interviews with actors in the eID market in order to gather the empirical data needed to ap- ply the frameworks. The information research was done through studies with both Nordea and external actors, such as private companies, banks, research projects and more.

The four parameters of SWOT (Strengths, Weaknesses, Opportunities and

Threats) were applied when comparing an inter-domain eID solution to a bro-

ker eID network (e.g. eIDAS). These four SWOT parameters were examined

according to PEST factors, namely Political, Economic, Social and Technolog-

ical. This means that each SWOT parameter contains the four PEST factors.

Results

4.1 SWOT and PEST of Inter-Domain eID - Outcome

The SWOT and PEST methods are applied on the empirical data gathered from the literature review and the interviews, described how in Section 3. This section describes the results of that analysis.

4.1.1 Strengths

The political strengths of an inter-domain eID system in comparison to broker eIDs or national eIDs would be sizable for governmental services. Today, these governmental service providers deal with a great number of identity related problems [51]. The same person could, through a loophole, be considered as two distinct persons by eIDAS [52]. A case of such problem could be the example of an Italian citizen living and working in France. This Italian citizen may already have a national eID in Italy and, because of his residence status in France, also has a French eID. If this person now moves to Sweden and wants to authenticate himself to a Swedish governmental service, in order to e.g. request parental benefits, he could use his Italian eID through eIDAS.

Now, the same person may apply a second time for the parental benefits using his French eID. The eIDAS network may not be able to recognize these two different connections originating from the same person and thus granting the same person a parental benefit again, when in fact he only should be eligible for one instance of the parental benefit. If an inter-domain eID was to be created, where every person gets one identity, and is adopted by every governmental service, then this issue would be solved. The same Italian citizen would not

21

have two different national eID and thus only have one identity. The inter- domain eID would simplify the citizen-government interactions by providing a confident method for the government to make sure of the identify of the citizen.

According to Fagerud [52], if it was possible to remove the broker when conducting cross-country eID authentication, it would yield positive results as flows and connections would not be dependant on an extra layer.

Economically, many companies and services from Europe, such as Klarna, Spotify and Flixbus, have worked around the problem of the nationally frag- mented eID landscape in Europe by enabling authentication through SSO with popular social-media services like Google, Facebook and Twitter. So far, eI- DAS is only available for public governmental services [52], thus excluding private companies from the cross-country eID access. An EU supported inter- domain eID could present an opportunity to attach private companies to cross- country, high LoA, and state approved identification and authentication. Help- ing European people and businesses to transact online will result in an impor- tant push to the European economy. It will enhance the deployment of the European economy’s most important asset: a consistent, single market of 512 million consumers [37]. In Sweden, there are circa 4500-5000 online services, based on 2250-2500 service providers which support the Swedish BankID. Of these, only 500 online services and 300 service providers are governmental based [53]. This shows that the need for a cross-country solution is very much present for private companies.

Socially, the strengths of an inter-domain eID would be to invite people that are not supported by the national eIDs or brokers in to cross-country identi- fication and authentication. National eIDs are typically only available for the national citizens or residents, limiting the use of e-services to the people that are eligible for such national eIDs. The same rules are applied to national bro- ker eIDs, eIDAS is only limited to the citizens of EU, thus with the help of an inter-domain eID, people outside of EU would theoretically also be able to access the services that use such a solution [51] [52]. According to Hagdahl [51], this would be a strong positive aspect of inter-domain eIDs, as the EU is all about not creating borders but rather invite people into the EU collabora- tion.

When it comes to technological aspects, as mentioned earlier many ser-

vices allow the users to authenticate themselves through social media SSO

such as Facebook and Twitter. These social media global authentication sys- tems let’s people use online services without the hassle of creating and man- aging accounts each time they sign on in to new online services. At the same time, global trust in social media is only at 44% [54]. In a study, researchers found out that users, when using social media accounts to authenticate them- selves in other services, were "unable to recognize what data types were passed from identity providers to service providers during the login process" [42], and concluded that the reason is because the information given to users about data sharing is not enough. The authors wrote that the reason for why consent di- alogs are inefficient at informing users is that social media identity providers are not motivated to adequately communicate these privacy concerns to users.

This is because social media identity providers do not increase their revenue by providing better privacy settings, but by having people use these platforms [42]. There are ideas that an EU supported inter-domain eID could remove the power from social media giants [55] and that such a solution would be a more privacy conscious driven than primarily revenue driven solutions.

For service providers that operate in different countries with customers using different national eID to login on different sides of their online services, a broker would not remove the need for technical maintenance for support of each national eID solution. A Swedish user would use his national eID to login to the Swedish side of the service provider, while a Danish user would use his national eID to access the Danish side. An inter-domain eID would remove the need for supporting different national eIDs [56].

4.1.2 Weaknesses

The political weaknesses of an inter-domain eID solution include the fact that each country, even within the EU, has different laws and regulations, which makes the creation and acceptance of a global, cross-country eID very com- plex [38]. Previous EU research projects STORK 1 and STORK 2, which investigated cross-country eID within EU, concluded that it would be very dif- ficult to get the European countries together and agree on a specific technology to use [52].

Another aspect is the issue of different countries not having the same au-

thority that provides and maintains the eIDs. In Sweden, BankID is so far the

only established player in the market and is created and managed by the major

banks. In other countries, such as the United Kingdoms or Estonia, the gov-

ernment is the actor who is the source of the national eIDs. It would be tough

for countries to accept and adopt a foreign eID, especially if its created by a

private actor [52]. This aspect, together with the differences in laws, regula- tions and view on technical solutions is the reason why the EU proceeded with a broker system, eIDAS, instead of an inter-domain eID [52]. But even if an inter-domain eID project would be started today, most EU countries wouldn’t be willing to accept it, as they are already spending time and resources on eIDAS, and they would argue that they are already working on cross-country eIDs through eIDAS [52].

Economically, Cooper [57] argues that for an inter-domain eID to succeed, we would need to establish a considerable multinational organization to create and manage such a solution. Fagerud [52] has a similar opinion, stating that the global mobile operators are well positioned to create a standard in order to decide on how identity information should be handled for an inter-domain eID.

Regarding social aspects, the issue of control over personal data is relevant.

This aspect is not new, but it is aggravated by the rise of different eID solutions which process personal information. Depending on the architectural scheme of the eID system, personal information may be stored in a number of different places and entities. In the case of broker eIDs, personal information is stored in separate national eIDs. In inter-domain eID systems, however, it is stored in one main area [38]. This aspect could be solved if the inter-domain eID system uses a decentralized architectural model for its storage of personal information, such as blockchain based solutions.

Another aspect is the one of global adoption. For example, it may be dif- ficult to access some parts of the world where smart devices or smart card readers are not established [57]. The users in those parts of the world would be complicated to reach, as they often do not have the ability to buy these de- vices. A requirement of smart devices would only lock these users out [57].

Technologically, there are major differences between the identity infras-

tructure between countries. If an inter-domain eID would be created, there

would be significant number of diverse opinions on how to technically de-

velop such a solution. For example, according to Cooper [57], it is completely

unthinkable that the English would accept a unique identifier number for each

citizen, in the likes of the Swedish personnummer or Danish CPR-number. In

England, the identity provider does not know which service provider the user

is connected to. There is an effort to avoid linkability between the identity

provider and the service provider, thus it goes through a proxy in the middle

which separates these two parties [52].

There is also the issue of an inter-domain eID requiring each identity provider, in each country, to be connected to the system. If a low amount of iden- tity providers are connected, then many people will be left out, so in order to have an inter-domain eID that is valuable there is going to be as much iden- tity providers as possible that will be connected to the system, and in return the system has to be adopted by many of the online services that use eIDs to- day. This means that if both these challenges would not be solved, then the inter-domain eID would not be valuable, hindering the users from being able to use the solution.

4.1.3 Opportunities

When it comes to political opportunities, a study concluded that there is a

"lack of a suitable, homogeneous, unambiguous and consistent terminology applied to the eID field has been identified by a series of studies and project deliverables" [38]. There is also a lack of legal taxonomy for eID, not only at European legislation level but also at a national level. In many countries, there is also an absence of legal definition on the concept of identity, and more importantly nowadays, of how an identity can be based in an electronic and online environment [38]. One common inter-domain eID may influence and guide a way to create these definitions and taxonomies.

Economically, according to Klarna, there is a substantial business need for

an inter-domain eID, and service providers with customers in many different

countries would be ready to pay for such service [58]. Freja eID has identified

a market need for an inter-domain eID and has plans to expand their market

territory from their Swedish presence to other countries [59]. They have three

different solutions for different assurance levels, one solutions providing low

LoA, one medium LoA and one higher LoA. They determined that two of their

solutions, namely the low and medium LoA supported solutions are the most

in demand for international expansion, the reason is that for their higher LoA

solution to be launched in other countries, it would need to be approved by the

states of those countries as a national IDs, which would be a time consuming

exercise because of laws and processes that are particularly differing depend-

ing on the country and would only be done if a specific market demand is

determined [59]. The revenue generation business model for an inter-domain

eID depends on the actor behind the solution, and what relation it has with

service providers. If the EU was to create an inter-domain eID, it would be

expected, as it is the case with eIDAS, to be free-to-use. If however, a private

company or a bank creates such system then one revenue model could be the one of Swedish BankID, which mostly brings in money on service providers who pay a small amount for each authentication or e-signature [53].

As to social aspects, according to Filippov [37], governments must use their power to ensure broad distribution of easy-to-use and cross-country eID systems instead of endorsing individual countries to create and enforce na- tional standards. These efforts should build on competition as online authenti- cation procedures should compete to ensure better, more user friendly for cus- tomers, more secure and cheaper adoption for service providers. Done well, this can have a substantial motivational effect. It could provide a boost to the online market, such as the Global System for Mobile Communications (GSM) standards did for telecommunications two decades earlier [37].

When it comes to the technical opportunities, blockchain could be lever- aged to create a decentralized, Self-Sovereign (described more in Section 5.3), inter-domain eID system. Efforts are being done today to test the blockchain technology on EU level. The European Blockchain Partnership (EBP) was started on 10 April 2018 through a joint declaration of EU member states [60].

These member states agreed at the same time to cooperate in the establishment of a European Blockchain Services Infrastructure (EBSI) which will support the delivery of cross-country digital public services, with only the highest de- grees of security and privacy. According to the declaration, the EBP identifies cross-country digital public sector services that could be distributed through a common infrastructure, based on a shared governance model. They argue that digital public services will progressively use blockchain and distributed ledger technology and that blockchain is a great opportunity for Europe and its member states to reevaluate their digital information infrastructure, to endorse user trust and the protection of personal data, to help design new business op- portunities and to establish new areas of leadership which will benefit citizens, public services and companies [60]. According to Suomalainen [55], the in- vestigation of blockchain technology for identity systems is still in an infancy stage and it is not completely clear what path this effort will decide to take.

The goal is to create an inter-domain eID platform for EU citizens in order for

them to authenticate in a cross-country fashion. It might be a competitor to

the eIDAS network, and it would be a reasonable deduction to say that if this

blockchain based inter-domain eID system were to be successful, then it could

replace parts of the eIDAS-system as a tool for cross-country authentication

for EU citizens [55].

4.1.4 Threats

Politically, some governmental regimes would find an inter-domain eID ex- tremely a helpful tool for tracking individuals. Thus, the issue of privacy is very relevant, and with that the question of who will own and have access to the data [57].

The issue of difference in infrastructure in different countries is important.

For example, Sweden has a Population Register for every resident in the coun- try. It includes personal information about every person in Sweden, attributes such as name, personal identity number, place of birth, citizenship, civil status, family members, address, property and more [61]. In many countries within and outside of the EU, they do not have any register with people’s informa- tion, making it more challenging to verify the identities of the residents of those countries [59].

Regarding the business models or the economics, Cooper [57] claims that it would be unsafe with one organization having control over a global identity system, stating that it would be unhealthy for the consumers. Without compe- tition, it would be by definition a monopoly and a with a monopoly, the market will not drive innovation or reduce costs, and the implementations based on user needs would be decided by one organization only [57].

Social and user aspects are important as well, in some countries such as Sweden, the national eID BankID is already immensely well established, with over 7 million users in a country of 10 million inhabitants [44]. In other coun- tries, the use of national eIDs is very low or nonexistent, thus, how would the adoption of an inter-domain eID look like? Would the Swedish users simply abandon BankID for an inter-domain eID? Would people that have never used eIDs be inclined to start using a global one? The needs of people are very dif- ferent from country to country, and creating a global inter-domain eID system would imply a substantial adoption challenge [57].

As to technological factors, the question of type of data stored and where the data is stored is relevant. If the inter-domain eID uses a centralized system of data storage, then it could expose personal information about its users if breached [38]. There is also the issue of dependency on the inter-domain eID.

Assuming that such a solution would be adopted and widely used, if it were

to be attacked and shut down, suddenly a core element of online services’ in-

frastructure would be rendered unusable. These questions should be carefully

thought about as centralized systems of data storage (especially of biometric

data) could be, if intruded, highly risky for individual privacy [38]. From a

security point of view, this inter-domain eID could become target for activists

and organized crime groups would be incredibly interested in such system. It

would be a very desirable target and thus extremely vulnerable and the sheer

expense of protecting such a system would be immense [57].

Table 4.1: Summary of SWOT and PEST outcome

Discussion

The answers to the research questions and its sub-questions are derived by the result from the SWOT and PEST analysis explained in Section 4. Each sub-question is answered in the section below. The subsequent two sections 5.2 and 5.3 are interesting topics that were brought up during the interviews and literature review but did not get covered much in the SWOT and PEST analysis. Lastly, a section about the sustainability and ethics of this work can be found.

5.1 Answering the Research Question

The research question that is asked in the beginning of the thesis is: What are the challenges, benefits and needs, from an orga- nizational perspective, of an inter-domain eID solu- tion?

In order to answer this main question, three sub-questions were asked as well, namely: What are the threats and challenges in proposing an inter-domain eID? What are the benefits of an inter-domain eID solution? What are the needs for an inter-domain eID solution?.

What are the threats and challenges in proposing an inter-domain eID?

There are many factors that make an inter-domain eID difficult to introduce in the market. Laws and regulations variation between different countries is one. Even only in the EU there are enormous differences in laws on identity, privacy, data sharing and identity based systems. This makes it very challeng- ing to make a cross-country inter-domain eID accepted by each state. The laws and regulation differences is one of the reasons why the EU decided to proceed

30

with the eIDAS broker system instead of an inter-domain eID. The aspect of countries having a diverse view on privacy is also important, e.g. the UK not having or wanting a national identification number for its citizens, while in the Nordics it’s an attribute which is well established. More about unique identi- fication can be found in Section 5.2. Yet, even if an inter-domain eID would be created in the EU, member states would not be willing to adopt it because, from their view, they are already working on cross-country identification sys- tems through eIDAS, and adding another solution on top of the eIDAS effort would not be welcomed as there would be a demand for additional work.

Because of the sheer size of an inter-domain eID solution, with users and service providers around the globe, it would only be possible for a considerable multinational organization to create, distribute and maintain such a solution.

The issues of user and identity provider adoption is also relevant, it would be challenging to design a system for users around the globe which have different requirements from such system. The same problem is also present for iden- tity providers, the identity providers in each country would need to connect themselves to the inter-domain eID.

From a privacy perspective, the topic of data storage is important. What geographical location will the data be stored, who will have access and own- ership of the data? On top of that, some regimes and companies want to get hold on such global system in order to track individual. Cooper [57] advocated for Privacy by Design when implementing identity solution, more information about the concept can be found in Section 5.3.

Further, a globally adopted inter-domain eID with one single entity behind it would make a monopoly of the eID space, which could be unhealthy for con- sumers. Likewise, a centralized inter-domain eID would constitute of a single point of information, which will be vulnerable for breaches, and if breached, would shut down important parts of the online infrastructure, considering it will be used for online authentication globally.

What are the benefits of an inter-domain eID solution?

Inter-domain eIDs, in contrast to broker eIDs, would ensure one identity for the user. Today, the same user could connect from different nodes to the same broker eID which may lead the broker to identify the two connections as dis- tinct users. This would not be possible with inter-domain eIDs as everyone will need to have a unique identifier, making the connections from both nodes send out one identifier.

Currently, the eIDAS network is only used for public services by govern-

ments, leaving out online services from companies and organizations, which

represent a big portion of the market. An inter-domain eID accepted by EU public and private services provides could boost the European economy. An- other perspective on the inclusion issue is the one of people which are not presently supported by national eIDs or broker eIDs. An inter-domain eID could present the opportunity of integrating these people.

An inter-domain eID backed by the EU could also lower the domination of social media giants in the cross-country eID arena, providing a privacy conscious and free to use alternative. There is furthermore an opportunity to create a decentralized Self-Sovereign inter-domain eID based on blockchain.

More about this topic can be found in Section 5.3.

What are the needs for an inter-domain eID solution?

An inter-domain eID would remove the need for a company with customers in many different countries to support and maintain different national eIDs for different users in different countries, which is today the reality even with the eIDAS broker system.

There is also a business and economic need for an inter-domain eID. Some service providers are ready to pay for such a solution. As discussed under the second question in this very chapter, an inter-domain eID could open the door into a bigger market for private companies, allowing them to be assured of their customers identity, which is today not the case with eIDAS.

According to Hagdahl [51], there may be a need for an inter-domain eID as a supplement to the national eIDs in Europe, one which could be connected to the eIDAS network and be used as a complement, with a low LoA.

5.2 Universal Identities

According to ID2020 [62], there are over 1 billion people in the world that lack any form of identification including birth registration, which makes it difficult, if not impossible, for these individuals to access basic services, participate as a citizen or voter, or transact in the modern economy. Most of those affected are children and adolescents, and many are refugees, forcibly displaced, or state- less persons [62]. Cooper [57] states that it would be ideal to create one com- mon identity which includes everyone. The World Food Program and the UN Refugee Agency want to create a universal digital identification for every in- dividual [57] which will be based on fingerprints, birth date, medical records, education and more [63] [64]. The United Nations has set a goal for 2030 to

"provide legal identity for all, including birth registration" [65]. Cooper [57]

believes that if we are able to solve the problem for the people that are on the