Singapore s National Digital Identity (NDI):

Transcription

1 Singapore s National Digital Identity (NDI): Leaving no one behind Kwok Quek Sin Director, National Digital Identity Programme Government Technology Agency PART 1 INTRODUCTION TO NDI

2 Better Living For Economy SMART NATION Stronger Communities For Society More Opportunities SINGAPORE For Government 2

3 National Digital Identity to be a cornerstone of Singapore s Smart Nation vision Prime Minister Lee Hsien Loong Aug

4 OBJECTIVES OF NATIONAL DIGITAL ID Transactional Security Ability to associate online activities with real identities More robust than identification based on identity cards Economic Value Reduced business cost from access to higher trust ceilings (e.g. KYC) Paperless productivity New business models from new transactions that can done online. Citizen Convenience Seamless linkage across domains and services Conduct more transactions remotely without in-person presence 4

5 WHAT IS NATIONAL DIGITAL IDENTITY (NDI)? A nationally-available Issued to all residents Can be used for transactions with both public and private sector means for an individual to prove his legal identity Credential associated with a baseline set of identity data attributes from trusted source(s) in the online realm Usable for transactions where identity proof is required and can be made online 5

6 IDENTITY = IDENTITY DATA + CREDENTIAL IDENTITY DATA Core minimum set of data attributes to be able to reasonably uniquely identify an individual In Singapore, this is defined as the set of attributes in the National Register, collected under the National Registration Act: - Legal name - Gender - Date of birth - Race - Address - Blood group - Photo - Fingerprint - Iris Association established during onboarding process OTHER CREDENTIAL Proof of qualification, competence or clearance (e.g. NRIC card, birth certificate) that is associated with an owner, and proves something (e.g. legal identity, birth) about the owner Usually comes with a serial number (e.g. NRIC number, birth cert number) and a subset of identity attributes An individual can have different identities depending on context. Government has an inalienable role in issuing legal identity. 6

7 The Singapore NDI Stack Engineering end-to-end digital experience with the NDI Stack Value-Added Services Open and Interoperable Authentication & Authorisation Secure & Pervasively-Issued Digital Credential Trusted Identity Data Source(s) Examples digital signing services, time-stamp authority, signature validation services digital document vault, digital personal data wallet, SingPass, CorpPass, Soft Token, PKI, Biometrics, Federated ASPs, Digital Signing Gateway National CA, RA, Developers & Partners Portal ICA s national registry, Biohub, MyInfo, EDH, Consent Platform Trusted sovereign Certificate Authorities (CAs) Co-develop with private sector Led by Government

8 ENABLERS TO THE DIGITAL TRANSFORMATION OF OTHER SECTORS Trade & Logistics Healthcare ecommerce Travel & Transport Public Sector Trusted Services Financial Services Small Businesses 8

9 ENABLERS TO THE HEALTHCARE SECTOR Consent for access to Electronic Health Records Patient Identification Healthcare Access to Medisave (patient / family) Hospital Registration Visitor Registration & Entry E-Pharmacy 9

10 ENABLERS TO THE COMMERCE & FINANCIAL SECTOR On demand payment authorisation Digital signing of contracts paperless & presenceless Identity assurance for buyers and sellers Commerce Online customer acquisition Digital Ticketing (tokens) Financial Services Digital payments/identification over kiosks & vending machines Electronic Know-Your Customer (ekyc) Digital signing of contracts paperless & presenceless 10

11 SCOPE OF NDI PROGRAMME Build NDI Infrastructure Review Legal Provisions & Liabilities Balance Security & Usability Drive Pervasive Adoption 5 READY PRINCIPLES TO GUIDE OUR DEVELOPMENT OF NDI 11

12 Focus on User Journey Mobile Soft Token Balance of Security vs Usability #1 READY FOR ADOPTION

13 #2 READY FOR GROWTH Open & Interoperable Industry standards & guidelines Trust framework Clear legislative framework

14 #3 Multiple Form Factors READY FOR Multiple Authentication Factors Multiple Assurance Levels INCLUSION Delegation Biometrics Citizen Connect Centres

15 Benefits of a PKI-based NDI Assurance that only the intended recipient can see the data Confidentiality PKI-based NDI Authenticity Assurance that the sender or recipient is who he/she claims to be Assurance that the data has not been altered Integrity Non-repudiation Assurance that the sender cannot refute that he/she had sent the data

16 Benefits of a Biometrics 1. Resiliency 2. Step-up Authentication 5. Inclusion 3. Proof of Presence 4. Physical Entry 6. Convenience

17 No fail-safe solutions Resiliency in Design Fraud Analytics Diversification & Federation #4 READY FOR FAILURE

18 #5 READY TO CONNECT Cross Border Legislation & Standards Open dialogue with other jurisdiction Cross recognition of digital identities

19 19

20 Thank you Thank You Facebook.com/GovTechSG