Efficient, broad-based solution for a Swiss digital ID

Similar documents
ETSY.COM - PRIVACY POLICY

in a National Service Delivery Model 3 rd Annual Privacy, Access and Security Congress October 4, 2012

Village Software. Security Assessment Report

Clarity on Cyber Security. Media conference 29 May 2018

ECA Trusted Agent Handbook

Guidance for Exchange and Medicaid Information Technology (IT) Systems

Privacy Statement for Use of the Certification Service of Swisscom (sales name: "All-in Signing Service")

The types of personal information we collect and hold

Beam Suntory Privacy Policy WEBSITE PRIVACY NOTICE

Recruitment Privacy Notice

Privacy notice. Last updated: 25 May 2018

PRIVACY POLICY. What personal data we collect and why we collect it IN ORDER TO: (Date of last update: 1 st January 2019)

Operator cooperation in South Korea has created a successful identity solution. SK Telecom South Korea

Important Information

POMONA EUROPE ADVISORS LIMITED

MOBILE.NET PRIVACY POLICY

Privacy Policy I. COOKEVILLE COMMUNICATIONS PRIVACY POLICY II. GENERAL PRIVACY GUIDELINES

Cross-Operator Identity Services. 13. January 2012, Telekom Innovation Laboratories

Secure Messaging Mobile App Privacy Policy. Privacy Policy Highlights

You can contact us about any questions, comments or requests you may have regarding this privacy policy using the details below:

FTTH Regulation in Switzerland

CONNECT TRANSIT CARD Pilot Program - Privacy Policy Effective Date: April 18, 2014

About Mark Bullock & Company Chartered Surveyors

Trusted National Identity Schemes. Coralie MESNARD

National Strategy for Trusted Identities in Cyberspace

It applies to personal information for individuals that are external to us such as donors, clients and suppliers (you, your).

CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT APRIL, SKOPJE

Securing Americans Identities: The Future of the Social Security Number

Privacy Policy of

DROPBOX.COM - PRIVACY POLICY

CHAPTER 13 ELECTRONIC COMMERCE

SANMINA CORPORATION PRIVACY POLICY. Effective date: May 25, 2018

SAFE-BioPharma RAS Privacy Policy

MUTUAL RECOGNITION MECHANISMS. Tahseen Ahmad Khan

REAL RENTS PROPERTY MANAGEMENT LTD PRIVACY NOTICE

PRIVACY NOTICE. What Information Is Collected and How Is It Collected? Last Updated: May 21, 2018

HF Markets SA (Pty) Ltd Protection of Personal Information Policy

GDPR Compliant. Privacy Policy. Updated 24/05/2018

Privacy & Cookie Statement

1) The Definition of Personal Data, the Legal Basis of Data Processing, the Concepts of Data Controller and Data Processor

Privacy Policy. Effective as of October 5, 2017

ISSUES FOR RESPONSIBLE USER-CENTRIC IDENTITY

VIACOM INC. PRIVACY SHIELD PRIVACY POLICY

GDPR: A QUICK OVERVIEW

Magento GDPR Frequently Asked Questions

Elders Estates Privacy Notice

Guidance In Situ Pre-Approval Controlled Functions (PCFs): Confirmation of Due Diligence undertaken

Oracle Banking Digital Experience

CURTIS BANKS LIMITED. Privacy Information Notice. curtisbanks.co.uk

Sri Lanka THE JOURNEY OF TOWARDS A CREATIVE KNOWLEDGE BASED ECONOMY

Protecting your Privacy Winchester Cathedral Privacy Notice

INNOVENT LEASING LIMITED. Privacy Notice

Legal framework of ensuring of cyber security in the Republic of Azerbaijan

MASAS. Overview & Backgrounder Document. Consultation Package. CanOps

The Mission of the Abu Dhabi Smart Solutions and Services Authority. Leading ADSSSA. By Michael J. Keegan

Digital Solutions. January, 2016

Case Study: myaccount

YANDEX N.V. FORM 6-K. (Report of Foreign Issuer) Filed 12/13/17 for the Period Ending 12/13/17

Can eid card make life easier and more secure? Michal Ševčík Industry Solution Consultant Hewlett-Packard, Slovakia ITAPA, November 9 th, 2010

Privacy Notice. Lonsdale & Marsh Privacy Notice Version July

Identity Management: Setting Context

Privacy Statement. Your privacy and trust are important to us and this Privacy Statement ( Statement ) provides important information

KISH REMARKS APEC CBPR NOV 1 CYBER CONFERENCE KEIO Page 1 of 5 Revised 11/10/2016

2. Who we collect information (data) from & why we collect it

Resilience, Responsibility, Responsiveness Towards a Future-oriented, Sustainable World Economy. B20 Recommendations on Digital Trade

Data Protection in Switzerland Update Following the Safe Harbor Decision. 21 October 2015 / 6 February 2016 Christian Wyss

Robert Bond. Respecting Privacy, Securing Data and Enabling Trust a view from Europe

NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY

Harmonisation of Digital Markets in the EaP. Vassilis Kopanas European Commission, DG CONNECT

GUIDE TO OPEN A JOINT PARTNER ACCOUNT

Privacy Policy. Data Controller - the entity that determines the purposes, conditions and means of the processing of personal data

Privacy Statement for Use of the Trust Service of Swisscom IT Services Finance S.E., Austria

Consolidated Privacy Notice

OPINION ON THE DEVELOPMENT OF SIS II

Business Model for Global Platform for Big Data for Official Statistics in support of the 2030 Agenda for Sustainable Development

Canadian Anti-Spam Legislation (CASL) Compliance Policy. 2. Adopt Canadian Anti-Spam Legislation (CASL) Compliance Policy.

8. AUTOMATED DECISION MAKING DURING DATA PROCESSING FURTHER INFORMATION FURTHER INFORMATION AND GUIDANCE CONTACT US...

Cyber Security and Cyber Fraud

[Utility Name] Identity Theft Prevention Program

General Data Protection Regulation (GDPR)

OUR PRIVACY POLICY. 1. Our Privacy Principles. 2. Information that We Collect from You. Last Updated: May 25, 2018

European Union Financing Mechanisms for ICT in Latin American context

This website is managed by Club Systems International on behalf of the Hoburne and Burry and Knight Groups.

FOOT LOCKER PRIVACY POLICY

NATIONAL REGISTRATION DATABASE (NRD ) : HOW TO MAKE AN INITIAL APPLICATION

Information memorandum. SUNČANI HVAR d.d.

KSi Malta Privacy Policy

Workday s Robust Privacy Program

Oracle Banking Digital Experience

VERSION 1.3 MAY 1, 2018 SNOWFLY PRIVACY POLICY SNOWFLY PERFORMANCE INC. P.O. BOX 95254, SOUTH JORDAN, UT

Comprehensive Application Form

EDENRED COMMUTER BENEFITS SOLUTIONS, LLC PRIVACY POLICY. Updated: April 2017

RETIREMENT ACCOUNT APPLICATION FORM. Share Dealing

We collect information from you when You register for an Traders account to use the Services or Exchange and when You use such Services. V.

PRIVACY. YOUR DATA. YOUR TRUST.

It s still very important that you take some steps to help keep up security when you re online:

DLB Privacy Policy. Why we require your information

Data subject ( Customer or Data subject ): individual to whom personal data relates.

Shaw Privacy Policy. 1- Our commitment to you

The Honest Advantage

Transcription:

Press release November 21, 2017 Government and private sector produce joint solution Efficient, broad-based solution for a Swiss digital ID The people of this country should have a simple, secure and unambiguous way of verifying the identity of whoever they are dealing with in the digital world. Some of Switzerland s leading companies have decided to work together to create a trusted Swiss brand for E-ID, laying the foundations for a solution made by the private sector, but certified by the state. These companies are Swiss Post, SBB, Swisscom, UBS, Credit Suisse, Raiffeisen, Zürcher Kantonalbank, financial services provider SIX and Schweizerische Mobiliar. They have all signed a memorandum of understanding to establish a joint company that will create and implement a digital ID for the people of Switzerland. This new company, SwissSign Group AG, will integrate the activities of existing firm SwissSign AG from January 2018, and continue to develop the SwissID solution. Its aim is to make digital IDs more efficient, more user-friendly and simpler, and to promote their use nationally and internationally. This division of responsibility between government and the private sector accords with the Federal Council s intentions as set out in the draft Federal Law on Electronic Identification Services. A SwissID will allow Swiss people to navigate safely and securely through an increasingly digital world and to use online services more easily. Data protection is the highest priority: control over the way the data is utilized will always rest with the user, and data protection will be guaranteed at all times. In Switzerland, people can currently prove their identity with a passport, identity card or driver s license; but these forms of proof are very cumbersome for internet transactions. Hence the need for an electronic proof of identity that allows websites, for example, to identify and authenticate an electronic ID holder unambiguously. The joint company being announced today will develop an open, non-discriminatory ID system that fully complies with all data protection rules, and that safeguards the privacy of every individual. The founding partners of SwissSign Group AG are a broad-based consortium of sponsor firms, which between them already count much of the Swiss population as their customers. In addition to a total of approximately 6 million users, the partners bring their own existing verification methods to the process of developing a new system. Similar partnership models have already been used in, for example, Sweden, Norway and Denmark.

Joint company to develop an open, transparent system With the SwissID solution, Swiss Post and Swiss Federal Railways (SBB) are bringing the activities they pursue through SwissSign AG into the new company. They will hold an ownership stake in this company alongside Swisscom, UBS, Credit Suisse, Raiffeisen, Zürcher Kantonalbank, financial service provider SIX and Schweizerische Mobiliar. The new company s management team will be made up of the managers of SwissSign AG. Markus Naef has been appointed CEO. The new company will continue to develop the existing SwissID solution. It will uphold the acknowledged standards for digital IDs, ensure cross-border interoperability between different E-ID systems and be non-discriminatory, open and transparent in its dealings with new partners, users and other technologies. No cost for the user, data protection is central For private individuals, use of the digital ID will be simple, secure and free of charge. The company will be financed through a compensation model funded primarily by online service providers. The current system is expensive because almost every individual provider has its own identification process. Online commercial and administrative processes can be structured and executed much more efficiently if there is a single, widely accepted, widely usable digital identification solution. The organizations involved believe that the new model will not only meet user needs, but will also make online transactions much simpler and cheaper for every business involved in online commerce. Protecting customer data is central: control of personal data remains exclusively with the user, and data protection will be maintained in full. Discussions with the Federal Data Protection and Information Commissioner (FDPIC) were started at an early stage. He regards the project as a high priority and welcomes the fact that SwissSign will provide his agency with a single point of contact. Government plays an important role The state continues to play a central role in the implementation of digital IDs in accordance with the E-ID Law. The federal government sets the legislative framework, as well as certifying and monitoring the E-ID system; and the government alone can define and verify state IDs. In addition, as major service providers the federal government, cantons and municipalities help encourage the use of digital IDs. For a simple explanation of digital IDs: ((video link)) Media contacts: German-speaking Switzerland: Western Switzerland and Ticino: Dr. Victor Schmid, 079 350 05 37 Marie-Hélène Hancock victor.schmid@konsulenten.ch 079 204 21 22 Dr. Matthias Knill, 079 218 16 30 marie-helene.hancock@konsulenten.ch matthias.knill@konsulenten.ch

Additional information on the development of a Swiss digital identification solution Essential for a digital society It is becoming increasingly common for business processes and agreements between individuals to be arranged and executed digitally. If transactions, especially more complex ones, are to take place securely online, it is essential that business partners and individuals are able to trust that the person they are dealing with is who they say they are. This requires a digital identification solution (E-ID) that, like a passport or identity card, unequivocally verifies the identity of the person and the validity of the personal identification data (e.g. first name, surname, date of birth) needed for the process concerned. The following use-cases show how SwissID supports the digitalization of processes and makes day-to-day digital life easier for users: - With SwissID, the user only needs one password to log in securely to a variety of online services - With SwissID, users identify themselves online, confirm their identity and, if necessary, provide further information, such as their age - With SwissID, users can fill in their tax return, sign it and send it directly to the Tax Administration, all online and all seamlessly - With SwissID, the user can enter into contracts online using a legally binding signature - With SwissID, users confirm their creditworthiness while shopping online - With SwissID, users actively release their data to selected online service providers and manage it centrally in one location By establishing a joint company, the initiating organizations are fulfilling the aims of the Federal Council, which recently proposed in the draft Federal Law on Electronic Identification Services (E-ID Act) that responsibilities be shared in this way between state and market. The consortium explicitly welcomes the Federal Council s proposal. By sensibly pooling the available expertise and sharing the job between state and private sector, a common digital ID can now be created for Switzerland. This will allow the people of Switzerland to identify themselves safely online, and ensure efficient exchange of the identification attributes (personal data) required to verify their identity. With these foundations in place, users will be able to sign contracts electronically, and complete e-commerce and e- government transactions securely. Use of the E-ID will be free of charge for the end customer. Efficient implementation The new company is backed by an experienced group of founding partners that already count much of the Swiss population as their customers and that can leverage their own existing verification methods, putting them in an excellent position to develop an efficient new digital identification system for Switzerland. Bank customers in particular are already issued with authentication tools, and are experienced in using such identification processes for e-banking.

Swiss Post and SBB will now very quickly be able to provide their customers and users with a confirmed identification solution based on SwissID. At the end of October, Swiss Post successfully launched a pilot project with 3,000 customers to integrate a SwissID into their customer login. Around 1,000 had already been migrated within 10 days. Once the pilot is complete, the number of customers that can link their login to a SwissID will be increased in stages. Solutions for providers of online services, such as online shopping and travel facilities, should soon be followed by E-IDs for simple e-government applications and for access to selected bank and insurance company services. Success factors The trust and acceptance essential to the success of any digital identification scheme are ensured by two things. Firstly, organizations issuing E-IDs are supervised by the government, as is the way data is used. Secondly, the consortium partners have great experience in processing and storing personal data to the highest security standards. Private organizations provide the digital IDs, while the government recognizes, regulates, controls and monitors. Sweden, Norway and Denmark have proved the success of this model. It facilitates an efficient division of labor between the market and the state, while simultaneously ensuring that the Identity Providers (IdPs) meet strict standards. This model is broadly in line with the one used by the EU; given the desirability of international interoperability, this is very important. Currently in the digital world, nearly every single provider has a different procedure for verifying identities a very costly situation. With a widely accepted, widely usable means of electronic identification (e-id) in place, commercial and administrative processes can be structured and processed much more efficiently. High security standards Security requirements for the issue and use of E-IDs can vary in strictness depending on the type of transaction involved. Consequently, the draft law envisages three different levels: low, substantial and high The operator of an online service should be able to decide which level of security is required for which application. For e-government services, the level will be defined in the legislation that governs each application. The licensing agency will regularly check to ensure that service providers adhere to the specified processes and technical standards. If the organization passes the checks, a license can be granted or extended. SwissSign Group AG will now very quickly be able to provide its customers and users with a confirmed identification solution based on SwissID. Solutions for providers of online services will follow soon: E-IDs for e-commerce solutions, simple e-government applications, access to selected bank and insurance company services, etc. The use of E-IDs for e-health and e-banking is more demanding, and it will probably take longer before reliable solutions are available in these areas.

It should be possible to issue electronic ID, guaranteed by the state, for two categories of people: firstly for Swiss citizens who have a valid Swiss passport at the time the ID is issued; secondly for foreigners with residence permits who also have a valid foreign passport at the time of issue. However, the new company will also offer individual E-IDs to a third category of person, e.g. those with other forms of identification cross-border commuters, for example who want to use their E-ID to make purchases in Swiss e-shops. Acceptance thanks to government supervision The state plays a central role in the introduction and operation of the E-ID. As well as defining the legal basis for the E-ID, it remains responsible for identification data, and for certifying and monitoring Identity Brokers. It also provides the interfaces to government databases. The federal government, cantons and municipalities are also important service providers, helping to broaden the use of the E-ID. Companies involved in the system don t take on any of the government s responsibilities, but they do make their identification and authentication systems available to other private and public-sector bodies. The scheme will comply in full with the applicable data protection regulations. Discussions with the Federal Data Protection and Information Commissioner (FDPIC) were started at an early stage. He regards the project as a high priority and welcomes the fact that SwissSign will provide his agency with a single point of contact. The E-ID ecosystem The implementation of a digital ID for Switzerland is based on a system where the individual person applies for a personal digital identity (E-ID) from an Identity Provider (IdP), which can be a bank, another type of company or a government agency. In order to issue an E-ID, this Identity Provider compares the individual s data with the identification elements held on public registers. Control of the data always rests with the individual, who decides which identity attributes to disclose. Armed with her or his personal electronic identity, the person can now identify themselves unequivocally in digital transactions with any service provider ( Relying Party ), whether this is a retailer, an e-commerce company or the local municipal authority. The Relying Party verifies the identity of the individual person with an Identity Broker, which ensures interoperability, thus enabling a Relying Party to access the E-ID. The broker solution will be based on the new SwissID standard. The simplicity and speed of this verification is the key to guaranteeing a positive customer experience. As the licensing body, the federal government creates confidence in the system by legitimizing Identity Brokers.

Main features of the digital ID: NECESSARY...for digitalization, so electronic personal IDs can be used securely in Switzerland, and electronic dealings with public and private sector entities can be simplified. E ID Switzerland a secure, efficient, widely accepted digital ID EFFICIENT...thanks to experienced backers that already have much of the population as customers and so can use their existing verification processes SECURE...thanks to state regulation and Swiss partners with proven high security standards. Storage of personal data in Switzerland creates trust. Control of the data remains with the individual. ACCEPTED...thanks to a sensible division of responsibilities between state and private sector. State legitimation and state supervision of data and processes creates trust and acceptance For a simple explanation of digital IDs: www.swisssign.com/en/media

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback