Marta Ienco, Head of the Government & Regulatory affairs, Personal Data
Analyses of the potential of the global digital economy often conclude that advanced economies have the most to gain from digital technology. For example, the World Economic Forum’s ‘Global Information Technology Report 1016’ names 34 of 35 OECD nations in their list of top 50 countries most likely to reap the benefits of emerging technologies and capitalize on the opportunities presented by digital transformation. In contrast, such examinations suggest digital technology will have relatively less impact on infrastructure and services in developing countries. Why? Recent research has found that identity is crucial to accessing next generation services and that developing countries, with their disproportionately high number of unregistered people, are less able to support digital services.
Research by the Evans School Policy Analysis Research Group reveals a number of ways in which identity programmes can support a developing country’s functions and services. Their research found that functions such as elections, finance, health, security and agriculture can all benefit enormously from the presence of identity schemes but that programmes are potentially obstructed barriers of cost, coverage, data management, privacy and harmonisation.
The importance and implementation of identity in a digital environment in developing countries is the subject of the World Bank’s recent report ‘Principles on Identification for Sustainable Development: Towards the Digital Age’. The report aims to fulfill objective 16.9 of the United Nation’s Sustainable Development Goals (SDGs): ‘by 2030, provide legal identity for all, including birth registration’. To achieve this, the paper calls on governments, international organisations, donors and private-sector partners to adopt principles to strengthen legal identification systems and reform paper-based identification systems to digital ones.
The ten principles aim to create inclusive, secure, and trustworthy identification systems that can empower individuals and enhance their access to rights, services, and the formal economy. Endorsed by the World Bank, the GSMA and a wide array of high profile digital and developmental organisations, it lays the foundation for a common approach for how the world’s 1.5 billion unregistered people can obtain an identity in a trustworthy manner.
Broadly speaking, these principles require that identity solutions have universal coverage and accessibility, a secure and sustainable design and protect consumer rights and privacy.
One digital identity solution which meet these requirements is the operator-led solution, Mobile Connect. It is well positioned to serve developing nations for a number of reasons. By using mobile networks, Mobile Connect offers extensive coverage and can be integrated with existing national identity infrastructure and include both old and new devices for the users. It also has a proven track record to enable global interoperabilityand cross-border use.
Mobile Connect will be the centrepiece of this year’s Mobile World Congress where it will feature in a number of keynote speeches, seminars, and demonstrations inside the event’s Innovation City. You can find out more about the event and to register for seminars here.
Principles on Identification for Sustainable Development: Towards the Digital Age is endorsed by: Asian Development Bank (ADB), Bill and Melinda Gates Foundation (BMGF), Center for Global Development (CGD), Digital Impact Alliance (DIAL), GSMA, International Organization for
Migration (IOM), Mastercard, Organization for Security and Co-operation in Europe / Office for Democratic Institutions and Human Rights (OSCE ODIHR), Plan International, Secure Identity Alliance (SIA), UN Refugee Agency (UNHCR), UNICEF, United Nations Development Programme (UNDP), United Nations Economic Commission for Africa and the World Bank Group.
The GSMA’s Marta Ienco, Head of Government and Regulatory Affairs for Personal Data, has been named by identity experts, One World Identity, in their list of top 100 leaders in identity. Published earlier this month, the list identifies the world’s foremost thought leaders in this space as measured by industry clout & influencer status, number of publications, professional speaking engagements in 2016 and time in industry. The list also includes a number of figures that have worked with the GSMA’s Personal Data programme.
Marta Ienco is well known in the industry for playing an influential role in helping the industry form a common approach to digital identity and ensuring that the operator-led solution, Mobile Connect, is compliant with related policy and regulation. She has for example, been vital in ensuring that Mobile Connect was designed in accordance with the relevant guiding principles set out by National Institute for Standards and Technology (NIST), the revised European Payment Services Directive (PSD2) and the Electronic Identification and Electronic Trust Services (eIDAS) regulation.
At this year’s Mobile World Congress, attendees will have the opportunity to engage with greatest challenges and opportunities in forming an industry-wide approach to digital identity in our seminar, ‘The evolving landscape for high security authentication’. This seminar will bring together experts from mobile, payment and retail industries, with particular emphasis on incoming legislation within the EU (PSD2, eIDAS). The seminar will conclude with an industry perspective on how authentication and identity will adapt to disruptive technologies, such as biometrics and blockchain, and how Mobile Connect can play an enduring role as technology advances.
Marta Ienco, Head of the Government & Regulatory affairs, Personal Data
That the future of public services is digital is becoming increasingly apparent in Europe and internationally. Italy, for example, has launched its nationwide Public System for Digital Identity Management, or SPID, which facilitates faccess to e-government and public services by citizens and companies alike and will be available across multiple computing platforms. SPID has already been adopted by many of the nation’s universities and 3,300 municipalities, while all of Italy’s public administrations are due to offer SPID-based services by the end of the year. Finland’s government is acting in concert with mobile operators to encourage wholesale migration of services online, driving uptake in a country where more than 90% of the population have both a mobile device and internet access. In the UK, the government’s GOV.UK Verify initiative verifies identity through certified companies, enabling citizens to access a variety of public services such as welfare applications, tax returns and reporting medical conditions. Perhaps the most striking example at present is Estonia which, by issuing every citizen with an eID at birth, has been able to offer fully 99% of its public services online. Consequently, hospital queues have dropped by a third, and police work has become a staggering fifty times more efficient.
These are just a few of the national identity initiatives that have sprung in Europe over recent years. But there are also a number of pan-European regulations designed to accelerate the uptake of digital identity services amongst Member States. One such milestone is the EU eIdentification and Trust Services (eIDAS) Regulation which enables citizens and businesses to use national digital identity solutions to access public services in other EU countries. The revised Payment Services Directive (PSD2) also opens up multiple opportunities for third parties – such as Mobile Network Operators – to provide identity attributes and authentication in the payments space. Importantly, PSD2 aims to mandate for secure strong customer authentication, which will improve consumers’ protection for online payments and that mobile operators are in a good position to deliver seamless and without frictions.
There remains, however, much to be done to bring this digital future into being across Europe. For public sector services, in October, the European Commission published the e-Government Report for 2016, its benchmarking survey on the state of digital services across the EU. It finds that while 81% of services in EU countries are now available online, growth across member states is highly uneven, with a significant number lagging behind in adoption and quality. Crucially, a lack of mobile-readiness in e-government services has proved a barrier to accessibility. The report finds that, while the use of mobile devices to access the internet has taken off in earnest over the last five years, “still only 1 in 3 public websites is ‘mobile-friendly’.”
The implications for efficiency are discouraging. For instance, the number of e-government services using simple authentication services as databases to pre-fill online forms has grown by only 2%, bringing the total to still less than half, at 49%. Cross-border services were shown to inhibit business mobility, with 25% of those required by foreign entrepreneurs being wholly offline, requiring a physical encounter for completion. The number of automated services was found to be wholly static, remaining stable at 3% of all services since the first measurement. The authors therefore urge “an acceleration in order to keep up with private sector, and citizens’ expectations”. As was made clear in the report’s findings, digital identity is a key enabler for both public and private sector services but is not yet being used to its full potential.
The need for harmonisation of standards in digital identity is recognised beyond Europe. National eID initiatives have been brought forward in Canada, India, Australia and New Zealand; the direction of travel is clear, but for the journey to be completed, users’ expectations must be met in a coherent way both within and between national contexts.
In early November, the 54th session of the United Nations Commission on International Trade Law (UNCITRAL) Working group IV on Electronic Commerce in Vienna, building on the preparatory work of the its first colloquium, reached broad consensus on the fundamental importance of addressing the legal issues for identity management and trust services for electronic transactions, with the aim of improving international trade and commerce by removing legal obstacles and enabling international cross-border interoperability
The National Institute of Standards and Technology (NIST) in the US is also reviewing two important public consultations. One on Developing Trust Frameworks to Support Identity Federations, and a more extensive special publication guiding the industry on Digital Authentication. This resource aims to facilitate agreements between communities in the development of federated identity frameworks – and thereby accelerate the pace of digitisation in services through enhanced public trust in their security – through four guiding principles concerning privacy, security, interoperability and accessibility. Indeed, these criteria seem to be the bedrock for many national ID schemes, and are providing the basis for which the private sector can develop solutions that can work on a global scale.
One such solution developed by the private sector, Mobile Connect, is well-placed to aid this growing move towards harmonisation on a global scale. Its design, for example, is in accordance with the relevant guiding principles set out by NIST, eIDAS and PSD2. Last year, Mobile Connect was successfully trialled in cross-border authentication for public sector services. The trial was the first of its kind to be fully compatible and in line with eIDAS Regulation and was applauded for its successful results.
Because Mobile Connect gives the user control of who they share their data with, it maintains the maximum level of privacy that can be afforded to the user. And as an operator-led solution, it places data in the hands of those best-able to monitor and identify potentially fraudulent activity. The GSMA report ‘Mobile Connect: Mobile High-Security Authentication’, explains how Mobile Connect can deliver improved security and privacy for consumers authenticating themselves online and authorising digital transactions, and how the solution will evolve in future.
As the demand for digital services grows, private sector service providers and governments will increasingly feel the need for an interoperable identity solution that can be used securely and conveniently anywhere on the globe. Mobile Connect’s utilisation of a mobile, the piece of technology the vast majority carry on them as a matter of course, offers as much convenience and accessibility as can be hoped for.