Electronic identification for universities: Building cross-border services based on the eIDAS infrastructure

The European Union (EU) Regulation 910/2014 on electronic IDentification, Authentication, and trust Services (eIDAS) for electronic transactions in the internal market went into effect on 29 September 2018, meaning that EU Member States are required to recognize the electronic identities issued in the countries that have notified their eID schemes. Technically speaking, a unified interoperability platform—named eIDAS infrastructure—has been set up to connect the EU countries’ national eID schemes to allow a person to authenticate in their home EU country when getting access to services provided by an eIDAS-enabled Service Provider (SP) in another EU country. The eIDAS infrastructure allows the transfer of authentication requests and responses back and forth between its nodes, transporting basic attributes about a person, e.g., name, surname, date of birth, and a so-called eIDAS identifier. However, to build new eIDAS-enabled services in specific domains, additional attributes are needed. We describe our approach to retrieve and transport new attributes through the eIDAS infrastructure, and we detail their exploitation in a selected set of academic services. First, we describe the definition and the support for the additional attributes in the eIDAS nodes. We then present a solution for their retrieval from our university. Finally, we detail the design, implementation, and installation of two eIDAS-enabled academic services at our university: the eRegistration in the Erasmus student exchange program and the Login facility with national eIDs on the university portal

DIGITAL IDENTITY MODELLING FOR DIGITAL FINANCIAL SERVICES IN ZAMBIA

Identification and verification have always been at the heart of financial services and payments, which is even more the case in the digital age. So, while banks have long been trusted to keep money safe, is there a new role for them as stewards of digital identity? Governments should, in consultation with the private sector, develop a national identity strategy based on a federated-style model in which public and private sector identity providers would compete to supply trusted digital identities to individuals and businesses. Back then, when the world seemed smaller, slower and more local, physical identity documents were adequate for face-to-face transactions. However, the Internet changed everything. It shrank distances, created new business models and generally sped everything up. From the innovation lifecycle to access to information, processes and the clock-speed on risk, the Internet has accelerated everything. The use of Internet in doing business has grown over the years in Africa and Zambia in particular. As such, the incidences of online identity theft have grown too. Identity theft is becoming a prevalent and increasing problem in Zambia. An identity thief only requires certain identity information to decimate a victim's life and credit. This research proposes to identify and extract various forms of identity attributes from various sources used in the physical and cyberspace to identity users accessing the financial services through extracting identity attributes from the various forms of identity credentials and application forms. Finally, design a digital identity model based on Shannon’s Information theory and Euclidean metric based Euclidean Distance Geometry (EDG) to be used for quantifying, implementation and validating of extracted identity attributes from various forms of identity credentials and application forms, in an effective way

On the design, implementation and integration of an Attribute Provider in the Pan-European eID infrastructure

This paper describes the design and implementation of an Attribute Provider (AP), compatible with the protocol defined in the STORK 2.0 electronic identity European infrastructure that provides cross-border authentication and attribute management in web-based services. Currently, this infrastructure is used as basis in some European countries to implement the recently adopted eIDAS Regulation on electronic identification and trust services for electronic transactions in the internal market. For example, in the e-SENS project the existing nodes of the STORK 2.0 infrastructure are linked to new nodes implementing the eIDAS technical specification, to create a unique interoperability platform. In our work, we considered several key aspects that have been underlined by the National Strategy for Trusted Identities in Cyberspace in USA, e.g. the possibility to incorporate attribute services in identity architectures, the principle of data minimization (provide the minimum set of attributes required so the AP should not overshare as default), and the problem of user consent. We provide also a solution to integrate the proposed AP with an existing database. We believe our work is useful for various identity, attribute and service providers that would connect in the future to the eIDAS interoperability framewor