Resources
Identity Use Cases & Scenarios.- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- D4.1: Structured account of approaches on interoperability.
- D4.2: Set of requirements for interoperability of Identity Management Systems.
- D4.4: Survey on Citizen's trust in ID systems and authorities.
- D4.5: A Survey on Citizen’s trust in ID systems and authorities.
- D4.6: Draft best practice guidelines.
- D4.7: Review and classification for a FIDIS identity management model.
- D4.8: Creating the method to incorporate FIDIS research for generic application.
- D4.9: An application of the management method to interoperability within e-Health.
- D4.10: Specification of a portal for interoperability of identity management systems.
- D4.11: eHealth identity management in several types of welfare states in Europe.
- Profiling.
- Forensic Implications.
- HighTechID.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D4.2: Set of requirements for interoperability of Identity Management Systems
 |
FIDIS REQUIREMENTS FOR USERS, GOVERNMENTS AND MERCHANTS |
 |
Requirements for users, governments and merchants
Different requirements have to be taken into account:
For the users
For the users to accept IMS, it will be important that there is a correct balance between the ‘automatic’ interoperability of identity and the control that users desire to exercise over the use of their identity. In any case, privacy and anonymity are key factors for the interoperability of IMS for users.
Another aspect is transparency. What is important is that the solution is easy to understand and not too sophisticated technologically because most people, for instance, use their paper-based driving licence for identification purpose and that has been true for more than a generation (Leitold)
In the same vein, for Følstad, the most important and challenging issue with electronic identities is users’ understanding. Users are accustomed to physically signing papers, handling ID cards, and being asked for forms of identity in stores or other service outlets. In the electronic environment, users are not always aware of when they are releasing information about themselves, or how much information is being released. As such, there is a tendency to over-release when asked for ID online. It is therefore important to be sure that people know what they are doing when using eIDs. Therefore, when people’s entitlement is affected, there can be inappropriate gains and losses in the market that negatively affect trust and participation by users (Sel).
The closely related problem to people’s understanding of eIDs is that these need to be easy enough to use. If users are bothered too much with the management or handling of eIDs, they are not going to have any incentive to use them over conventional IDs.
Mr Drew thinks that in addition to the development of potentially massive number of unique IDs, people are going to want to have multiple IDs per person. This has to do with a desire for anonymity, but also to do with the inherent nature of people to act in different capacities throughout their lives. Those who have a job, a private life, and possibly multiple social commitments, are actors in multiple environments, all of which need separate IDs both to protect their privacy, but also to differentiate their level of access to data in different capacities to avoid conflict of interest situations.
For the governments
To reach an efficient level of interoperability, the services of the government need to be coordinated efficiently. Coordination seems to be a key element of the development of interoperability for the governments.
As for the users, transparency has also been pointed out by experts as an important element for governments. It is of extreme importance for the success of an interoperable citizen card that the users in the government agencies trust the system, see a clear advantage in it and find the solution as an improvement for doing their daily work. If we want to have a further integration of the EU 25 member eID solutions, it will only be possible if the integration can be achieved by adding additional connectors centrally. If the integration of other eID solution also requires adoption of all the locally installed client solutions, the integration would not be possible because of the high cost and complexity. (Leitold)
One of the additional requirements is that the technical tools and means need to be available in order to realise interoperability.
For the merchants
Several requirements are expected on the merchants’ side:
-Merchants require from an IMS system its security and reliability. Some companies may use an internal IMS, which is designed to offer accountability and quality assurance within the company - two essential requirements. The IMS creates mutual trust and quality assurance within the global company. However, although national eID could be used internally, it is probably not going to be used for the whole external system. (Marc Sel)
-Companies are usually very much under pressure to be cost-efficient. Therefore, businesses should be able to capitalise where possible on the progress of the government in the establishment of IDMs. Such progress could be, for example, the establishment and the issuance of eID cards. Other (public) institutions could also develop such tokens. Credit cards do not seem to be a valuable alternative for such IMSs. Although the use of a credit card is widespread, one cannot expect or require every individual to hold one
| |
   |
|
| Denis Royer | 14 / 43 |
