Nordic eGovernment Conference, Dec. 7-8 2011

Peter Lind Damkjær, pldam@nets.eu

1

NemIDHow to roll out a widely used national e-ID in less than a year!

Nets A/S

2

• Nets is among the largest companies in Northern Europe in the market for payment cards, payment solutions and the exchange of payment information

• Nets is a leading eID- and PKI-provider

• NemID in Denmark

• BankID in Norway

• Hosting several managed PKI’s for customers

• 2,000 employees

Agenda

• Background

• How does NemID work?

• Results

• Future

3

The Danish eID History

4

2000

Net-ID

OCES I – Digital Signature

2003 2004 2010

NemID

Qualified Certificate Pilots

Requirements

• Security

• Mobility

• Usability

• Frequent use

• OCES

5

Government Financial Sector

• Security

• Usability

• Scalability

• Flexibility

• Fast deployment

• Shortterm certificates

NemID

• NemID is

• A national eID scheme – NOT an identity card

• A digitalization project - NOT a technology project

• Like a hybrid car

• Two technologies with a single user interface

6

User Experience

• UserID

• Social Security No,

• NemID-no or

• chosen username

• Chosen Password

• Challenge: 4 digits

• Response: 6 digits

User Experience - Login

8

User Experience - Signing

9

Results

• 3,000,000+ active users in 9 months

• Supported by all banks

• Supported by all major government sites

• 200+ agreements with 3rd parties

• 1 mill. + transactions per day (513 mill. accumulate)

• 90% bank transactions

• 10% non-bank transactions

10

•3.770.620 users have received NemID code card

•3.469.486 users have activated NemID

•3.434.200 users have accepted use of NemID for non-bank purpose

•2.941.619 users have activated use of NemID for non-bank purpose

11

Deployment Status – 30.11.2011

Reactions

• Press

• VERY big interest

• 2,500+ stories on NemID

• Focus: Usability, Security and Stability

• Criticism from various IT communities

• Mandatory solution for e-banks

• OTP card is too low-tech

• Privacy concerns related to centrally stored private keys

• Privacy concerns related to the signed Java-applet

• Missing initial support for mobile platforms

• Not regulated by Law on Electronic Signatures

12

User acceptance – Web Panel

• 1500 person of age 18+

• 99% know NemID

• 97% have used NemID for web bank

• 84% have used NemID for government sites

• 30% have used NemID for other sites

• 90% are satisfied with NemID

• 8% are not satisfied with NemID

13

Benefits - Examples

• Industrien Pension - Number of member login has doubled in 2011

• KOT - Number of digital application for higher education increased from 14181 (2010) to 37574 (2011)

• SEB - Electronic applications increased from 0% (2009) to 85% (2011)

• Danish Tax Authority – Postage expenses for ”Password reset” reduced by approx. €200.000 for annual tax statement March 2011

14

Add-on

• NemID Code Token

• Launched October 24 2011

• Financed by the users

15

Future

• NemID for companies and employees in companies

• Support for smartphones

• Support for smartcards

• Qualified Certificates

16

Questions?

17