nordic egovernment conference 201 - peter lind damkjær
DESCRIPTION
How to roll out a widely used national e-ID in less than a year!TRANSCRIPT
Nordic eGovernment Conference, Dec. 7-8 2011
Peter Lind Damkjær, [email protected]
1
NemIDHow to roll out a widely used national e-ID in less than a year!
Nets A/S
2
• Nets is among the largest companies in Northern Europe in the market for payment cards, payment solutions and the exchange of payment information
• Nets is a leading eID- and PKI-provider
• NemID in Denmark
• BankID in Norway
• Hosting several managed PKI’s for customers
• 2,000 employees
Agenda
• Background
• How does NemID work?
• Results
• Future
3
The Danish eID History
4
2000
Net-ID
OCES I – Digital Signature
2003 2004 2010
NemID
Qualified Certificate Pilots
Requirements
• Security
• Mobility
• Usability
• Frequent use
• OCES
5
Government Financial Sector
• Security
• Usability
• Scalability
• Flexibility
• Fast deployment
• Shortterm certificates
NemID
• NemID is
• A national eID scheme – NOT an identity card
• A digitalization project - NOT a technology project
• Like a hybrid car
• Two technologies with a single user interface
6
User Experience
• UserID
• Social Security No,
• NemID-no or
• chosen username
• Chosen Password
• Challenge: 4 digits
• Response: 6 digits
User Experience - Login
8
User Experience - Signing
9
Results
• 3,000,000+ active users in 9 months
• Supported by all banks
• Supported by all major government sites
• 200+ agreements with 3rd parties
• 1 mill. + transactions per day (513 mill. accumulate)
• 90% bank transactions
• 10% non-bank transactions
10
•3.770.620 users have received NemID code card
•3.469.486 users have activated NemID
•3.434.200 users have accepted use of NemID for non-bank purpose
•2.941.619 users have activated use of NemID for non-bank purpose
11
Deployment Status – 30.11.2011
Reactions
• Press
• VERY big interest
• 2,500+ stories on NemID
• Focus: Usability, Security and Stability
• Criticism from various IT communities
• Mandatory solution for e-banks
• OTP card is too low-tech
• Privacy concerns related to centrally stored private keys
• Privacy concerns related to the signed Java-applet
• Missing initial support for mobile platforms
• Not regulated by Law on Electronic Signatures
12
User acceptance – Web Panel
• 1500 person of age 18+
• 99% know NemID
• 97% have used NemID for web bank
• 84% have used NemID for government sites
• 30% have used NemID for other sites
• 90% are satisfied with NemID
• 8% are not satisfied with NemID
13
Benefits - Examples
• Industrien Pension - Number of member login has doubled in 2011
• KOT - Number of digital application for higher education increased from 14181 (2010) to 37574 (2011)
• SEB - Electronic applications increased from 0% (2009) to 85% (2011)
• Danish Tax Authority – Postage expenses for ”Password reset” reduced by approx. €200.000 for annual tax statement March 2011
14
Add-on
• NemID Code Token
• Launched October 24 2011
• Financed by the users
15
Future
• NemID for companies and employees in companies
• Support for smartphones
• Support for smartcards
• Qualified Certificates
16
Questions?
17