An increasing number of European countries are instituting e-ID programs, begging the questions: Are there any pilots in place to move away from smart cards and put these credentials on mobile devices? Moreover, what are the obstacles associated with placing mobile credentials their use for secure online identity?
Avisian’s own Zack Martin posed these questions to Gemalto, and Manfred Kube, director of Business Development mHealth at CINTERION— a Germany-based Gemalto company— has responded.
Kube explains that the jump to mobile entails quite a bit of trust associated with the mobile platform and our devices — something that Kube feels we as a society must be totally prepared for a mobile e-ID program to be successful.
That being said, Kube reveals that pilots are not only a reality, but there are already a number of commercial deployments and federal programs using mobile ID (m-ID). Finland, Moldova and Oman have already deployed, or are in the process of deploying, an m-ID infrastructure.
Kube explains that securing m-ID hinges on the assurance that the mobile device is wirelessly connected to the same Public Key Infrastructure (PKI) as is an e-ID card. Likewise, to retain the same level of security provided by a smart card, Kube stresses that the information must be placed on a PKI SIM card.
As Kube points out, however, all NFC-enabled SIMs double as PKI SIMs, meaning anyone with an NFC-enabled device can safely carry their ID on their phone with the same level of security and assurance as if the credential were on a smart card.
There are some obstacles associated with m-ID adoption, but as Kube explains, the improvement and adoption of NFC technology is breaking down these barriers. Kube and Gemalto expect to see many more m-ID deployments in the coming years, largely as a result of the increasingly vital role mobile devices play in our everyday lives.