Upload
others
View
5
Download
0
Embed Size (px)
Citation preview
April 2019
Government Deployment Updates in Asia, and FIDO in Taiwan
Karen Chang, Vice President of Egis Technology
Board Representative, MarCom Committee of FIDO Alliance
| © 2019 Egis Technology Inc. 2
Updates for FIDO & PKI in Asia
China
Korea
Macao
Thailand
India
Taiwan
Hong Kong
• eID by MPS with PKI
• Domain/Regional PKI
CFCA, BJCA, …
• FIDO in Chinese
FCWG
• National eID (UIDAI)
AADHAAR (Fingerprint & IRIS)
• National PKI (CCA)
eMudhra, (n)Code, …
- Financial, Government,
Procurement, …
• Digital Signature Regulation
• Nation eID
NID card & i-PIN
• FIDO in Telecom/Financial/Government and
others
• National PKI (KISA)
NPKI & K-FIDO
Financial, Commerce, Government…
• Digital Signature Regulation
• Private Sector
TWID (Financial Identification with PKI)+FIDO
TWID + Mobile ID
FIDO for Internet Banking
• Government Sector
National FIDO & Government PKI (MOICA for Citizen)
• Telecom (FIDO-based CRM)
• Digital Signature Regulation
• Hongkong Post, Macau Post -
eID with PKI (and FIDO)
• Digital Signature Regulation
• National PKI (NRCA by ETDA)
• eID (not active yet)
• Digital ID Committee
• National Digital ID Co., Ltd
(NDID, Blockchain+MQ)
• ETDA Connect
FIDO/OpenID Connect
• Digital Signature Regulation
Singapore
Malaysia• eID (SingPass)
• eID with PKI and fingerprint (MyKad, …)
• Online Identification Services (TBD)
Japan
• National eID
My Number Card with JPKI
• FIDO in Telecom/Financial/Commerce and others
• Digital Signature Regulation
| © 2019 Egis Technology Inc. CONFIDENTIAL 3
Online Authentication & Identification Services in Taiwan
MOEACAGCA
HCA
MOICAXCA
FIDO2&UAF
☞ Citizen Service
☞ Health Bank
☞ Labor Services
☞ Tax Filing, e-Invoice
☞…
☞ TBD: Decentralized Identification &
Applications(e.g. Blockchain,
Distributed Ledger, …)
National
Citizen
Database
23M18M
5M
28M
☞Needs:
✓ User Experience
✓ Mobile friendly
✓ Strong & Secure
| © 2019 Egis Technology Inc. CONFIDENTIAL 4
Deployment Architecture
INTRANET
(Ministry of Interior)
PC
MOBILEusers
INTERNET
Web server
RP server
RP
server
Web
server
ESB
server
AP
server
FIDO server
(FIDO2+UAF)
DB
server
Firewall
| © 2019 Egis Technology Inc. CONFIDENTIAL 5
PKI-based ID Proofing for FIDO (2019)
On PC’s browser, use MOICA Card or eID Card to request for a code (OTP)
Download App on smartphone
Online Authentication
Platform by MOI
Start registration
Registration 1
2
Input code
on App
3 Enroll on smartphone
with BiometricsDone!
www
Input Code
Last Step…
4 5 6 5 2 4
4
Input Code
4 5 6 5 2 4
Welcome to
Taiwan FIDO Services
| © 2019 Egis Technology Inc. CONFIDENTIAL 6
Online ID Proofing (2020~)
Service Portal
Online ID
Proofing
Fill in basic information1
ID Number Address
Name Telephone
Birthday Email
Upload both sides of ID Card2
Household
Number…
Selfie of Face & ID Card3 Review & Check4 Approval – Issue OTP5
Have Card
Reader?NO
Insert eID Card
www
Input Code
Last Step…
4 5 6 5 2 4
YES
| © 2019 Egis Technology Inc. CONFIDENTIAL 7
Over-the-Counter ID Proofing (2020~)
Present and check dual-identification document and issue OTP Code
Download the client authenticator (App)
1
2
Input OTP Code3 Enroll the biometrics 4
Download
App
456524Code
Registration
Input Code
4 5 6 5 2 4
Welcome to
Taiwan FIDO Services
| © 2019 Egis Technology Inc. 8
Use Case #1: Access to Citizen Service Portal
Identifying…
✓ Identification Services、Human Resource、Household Administration…
✓ Online Application、Resource Monitoring、Auditing Logs、Application Logs, …
Government Cloud Services
Citizen Cloud Services
Citizen Service
Portal
| © 2019 Egis Technology Inc. CONFIDENTIAL 9
Use Case #2: Access Citizen’s My Data
FIDO
Health Bank
request your
approval
Request for
Authentication
Authentication
on App
Authenticated
Access Granted
1
2
3
4
Mobile APP
Health Bank App
User & Device
Login with Password:Need to register
with Health ID Card
Login with Cards:Need Health ID
Card(with passcode) or MOICA Card
TO-BEAS-IS
www.healthbank.com
Welcome to My Health Bank
ID Number: A123456789
Fast Login
| © 2019 Egis Technology Inc. CONFIDENTIAL 10
2. Promotion
& Expansion
1.Deployment
& Pilot • PKI-based ID proofing
• MOI’s citizen services
• Pilots on inter-ministerial services
3.Open &
Popularization
Milestones
2019
2019~2020
2020~2021
2022
• Online ID proofing (Selfie & New eID)
• Central & Local Government
Applications
• Support/work with various PKIs
• Over-the-Counter ID
Proofing
• Support/work with non-
government services
(Telecomm, Finance, etc.)
Online application
rate: 27.6%
Online application
rate: 50%
0.5M users
1M users
3M users
All Rights Reserved | FIDO Alliance | Copyright 2018
| © 2019 Egis Technology Inc. CONFIDENTIAL 11
Related Issues & Challenges
All Rights Reserved | FIDO Alliance | Copyright 2018
01 Account Recovery &
ID Proofing
06 FIDO is complementary
to PKI/eID/Mobile but also
compete to each others
05 FIDO & “Mobile Connect”02 FIDO & PKI
03 Privacy (Inter-applications) 04 FIDO & Federation
• “Class 2”in the APKIC-FIDO white
paper
• TBD: FIDO & Cloud-based PKI
| © 2019 Egis Technology Inc. CONFIDENTIAL 12
Pros and Cons
PKI eIDFIDO
Mobile ID
User Experience
Mobility & Device Coverage
Ecosystem & Openness
Online / Offline Usage
Policy & Regulation
Cost Effectiveness
-- --
QUESTIONS & EXCHANGE
ka re n . c h a n g @ e g i s t e c . c o m