Federated Identity: A shift in Digital ID methodologies
Today identities are managed in silos.
End-users multiply local accounts with public and private service providers' websites and accumulate unsafe logins/passwords.
The weaknesses of those fragmented and siloed identities schemes have paved the way for those last years for new pioneer ID federation initiatives in many countries, that have met broad public/private service providers and citizens adoption.
Federated identity is typically accomplished using open standards, allowing for a great deal of interoperability between otherwise disparate public organizations and systems.
It is also used within the public sector to provide single sign-on (SSO) allowing citizens' access to multiple systems and public services online portals without needing to login to each individually.
Thales Digital ID Services Platform in a nutshell
To be successful and win citizens' adoption, digital identity programs should provide secure, trusted access to eServices with a simple, reliable and straightforward process.
Thales Digital Identity Services Platform was designed as a powerful and modular digital identity orchestra conductor to address those exact needs and enable governments to offer their citizens fast and secure access to digital services.
As such, the comprehensive back-end platform offers a full suite of features and services including:
- Identification/Registration services
- Digital ID Life-cycle Management Services
- Identity federation Services
- Strong Authentication Services
- Digital signature services
Federated Identity Services: The Federated Identity feature enables the identity provider (IdP) to offer citizens a single, integrated and harmonized access point to an array of public eServices from a single secure connection. This one-stop-shop SSO unified authentication to government services portal is based on Identity Federation Standard Protocols SAML 2.0 as well as Open ID Connect.
Strong Authentication Services: The platform supports strong and multi-factor authentication (MFA) to enable the Identity Provider to secure access, identities, and interactions between citizens and online public and private service providers.
Versatile, the solution can manage one of the broadest range of authentication methods and form factors available on the market, including PKI eID cards, Gemalto Mobile ID Smart App and Gemalto Digital ID Wallet to secure access to any services from any device.
Such versatility allows governments to be inclusive and have a solution that is adapted to each citizen's profile.
Supported authentication methods also include context-based authentication combined with step-up capabilities, OOB, one-time password (OTP) and certificate-based solutions.
Form factors include smart cards, USB tokens, hardware tokens, and mobile ID app.
Digital Signature Services: Citizens and businesses can, through the platform's digital signature services, sign documents online and are guaranteed the authenticity and integrity of the signed contents.
Adaptable Trust Level of Assurance: Gemalto Digital ID Services Platform enables an adaptative and step-up level of assurance from Level of Assurance (LOA) 1 to LOA 4, providing a very flexible approach for service providers. The solution, therefore, offers identity and services providers with the opportunity to have a flexible and adaptive authentication policy, with scalable security measures tailored to the nature of the online services being accessed.
Flexible Deployment Model: To accommodate all strategies, Thales offers a flexible choice of on-premises delivery or as-a-service Digital ID Services platforms.
Seamless Service Providers onboarding: Provides seamless integration with 3rd party applications to enable quick deployment and broader onboarding of new public and private service providers.
Smooth integration into existing infrastructure:Thales' Digital ID Services platform is designed to streamline deployment in complex environments. Based on industry standards (SAML, OASIS-DSS, Open ID Connect, FIDO), the platform offers interoperable and flexible architecture for smooth integration into existing infrastructure (certificate authorities, attributes providers, service providers, HSM, etc.…).
Benefits of Gemalto ID Services Platform
- Improve the reach of online services and increase transactions in both the public and private sectors
- Lower Total Cost of Ownership
- Reliable and up-to-date user information shared by the Identity Provider entity
- Simplify onboarding to Identity Provider authentication service
Benefits for public & private eService providers: it helps to streamline the onboarding process of new citizens/customers, having access to up to date, accurate, and reliable data about their users and limiting the risk of ID theft and fraud while providing a convenient and secure Identity Management service.
Benefits for citizens: A secure digital identity enables citizens to safely take advantage of the growing number of digital services provided by governments and to access them in a secure, private and convenient way.
The federated identity backbone feature of the platform removes the need for citizens to have to memorize complex passwords for each service provider. The user is authenticated once and for all, then granted access to multiple resources without having to enter his authentication credentials again.
This user-centric solution also streamlines citizen's on-boarding process to other service providers in the public and private sectors (such as KYC procedures).