About the Danish eID: NemID
NemID is a common secure login on the internet, whether you are doing your online banking, interacting online with public authorities or engaging with one of the many businesses that use NemID. NemID is the same login everywhere.
Therefore, NemID has become part of everyday life for many individuals and businesses, and generates more than 50 million transactions a month. NemID has been issued to about 4.2 million individuals and 500,000 businesses. A total of 94% of citizens are satisfied with this solution.
Strong collaboration between public and private sectors
The fact that NemID can be used on both public and private services, and particularly the close collaboration with the banking sector, has helped dissemination among the public. When individuals use the same solution to identify themselves in many different online services, they become familiar with it and that increases trust in the system.
''It's a great advantage for Danes that they can use their NemID on both public and private websites. This is an aspect that we'll try to accommodate when we are to design the frameworks for the next NemID version. Therefore, we'll incorporate the private sector's use of NemID and the collaboration between the public sector and private businesses in the analyses we're currently conducting," said Marianne Sørensen, Head of Division at the Agency for Digitisation.
An example: NemID is a security factor at DBA
DBA is one of the private-sector service providers that uses NemID to validate its users. DBA is a Danish online advertising market for buying and selling new and used items, primarily between private individuals. For DBA, NemID signals additional security in online trading between the private users on www.dba.dk.
"NemID validation has many advantages for buyers as well as for sellers on DBA. You could say that NemID validation is a guarantee that the user really is the person he or she claims to be. This increases the reliability and credibility of the sellers and makes buyers feel safe to shop on DBA. After implementing NemID validation we have experienced a general fall in the number of users who have been defrauded," said Lene Kristensen, Head of Customer Support at DBA.
An important preparatory phase towards the next-generation NemID
In 2012, Denmark began the transition to mandatory digital self-service and communication with public authorities,i.e. Digital Post between individuals and public authorities and online self-service for individuals. The increased mandatory digitisation has made NemID a key element in the ICT infrastructure of the public sector, but what will the national infrastructure for e-identity and digital signature look like in future Denmark? NemID as we know it today has interfaces to many other key solutions in the public sector as well as the private sector. Therefore, there is a need for thorough analyses when establishing the frameworks for a new NemID solution.
A very important aspect of the analyses prior to the next-generation NemID is to identify needs and requests from the many different stakeholders and user groups through involvement of individuals, businesses, public and private-sector service providers, technical experts, etc. From the beginning of the analytical phase, the purpose has been to focus on the users. Moreover, during the summer a public consultation was held about the next-generation NemID. A total of 63 responses to the consultation were submitted from public authorities (ministries and agencies as well as regions and municipalities), trade and stakeholder organisations, and private individuals with special interest in the area, including IT bloggers. Security and user-friendliness were given particularly high priority in the responses.
Another important element of the preliminary analysis is the technical possibilities, security aspects, etc. linked to the different user aspects. In this context, it is important to draw on international experience. Therefore, overall mapping and analyses of eID and e-signature solutions in other countries have been carried out to provide inspiration for the new NemID solution and build on valuable experience with supplier models and security models, etc.
The next steps
The introductory work on the preliminary analysis began in early summer and is expected to be completed by early 2015. The many stakeholders of the project will continue to be involved throughout the process, for example through a number of additional workshops held by the Agency of Digitisation during 2015.
The more focussed analyses will then begin. This phase will identify how the various needs and possibilities can interact in a detailed overall solution concept. This entails a rigorous process of assessments and necessary prioritisation of requirements and possibilities up to the final draft of a possible future solution scenario which can form the basis for a political decision.
Following this, a call for tender of the next-generation NemID will be carried out during 2015, so that a new solution can be ready when the existing solution is phased out towards the end of 2017.