Search

Define Vision

An inclusive and trusted ID system can serve as a platform for broad administrative reforms and new modes of service delivery for both the public and private sector. As such, these systems may be implemented with a variety of purposes, including crosscutting goals and sector-specific use cases that become evident after the status quo analysis described above. Defining a shared vision for ID and completing a full evaluation of potential current and future users will help ensure that system is fit for purpose and adaptable to long-term needs. (See, for example, Whitley & Hosein 2010).

1. Define development goals

Depending on context, ID projects may have different overarching goals that link closely with the country’s economic and social development plans and cross multiple sectors. The overall role or purposes envisioned for the ID system will have important implications for key decisions, and practitioners should design the ID system with these end goals in mind. Table 8 gives examples of some common cross-cutting goals and how these might factor into key design decisions for the ID system.

Table 8. Design implications of potential cross-cutting goals for ID system

Goal Implications for Key Decisions

Increasing inclusion and meeting SDG 16.9 (“provide legal identity for all, including birth registration”)

To improve inclusion and provide legal identity for all, ID systems should be designed to maximize coverage and minimize exclusion. This involves strengthening civil registration, identifying and removing or mitigating statutory, procedural, social, economic, and technological barriers to access through updates to the legal framework, choice of registration criteria and strategies (e.g., potentially de-linking identification from nationality, legal status, and other rights and entitlements), the choice of data to collect, adopting user-friendly and accessible credentials and authentication mechanisms, and engaging the public. Furthermore—in order to meet the goals of sustainable and inclusive development—measures should be taken to ensure that people who are unable to obtain identification are not excluded from the basic rights and services to which they are entitled.

Improving transparency and trust in government

When well-implemented, ID systems can serve as a foundation of trusted interactions between people and governments. This requires a legal and regulatory framework with sufficient safeguards, a privacy-and-security-by-design approach that gives people control and oversight over their data, and public confidence in the ID authorities themselves. The choices that practitioners make with regard to which data are collected, how the population enrolls in the system, the format of credentials (e.g., which data are visible), the adoption of privacy and security measures, and mechanisms for grievance redress are also likely to impact the degree to which people trust (or distrust) the system. Finally, the level of transparency and engagement with the public will be key to its successful adoption.

Digital transformation of services and economy

ID systems and other trust services like e-signatures can underpin the digital economy by providing on-demand, secure authentication of users, organizations, and devices to enable a variety of digital platforms and services (e.g., online tax filing, e-payments, commercial marketplaces). However, this requires credentials and authentication procedures that can be used in an online environment, with appropriate levels of assurance for different types of transactions. Furthermore, the use of open standards and platforms for can increase the utility of ID for third party platform developers. To understand and maximize the transformational potential of ID in the digital economy, practitioners should engage in in-depth consultation with the public and third parties to understand their needs, motivations, and acceptance of new ID services.

Reducing fraud and corruption

Strengthening identification and authentication can help prevent identity theft and identity-related fraud in both the public and private sector. In order to reduce identity-related fraud, ID systems must have high levels of assurance in identity proofing and authentication procedures. In some cases, this may include the collection of biometric data to de-duplicate identities and ensure uniqueness in the population. Linkages with the civil registry can also help prevent fraud by identifying deceased individuals. However, practitioners must evaluate the size of the fraud problem across various use cases, and carefully weigh these against other risks, such as preventing legitimate beneficiaries from accessing services to which they are entitled by virtue of overly stringent ID requirements. The levels of assurance adopted in various use cases should be proportional to the likelihood and impact of identity-related fraud.

Improve end-user experience with identification

In addition to improving trust, improvements to ID systems can also simplify users’ experiences with identification and accessing public and private-sector services that require proof of identity. This requires designers to streamline the process and convenience of registering in the ID system and collecting and using credentials (e.g., the devices and hardware needed). Privacy-enhancing measures such as access portals that make it easy to control data use, as well as convenient grievance redress mechanisms can also improve the user experience.

Facilitating migration and trade

When mutually recognized by different countries, ID systems can simplify migration and cross-border economic activity. By adopting standards and trust frameworks for mutual recognition, designers can help ensure that ID systems are interoperable across borders to better facilitate movement and economic activity, including to act as a machine-readable travel document.

2. Define sector-specific use cases

In addition to overarching goals, identification can be a critical enabler for improving people’s access to public and private services, and the efficiency and quality of these services. This includes potential applications of ID across the following sectors:

  • Financial services

  • Mobile and telecommunications

  • Social protection

  • Health care and insurance

  • Education

  • Agriculture

  • Digital government

  • E-commerce and digital trade

  • Taxpayer identification and revenue generation

  • Voter identification

  • Property ownership and transfer

  • Civil servant payroll management

  • Passport issuance and border security

Depending on national priorities for the ID system, countries should consider how these various use cases may shape system design, as summarized in Table 9. Defining the desired use cases ahead of time is not only essential for building ID systems that are fit for purpose, but also for ensuring that the purposes for which the ID system will be used are well understood and accepted as well as pre-specified in the legal framework.

Table 9. Design implications of specific use cases

Use Case and Sectors Implications for Key Decisions

Comply with identity-related requirements of know-your-customer (KYC) and similar regulations

  • Financial services

  • Mobile and telecom

 In order to meet typical KYC requirements and customer due diligence (CDD) regulations related to identification and verification, identity proofing procedures should offer a high level of assurance. In addition, platforms that facilitate queries to verify an identity can also improve the efficiency of KYC verifications.

Preventing identity theft and impersonation

  • Financial services

  • Mobile and telecom

  • Digital government services

  • Property ownership and transfers

  • Taxation

  • Sectors with cash/in-kind transfers

  • Voter registration

  • Border control

 ID systems should offer a high level of assurance and adopt advanced security features and protocols to protect identities and personal data. Notification policies and easy-to-use grievance redress mechanisms should also be in place to deal with cases of stolen identities or data breaches.

Reducing fraud and leakage and improving targeting and service delivery for government programs

  • Social protection

  • Health

  • Education

  • Agriculture

  • Civil service administration

In order to be useful for social protection programs—e.g., to identify beneficiaries—the target population (e.g., potential children, non-citizens) must be eligible for the ID well-covered. Leveraging the ID to prevent ghost, multiple, and/or fraudulent registration and improve targeting also requires some form of deduplication during the identity proofing process or in relying parties systems, and the ongoing removal of deceased persons through links with the CR system. Adopting and frameworks that allow for cross-checking and/or data exchange with other databases can also help prevent fraud, improve targeting, and ensure the portability of identities. In order to reduce instances of beneficiary impersonation, credentials and authentication mechanisms should offer a sufficient level of assurance.

Facilitating new modes of service delivery

  • Government service providers across all sectors

  • Private companies that provide a variety of services

  • E-commerce

 Within the digital economy, innovations in service delivery will require secure digital credentials and authentication that can provide various levels of assurance for multi-modal authentication, as well as frameworks and services that allow various users to leverage these credentials for identity verification, authentication, and other trust services. As part of the innovation process, practitioners should also consult with end-users to understand existing difficulties and desired improvements

Facilitating the use of anonymized data for the production of statistics

  • Health

  • Development planning

  • Emergency response

  • Academic researchers

In order to be useful for data collection, ID systems must have widespread coverage of the relevant population (e.g., CR systems must cover children if used as a source of infant mortality statistics). between systems such as ID, civil register, statistics, and sources of demographic and health data can also facilitate rapid detection and response to public health emergencies. However, data aggregation and sharing for public health, research, and planning purposes requires a robust legal framework and enforcement to protect privacy and personal data.

Practitioners should adopt a risk-based approach to defining how ID will be deployed in various use cases. This approach should consider the level of assurance needed for various transactions to mitigate fraud and other risks, as well as the potential for exclusion and privacy violations involved with requiring identification or authentication for different purposes. For example, requiring people to have an ID for services that previously did not require one may prevent people who face significant barriers to obtaining an ID—e.g., vulnerable and marginalized groups, low income people, women, etc.—from being able to access crucial support. See CIS (2019) for one approach to considering when ID should (and should not be) applied.