Digital IDs Accessed on Smartphones via BLE

By Claire Swedberg

Argentina's National ID program leverages HID Global's goID system with Bluetooth Low Energy to enable citizens to securely share identification records or other data via a mobile phone.

image_pdfimage_print

Thousands of Argentinians are signing up for a digital credential system that will enable them to share their identification and related data with authorized parties via their mobile phone. The solution, which leverages Bluetooth Low Energy (BLE), makes it possible for users to securely provide their credentials for transactions ranging from police interactions to private sales and nightclub access, without requiring an ID card.

Argentina’s Ministry of Interior is deploying the solution, which consists of HID Global‘s goID system, on the government’s Mi Argentina app. With the solution, two parties can interact via their phones, enabling citizens to share their identity with an authorized party, without having to take out paperwork or cards, and without raising the risk of privacy breeches or identity theft that could occur with Internet-based transactions.

HID Global’s Steve Warne

The digital ID system results from the collaboration of several agencies. The government ministry is working with the country’s Public Works and Housing department through the National Registry of Persons (RENAPER) and the Ministry of Modernization, as well as the Ministry of Interior. Already, the nation has distributed 47 million ID cards to its citizens, along with a Web-based service to check authentication, but it also offers a version for citizens’ smartphones, using the Mi Argentina app.

The goID platform was developed about four years ago to enable a digital credential to be stored in mobile phones to provide driver’s licenses, emergency passports or other applications. The goID platform for mobile IDs is the first such solution to enable a digital national identification system, the company reports. The Argentina digital ID system with BLE functionality leverages HID’s Seos technology and the goID platform for over-the-air credential provisioning.

Since its launch, goID has been piloted in Africa, Asia, Europe and the Americas. It consists of three components, says Steve Warne, HID Global’s senior director of product marketing. The first is a data-preparation feature that captures information from a government’s database, including signing, security and packaging data. The second feature consists of a cloud service that receives information from the issuing authority and directs it to the correct mobile phone in a secure manner.

“That gateway doesn’t contain or retain any data,” Warne explains. Instead, it simply provides a method for delivering the data. Thirdly, goID includes a software developers kit (SKD), available for Android- and iOS-based devices, which can be further developed into a residency permit, passport or national ID. Seos enabled the secure channels between devices, HID explains, facilitating the gateway provision and secure storage on the smartphone.

Approximately two years ago, HID Global started working with Argentina’s Ministry of Interior on the country’s digital ID. Independently of HID, the agency had already created the Mi Argentina app, which enables citizens to store a copy of their driver’s license on their phone. That, however, limits the amount of data that can be shared. Before the goID solution was put in place, the government offered businesses the ability to confirm a physical ID’s validity via an online system. There were limitations, though, since citizens had little control over what the government shared with businesses.

The existing National ID could be authenticated online but not stored, Warne says, and citizens were not in control of how their data was used once authenticated. GoID enables a digital ID to be stored securely on a citizen’s phone using that phone’s own encryption and goID’s security technology. While citizens can share their information via BLE with a secure interaction, that data cannot be intercepted as readily as it could over the Internet. “The two devices talking to each other swap certificates, recognize each other and only transfer information if it’s a known device,” he states.

Argentina is making the solution available to those who sign up for a government ID card for the first time, or who renew an existing ID. Those with an existing ID card must wait until the card expires before they can join the Mi Argentina digital ID system. Those who are qualified must visit the local RENAPER office. Since the system was taken live in late 2019, 30,000 citizens have been using it, while 90,000 have inquired about it or expressed interest.

The government’s first step has been to get a large number of citizens signed up, and to then enable transactions for a small number of applications, such as citizenship and ID verification. For instance, a company or agency could use the solution to confirm the identity of an individual using its services.

An example of such a transaction could be a car dealership. During a vehicle sale, a seller could send a request for ID verification to an individual buyer on his or her phone. This would be accomplished by the seller’s own smartphone or tablet with a built-in BLE radio. The device would transmit a request for a digital ID to the buyer, whose phone would receive the transmission and display who is requesting this information and what data they seek, such as a government ID image. The buyer could then authorize or refuse a response to that phone.

The system could also be used for a variety of other transactions, such as traffic infractions. After pulling a driver over, a police officer could utilize the technology to send a transmission to his or her phone, indicating a request to view credentials. In that way, the person’s license could be viewed without the officer having to leave his or her vehicle. For the driver, meanwhile, this provides verification that the officer is legitimate.

The system provides offline verification, thereby ensuring data security, as well accessibility in places that might lack an Internet connection or a cellular signal. Whether in a subway or on a mountain top, Warne says, the two authorized devices could still conduct a BLE transaction. In the unlikely case of someone hacking data from an individual’s phone, he adds, the hacker would not be able to alter the data, and transactions would not be possible on a different device. If someone were to steal a mobile phone, the app could be remotely disabled via the Internet.

“From the government’s point of view,” Warne states, “they have a channel now to their citizens. They can give them information.” In the future, app users could add additional credentials, such as social security, vehicle registration or insurance documents, which could be provided to authorized parties. “That’s something that we’re working toward,” he says. “There are lots of things that could be done.”