Electronic identification in Finland
Porvoo Group`s 18th Conference
Tuire SaaripuuHead of Registration
Certificate Authority Services Population Register Centre
Chair of the Porvoo Group
Population Register Centre
• Founded in 1969• Operates in
conjunction with the conjunction with the Ministry of Finance
• Located in Helsinki and Kokkola
• Number of personnel 120
22.5.2014
• Development of the Population Information System• Nationwide information service• Certification authority of citizens ´ electronic identity in
Population Register Centre
• Certification authority of citizens ´ electronic identity in the public sector
• Training and guidance of local authorities• Elections: compilation of the voting register and
updating the election database
• In Finland the personal identity is based on an identity created by the population register system and given to all Finns in connection with their birth and to all foreigners settling permanently in Finland in connection with their entry into the country.
Personal Identity
in connection with their entry into the country.
• In face-to-face business, identity is verified using valid official documents (personal ID card, passport or driving licence).
Individuality
The VRK creates an electronic identity for Finnish citizens when providing them with a electronic communication identifier code. The electronic communication identifier is activated when a person receives a certificate card.
Certificate authority issues• Citizen certificates• Certificates for organisational use
• Temporary cards
VRK as Certification Authority
• Temporary cards• Certificates for health care (public and private se ctor)• Server and e-mail certificates• Certificates for machine readable travel documents
• ePassports and residence permits
• An electronic identity guaranteed by the State to e very Finnish citizen or to a foreigner residing permanen tly in Finland.
• A certificate complying with the EU Directive on el ectronic signatures and the Finnish Act on Strong Authentica tion and Electronic Signatures.
Citizen certificate
• Meets the requirements of the European qualified certificate.
• Register Authority of the Citizen Certificates is t he police • Free to use and develop services for all business m odels
The reliable identification of a person in any plac e or at any time without physical documents is one of th e basic prerequisites of the information society.
Electronic identity card• health insurance
information may also be attached to it
Citizen Certificate in electronic identity card
attached to it• issued by the police• The price of the card is
53 €
The Citizen Certificate can be used on a variety of card platforms or with other technical devices.
Certificate for organisationaluse
• Log in to work station, authentication required for accessing the organisation’s information systems, e.g. remote access, single-sign-on SSO
• Signing of different forms and applications• Secure e-mail (Encrypting and signing of
emails)emails)• Access control feature (RFID)• Widely used solution for electronic
transactions requiring a high degree of data security and confidentiality within and between administrative sectors
• Enables a one card solution in official use
QUALIFIED CERTIFICATE
Certificates for Healthcaresector
• All healthcare professionals in Finland will have healthcare professional cards with certificates.
• Usage of certificates contains ePrescription and contains ePrescription and signing patient documents.
• Meets the requirements of the European qualified certificate .
• Biometric passport issuing
• VRK is also a country signing CA in Finland (since 2006)
• VRK issues the Finnish documentsigning certificates
Travel documents
signing certificates
• VRK issues the certificates for reading fingerprintsIssuing passportswith fingerprints started in June 2009
• Biometric identifiers for the citizencards and residence permits in 2011
Some figures
Valid certificates 31st April 2014• Citizen certificates 480 280 • Organisation certificates 78 844 • Certificates for healthcare
professionals 153 986
Economical situation• The finances are in balance, the incomes cover the
expenses
Current affairs in Finland (1)
• Finland is the first country in the world to have an Act on Strong Authentication and Digital Signatures (7th August 2009).(7th August 2009).
Current affairs in Finland (2)
Certificates for Social welfare sector• Social services are organized by local authorities ( the municipalities)• Social services are produced by both public and pri vate service
providers• 336 municipalities, about 2900 private social service providers, 4300
places of business• Municipal and other social services employ about 17 0 000 people• Municipal and other social services employ about 17 0 000 people
• All social service professionals in Finland will have the social welfare professional card with certificates
• Social services are widely capitalized by taxes• All client data registers are located to National C lient Data Repository
for Social Services• The Repository contains real-time client data, is accessible by all social
welfare service providers and is administered by the authorities• The Client data model consist of about 250 client documents that are
used in social services.
Current affairs in Finland
Current state: separate contracts
Objective: open square model
Executive summary• Establishing the identification core
enables combining different identification solutions.
• Common core can remove barriers from electronic services market and speed up the progress.
• The number of necessary contracts will be reduced substantially.
• The core of trust network enables • The core of trust network enables citizens to use preferred identification tool for accessing multiple electronic services.
• The aim is also flexible transition to new identification technologies.
• Decentralized solutions will increase the safety of identification services and enable parallel solutions utilizing different technologies.
• The objective is to develop a new identification core guaranteed by the government while using current solutions during the next couple of years.
Governmental solution based on a Common Root CA
VRK certificatesissued for persons,
government
Other VRK certificates,
serversetc.
Certificates issuedfor persons
CRL (RootCA )
Gov Root CA (MinFin, VRK)
VRK CA activities (Sub CA:t)
VRK: certificatesissued for
persons, on
Other CA:s (Sub CA)
18JulkICT
governmental platform
RA
persons, on mobile,
bank cardpaltform
VTJ
VRK CRLCRL (olther
CA:s)
National Identification Model
Gov AuthPortal
Creating trustservice
environment
Application
Application
Application
Gov CA Services
Gov Root CA
Applications
Basic service
Mobile
SIM Card
Identification tokens
STORK level 4
environmentbased on contracts Application
Application
Application
Application
Gov Root CA
Privateenterprise auth
service
Privateenterprise
Certificate
Privateenterprise author sign service
Certificate
?
?
?
New technology: NFC, biometrics etc.
Roleattributes
etc.
Proposal for a Regulation on "electronic identification and trust services for electronic transactions in the internal market" COM(2012)238 of 4.6.2012
• A key element that needs to be borne in mind when a ddressing this question is the internal market, with access to cross-border on-lin e services. That is, to what extent does the solution retained facilitate the developme nt of access by natural or legal persons in one Member State to on-line services pro vided by other Member States using electronic identification means.
• Chapter II on "Electronic identification" of the pr oposed Regulation sets out minimal common rules to ensure that electronic identificati on and authentication means enabling access to public services at national leve l are mutually recognised and enabling access to public services at national leve l are mutually recognised and accepted throughout the EU. How to deal in the Regu lation with the question of assurance levels for electronic identification mean s used to access notified electronic identification schemes
• Chapter III ("Trust Services") of the proposal for Regulation provides basic rules for the use and provisioning of electronic signature an d trust services to ensure legal certainty and predictability when relying on them i n electronic transactions for businesses, commerce, governmental needs, or leisur e.
• The rules in Chapter III simplify and extend the ex isting legal framework for electronic signatures (as provided in the eSignature Directive 1999/93/EC) by covering other trust services (i.e. electronic seals, time stamps, electronic documents, qualified electronic delivery service and website authenticat ion) which are either already part of national legal frameworks for eSignature or appear t o be important building block for seamless cross border interactions.
Proposal for a Regulation on "electronic identification and trust services for electronic transactions in the internal market" COM(2012)238 of 4.6.2012
•The proposal's objective is to boost trust, confidence and convenience in the digital environment, which are a prerequisite to further stimulate the development of the digital single market, by establishing minimal common rules for the EU-wide mutual recognition and acceptance of Member States' eIDs.
•Taking into account the principles of proportionality and subsidiarity , the proposed Regulation does not create a new 'European eID' . proposed Regulation does not create a new 'European eID' .
•The proposed Regulation does not foresee the introduction of any EU-wide eID-data base . The management of electronic identification schemes, and in particular the authentication phase, will remain within the Member State wherethe schemes are provided.
-safeguard to limit the spread and unauthorised collection of personal data and, as such, would contribute to protect privacy (i.e. privacy by design) .
•The proposed Regulation does not regulate the provisioning of the generic/soft/commercial electronic identification services (mostly provided by the private sector).
The Porvoo Group supports the deployment of electronic identity in Europe
• The Porvoo Group is an international cooperative network
•The primary goal is to promote a trans-national, interoperable electronic identity based on PKI technology (Public Key Infrastructure) and smart cards and chip ID cards, in order to help ensure secure public and private sector e-transactions in Europe
• The Group also promotes the introduction of interoperable certificates and technical specifications, the mutual, cross-border acceptance of identification and authentication mechanisms, as well as cross-border, online access to administrative services
•Widely recognised as a significant and relevant contributor to informed public dialogue in this area
The eEurope 2002 programme -> Smart Card Charter-> Public Identity Project -> the Porvoo Group
Qualified Certificates
• Population Register Centre is the first and the only organization to issue qualified certificates in Finland.
Thank you!
THANK YOU
Tuire Saaripuu, Head of RegistrationPopulation Register CentreChair of the Porvoo GroupPB 123, 00531 Helsinki, FinlandPB 123, 00531 Helsinki, FinlandTel. +358 295 53 5296GSM +358 505635735e-mail: [email protected]
www.vaestorekisterikeskus.fiwww.fineid.fi
22.5.201424