In 2008, British Columbia will be launching one of the first pilots of virtual identity cards in North America, and expect other governments to watch this initiative closely as they look for ways to resolve data redundancy issues, according to Vadim Lander, senior vice-president and chief security architect at CA Inc.
B.C. is using C.A.’s claims-based authentication technology for the virtual card pilot.
Two areas will be tackled initially with the cards: allowing government employees to log onto Wi-Fi networks, and authenticating citizens to government Web sites.
As the name implies, the virtual card is not a physical card but an icon that resides on the citizen’s computer that is meant to be used in conjunction with a Web browser. “Instead of inputting a username and password, users just have to click on the card to provide their credentials,” he says, adding the process to issue cards to British Columbians and determining what documentation they will need to present to obtain them are being worked out.
Once the cards are issued, individuals will own and control the underlying personal information, which will also reside on their computers, says Lander. “Citizens will have choice and flexibility in how they want to make their data available to government.”
For the pilot, one card per citizen will be issued containing basic information such as name, address, and date of birth. “But the technology allows people to have multiple cards with different levels of identity they can present depending on the service they want,” he says. “It will be up to the citizen to choose what degree of private information he wishes to divulge.”
Different services require different levels of personal information, he explains. Booking a campsite, for example, only requires basic address information, whereas filing an Employment Insurance (EI) claim online requires more sensitive information such as SIN and income information.
There are parallels in the physical world – a driver’s licence is sufficient for domestic airline flights, but international flights require passports. Varying levels of personal information and supporting credentials could be embodied in multiple virtual cards for the same individual. “We can imagine a scenario in the future where people have different virtual cards from government, banks and other institutions.”
One of the key objectives of the pilot is to determine how citizens will use the new technology, he says. As a back-up mechanism, people will still be able to log on with usernames and passwords if the virtual cards fail. “We’ll learn which other back-up mechanisms will be needed from the pilot: