AOC

Challenge

How can we strengthen the registration and remote identification of citizens using facial and image recognition algorithms, so that it is an easier, safer and more trusting process?

Problematic

Since 2016 in Catalonia we have had the digital identity called idCAT Mòbil based on a face-to-face or telematic registration process, with a digital certificate (2% of the total telematic registration) or with a registration based on information known only to the Administration and the citizen himself (98%).

Citizens value the idCAT Mobile digital identification service with internet registration very positively because it is useful, quick to obtain, easy to use, procedures can be carried out immediately after registration and there is no need to memorize anything. This is confirmed by the nearly 400.000 citizens who already use it, more than a million actions carried out and the excellent results of satisfaction surveys both in terms of its use and the initial online registration process.

However, this digital identity has some points to improve:

  • According to the European standard for identification and electronic signature and the national security scheme, this system is considered to be of low level and there are some actions that are not recommended. For example, access to public folders. Some services of Catalan administrations do not use it for this reason. 
  • The online registration process initially implemented only asked for ID and health card information to be verified against the corresponding official records. But there are citizens who either do not have an ID card or do not have a health card (public employees who have Muface mutual insurance or Catalans abroad)

For these reasons, we considered explore new mechanisms that would make it possible to provide the online registration process of the mobile idCAT with more security, robustness and trust, with the aim of expanding the number of users who can obtain it without moving and to expand the uses in the Catalan administrations.

As a result of this exploration, since May 2020, the mobile idCAT online registration system:

  • applies recognized identification methods with terms of reliability equivalent to physical presence, which raises the service to a substantial level of security;
  • allows access to the online registration process with DNI, TIE or even NIE, which expands the number of citizens who can access the service.

During the exploration carried out it was found that:

The private sector has made great progress in implementation of secure remote identification processes using artificial intelligence algorithms, specifically facial and image recognition. The main area of ​​impetus was the banking sector following Directive (EU) 2015/849 of the European Parliament and of the Council, of 20 May 2015, relating to the prevention of the use of the financial system for money laundering and the financing of terrorism. Additionally, the SEBLAC (Executive Service of the Commission for the Prevention of Money Laundering and Money Laundering) has approved several instructions on how to carry out the digital identification of a user through video identification and video conference mechanisms. The main European banks are currently implementing services that facilitate remote registration using facial and image recognition algorithms.

A key issue is the reliability of facial recognition algorithms in the different situations and conditions that we can find ourselves in, which can affect the quality of the captured images. Fortunately, we have the excellent studies carried out by the National Institute of Standards and Technology (NIST) on the robustness of the main facial recognition algorithms on the market, in different situations and conditions, which offer us very valuable information to determine the quality of the algorithms and the risk levels of each one, in order to propose mitigating measures.

Although in general the public sector goes, as usual, further back in the adoption of these artificial intelligence technologies, recently and accelerated by the health emergency of COVID-19, the Ministerio de Asuntos Económicos y Transformación Digital posted the"Order ETD / 465/2021, of May 6, which regulates the methods of remote video identification for the issuance of qualified electronic certificates", which contemplates the possibility of verifying identity remotely.
It is worth noting that the AOC Consortium had already analyzed international experiences to determine the best practices to apply to the public sector in Catalonia and that, since May 2020, it already has the mobile idCAT system, which adapts and meets the requirements indicated in this order

Applied solution

The mobile idCAT online registration system uses facial and image recognition solutions that provide evidence in the registration process that give greater robustness to the process and follow the guidelines of the regulations established by the State (ETD Order /465/2021).

Els main controls implemented are:

  • Facial recognition compares the photo of the person doing the registration process (selfie) with the photo of the official document that the person scans.
  • Facial recognition compares a photo of the person taken from the video recording of the registration process with the photo of the official document that the person scans.
  • Image recognition allows you to scan an official document and verify that it is original and has not been tampered with.
  • A life test is performed on the person going through the process, asking for a gesture or movement
  • It is validated (if the person is resident in Spain) that the data in the document match the official record of the General Directorate of Police.
  • A human operator validates the entire process to achieve a substantial level of registry guarantees.

Example of the process:

In parallel, several have been implemented safeguards to meet legal requirements and build trust:

  • Privacy: Citizens have alternative ways to obtain a digital identity (eID) without sharing their biometric data.
  • General Data Protection Regulation (RGPD): User consent is mandatory and personal information is managed in accordance with the RGPD. Biometric data is not stored: a biometric vector (a long numeric string) is generated and it is not possible to reconstruct the face from the vector.
  • Certifications: The system meets the requirements of Spanish regulations and has the necessary certifications for compliance.
  • Unbiased algorithms: Regular quality checks ensure accuracy and avoid bias.
  • Supervision: All transactions are supervised by public employees.
  • Impact: A data protection impact assessment has been carried out to guarantee the fundamental rights of users.

Requirements of the applied solution

The origin of secure remote identification processes using artificial intelligence algorithms can be found in the financial sector of the European Union, following the approval of Directive (EU) 2015/849 of the Parliament and the Council, of 20 May 2015, relating to the prevention of the use of the financial system for money laundering or the financing of terrorism; and SEBLAC's instructions on how to carry out the digital identification of a user through video identification and video conference mechanisms.

Regulation (EU) 910/2014 of the European Parliament and of the Council, of July 23, 2014, relating to electronic identification and trust services for electronic transactions in the internal market, had already provided for the possibility of verification of the identity of the person requesting a qualified certificate using identification methods that guarantee equivalent security in terms of reliability to physical presence.

There are many facial and image recognition solutions on the market today. The solution chosen by the AOC Consortium was the one offered by DELOITTE ADVISORY SL, which is part of the VERIDAS family of solutions (See the Tender for the remote identification service)

Els additional requirements that we asked to ensure the suitability of the application for the public sector were the following:

  • It can be done through a responsive web application or a mobile APP with high usability.
  • The service must accept the most common digital identity documents in major countries at European and global levels.
  • The process of scanning official documents will be carried out with mechanisms to control the veracity of the MZ document, watermarks, etc. and minimize the risks of impersonation, manipulation, and with the extraction of the user's photograph.
  • The process of capturing the user's selfie photo will include a life test (face gesture: closing eyes, turning head, smile,…) and a detector of the quality of the photo taken. In case of low quality, it will be proposed to take a new photo.
  • The correlation of the photo taken from the official identity document and the "selfie" will be made with an algorithm analyzed by the National Institute of Standards and Technology (USA) (NIST) in its latest report on "Ongoing Face Recognition Vendor Test (FRVT) Part 2: Identification".
  • Part or all of the process will be videotaped as evidence to facilitate monitoring, validation, and control tasks. It will not be allowed to upload a pre-recorded video or save it on a premises that is susceptible to manipulation.
  • It will verify that the disposable code sent to the user's mobile phone has been entered correctly in the registration solution.
  • Information will be added on the geolocation of the registration process and the device used, in order to apply adaptive security measures.
  • Recorded documents and evidence of the process will be kept, properly signed with a digital certificate and AOC time stamp, for a minimum period of one year.
  • The application of management for the public employees (back office) will facilitate the supervision and / or validation of the registries realized by the citizenship.
    • The validation period for a registration process by an operator must be a maximum of 10 minutes (from the end of the scanning and video process).
    • The validation service will be available, at least, in the following time slot: from 9 am to 17 pm.
    • Operators performing validation will be properly trained.
  • SEPBLAC regulations will be complied with in relation to video-identification procedures for clients in non-contact operations, in the field of the fight against terrorism and the prevention of money laundering.
  • The information systems associated with this service will be hosted by the European Union.

Additionally, the following were valued advanced requirements:

  • Have an integration with the DNI-e 3.0 SDK to extract the photo saved on the ID card via NFC. This functionality can only be available via an APP.
  • Verification that the scanned official identity document has a hologram.
  • Regulatory compliance regarding:
    • External audit report on compliance with the eIDAs - ENS, with its corresponding Certificate of Conformity.
    • Solution incorporated in the CCNCERT ICT Security Product Catalog as a qualified product or is a certified component according to the ENS.

Main benefits of the applied solution

  1. Greater security: The facial and image recognition algorithm provided by VERIDAS has proven to have a high level of accuracy. The rejection rate is very low (5%), due mainly to technical problems with recording and chamber lighting.
  2. Convenience: Users can complete the entire process from home within minutes, saving time and effort.
  3. Inclusion: We've invested heavily in user experience to make the process remarkably simple for any user, regardless of their digital skills.
  4. Save: Improves efficiency by automating administrative tasks and reducing errors, resulting in significant cost savings: up to 80% per transaction compared to face-to-face methods.

Other use cases

Despite this first proposed use case of video identification to obtain the mobile idCat, the aim is to study in the future the feasibility that these video identification mechanisms can provide elements to give a higher level of security to identification with idCAT Mobile, which currently has a low security level. Thus, the use of facial and image recognition algorithms can be extended in the future to many other scenarios, such as:

  • Performing procedures and actions, without the need to generate any prior digital identity.
  • Electronic voting in participatory processes or by citizens abroad. The current process is very cumbersome and causes a small percentage of citizens with the right to vote to exercise it.

Status of the project

  • In production since May 2020
  • Indicators (data updated to June 2023):
    • more than 110.000 video identifications made
    • 95% requests accepted and 5% rejected

More information