• Gemalto is now part of the Thales Group, find out more.

National ID cards: 2016-2019 facts and trends

​​​​ ​​​​​​​​​​​​​​​​​​​ national ID card

The past ten years have brought a sea-change in what citizens and governments expect national ID cards to deliver. 

This period has also been filled with incremental tech developments that are serving as a foundation for a much smarter citizen ID future. 

5 topics have moved to the main stage in the past few years:

  • Biometrics, 
  • Electronic national ID cards, 
  • Mobile IDs, 
  • Virtual documents such as "mobile" driver's license 
  • The need to set up a national identity framework 
Let's dig in.​

Biometric IDs are here

Fast forward to 2019 and digital identity technologies such as smart cards and biometrics have come of age, with an estimated 120 countries now deploying electronic passports incorporating these highly secure features and over 70 countries implementing eID cards.

National ID cards have undergone a huge transformation; simple paper documents designed for single identification applications have given way to smarter documents in the form of a credit card. 

These citizen ID cards or eIDs include a microprocessor for stronger document verification but also on-line authentication and signature.

As they contain the portrait of the cardholder and very often fingerprints, they can be used for biometric identification and biometric authentication when needed. 

And guess what?

In April 2018, the European Parliament proposed a new regulation to implement security features of ID cards aligned with those of passports. In April 2019 the European Parliament approved the regulation and it still needs to be ratified. 

Member States and Iceland, Norway and Liechtenstein will need to start to issue these new cards with a secure contactless chip and the holder's photo and two fingerprints in the 2021-2022 timeframe as the directive comes into force 12 months after publication and States have 2 years to comply. 

And there's more.

This new generation of national identity card offers one of the best identity theft protection. These eID cards also enable governments to implement on-line applications such as eGovernment solutions giving citizens access to public services with the reassurance of robust security. ​​​The development of these government-issued IDs means a single card can offer a host of applications – from acting as a driver's license, enabling the user to file their taxes or giving him/her access to state benefits.

More from Gemalto on secure document implementations around the world.

3,6 billion citizens to carry a national eID card by 2021

But while some nations have been reticent in adopting eIDs, other countries have been far more bullish.

We've seen implementations in Asia with China, Malaysia, and Indonesia to name a few, or across Africa with countries like the Republic of South Africa, Nigeria and more recently with Algeria and Cameroun

Added to that are deployments across large parts of Europe, in the Gulf and in parts of Latin America. All provide interesting examples of the potential of eIDs to affect millions of ordinary lives throughout developed and emerging economies. 

Early 2017,  82% of all countries issuing National ID cards have implemented eID programs. ​Annual issuance will peak in 2019 at 679 million state-issued IDs with a chip.

According to research company Acuity Market Intelligence, the number of electronic National ID cards in circulation will reach 3.6 billion citizens by 2021.

This rapidly evolving dominance of electronic IDs reflects the global drive towards eGovernment and eCommerce services enabled by electronic identities. This move, according to Acuity, will provide substantial opportunities as national, regional, and global transaction infrastructures secured by a trusted digital identity scheme emerge over the next five years.

national identity card

National identity and economic empowerment

The case for eID cards and ePassports is quite straightforward for most people in the eID industry. 

In the business world, they play a key role in enabling financial services firms and telecoms companies to fulfill Know Your Customer (KYC)  requirements and carry out Know Your Employee checks. They allow government departments to interact with their citizens more effectively around the clock.

In the border control environment, combined with facial recognition and biometric authentication systems, they boost security and improve passenger throughput, giving authorities the confidence that the person standing in front of them is who he or she claims to be.

And the best part?

Emerging economies see the value of eID credentials in general because they promote economic empowerment, drive democracy and aid economic development as highlighted by the World Bank Group initiative named ID4D. 

They show the rest of the world that they are modern, secure and trustworthy states, able to implement new technologies and standards – and very much open for business. Furthermore, secure ID technology that can be used cross-border is important as it promotes regional integration and stability and makes economic development more likely.

Yes, you're right. There are similarities with the European Regulation put in place in September 2018.

This is what the European eIDAS Regulation on digital identification and trust services for digital transactions is trying to achieve. A framework of digital trust will allow European citizens of 31 countries to free themselves from uncoordinated and separate infrastructures. ​

One of the most innovative aspects of the Regulation is the possibility of accessing many services throughout Europe using the same national digital identity, whether public or private, provided that it has been officially recognized by the authorities of the country where it is currently in use. ​

​Mobile ID – digital identity at work

Over recent years, mobile identity (mID) has proved an increasingly popular choice with citizens, thanks to its convenience, ergonomics and high level of security. The rapid adoption of m-Government services in countries that have chosen to focus on mobile communication devices, has demonstrated the appeal of this strong and trusted method of identification.

Some visionary countries have made the leap to mobile ID or mID, through the creation of a mechanism using an eID component for accessing online services via mobile devices. Pioneers include countries where market penetration of cell phones and new technology is strong such as Austria, Estonia, Finland, Norway, and Turkey. Mobile ID projects are sometimes driven by the need for a universal form of identification (Austria 2003), or, in the case of Estonia in 2007, to supplement a national card program and accelerate the development of electronic identity and digital signature. 

In 2014, Oman was the first country in the Middle East to complement its national electronic ID card with a mobile ID scheme. As a highly trusted channel between citizens and service providers, mobile ID continues to extend its use from egovernment into other online areas such as banking and payment.

More on mobile IDs and the role of public authorities with the 2015 Gemalto white papers.

"1984" did not happen

Contrary to the vision of novelist George Orwell in '1984', national eID schemes have shown that managing citizen IDs can protect civil liberties, identity and social interactions in a state of law.

Electronic records on individual citizens are available upon request of their owner in many European countries with a national eID scheme.

As former President of Estonia Toomas Hendrik Ilves puts it: "You own your own data, so you have the right to access it any time." 

​When introducing its national eID in Belgium, the government offered citizens an application enabling them to know who has accessed their personal data. And of course, the key to accessing this online app is the national eID card. Each citizen can consult their personal file in the national data register to see a record of when government officials have accessed their personal data and for what reason. 

It's a good example of how transparency and traceability in every transaction between governments and their citizens can help protect privacy and strengthen trust.

More on transparency and traceability in the following Gemalto white paper on eGov 2.0.

There's more. 

We’re seeing the emergence of a global consensus on privacy protection specifically incorporating biometric data  as illustrated in particular ​by the regulations known as the General Data Protection Regulation that has been put in place in Europe and the UK in May 2018. ​ 

The California Consumer Privacy Act (CCPA) to be implemented as of July 1, 2020, is also a major step forward for privacy rights and consumer protection. It may serve as a guidance for several US states such as Massachusetts, New York, Utah, North Dakota, and Washington. Federal legislative hearings are also taking place in 2019 on that very topic.

us citizen id  

​On the road to the virtual driver's license

So when will we have a digital driver's license on our mobile phone?

Well, sooner than you may think. Here is why.

Today you can already do a lot with a smartphone. And the trend for on-phone payment, loyalty or travel applications may yet bring the driver's license to your mobile. While a driver's license primarily confirms identity and driving rights, a virtual driver's license also called a mobile driver's license or digital driver's license potentially brings many more benefits and opportunities for issuers, regulatory authorities and particularly drivers.

The traditional driver's license is an important proof of ID (identity and age) checked by enforcement agencies, retailers and financial institutions alike. A mobile driver's license would provide an on-screen version of the traditional photo and driver information and more. 

As a highly secure mobile application, it has stronger counterfeiting characteristics, enables driver data to be updated instantly and facilitates real-time communication opening the way to new business models using a trusted and secure channel. 

Though the mobile driver's license still has some distance to travel before becoming a complement or replacement to the plastic license we're used to, there's clearly an interest with other countries like Australia, Brasil and the UK also looking into this option. 

What is a Mobile or Digital Driver's Licence (DDL)? 

To learn more about digital driver's license initiatives visit our dedicated web dossier.

Several US states have launched pilots​​ to explore the user convenience, privacy and security and interoperability of mobile driver licenses.

In July-August 2017, Colorado and Maryland ​initiated digital driver's license live pilots. Feedback collected this summer like this one are highly motivating.

"I have people all the time trying to show me a picture of their license on their mobile phone when they don’t have their physical one, which is actually illegal. This solution clearly hits on that need for mobility but is an actual ID with underlying security and information to guarantee it is genuine. That’s really key.” SPECIAL INVESTIGATIONS OFFICER, COLORADO GAMING COMMISSION​ - JULY 2017

Discover more about the first users' feedback.

From eID to national identity schemes

Digital identity management is at the heart of the Internet economy as a key enabler for trust and innovation. Many countries are now putting in place the framework of their national identity scheme

This helps define the roles of the state, for example as regulator or issuer of digital identities (or neither), responsibilities in organizing data, applications and infrastructure and the underlying principles and operating methods of the digital identity ecosystem such as a federated identity management infrastructure. 

This can cover everything from how digital identities are used to authenticate users or verify data linked to the services and detail the identity types and levels of trust within the scheme.  

Currently, different approaches are being pursued – from a state-led role in issuing digital identities and structuring services, as seen in Eston​ia or the United Arab Emirates, to the more decentralized system with the German ID card​ project, or an identity ecosystem developed through a partnership between public and private sectors as is the case in Sweden.

Certain nations largely delegate the provision of identity solutions to the market, and therefore the private sector: this is the case in the United Kingdom who said no to a UK ID card as such in 2010 by yes to a national identification scheme known as UK Verify launched in 2016.

UK ID card scheme scrapped  

The UK has so far remained opposed to the very concept of compulsory identification credentials for citizens. 

Back in 2006, an attempt known as the Identity Cards Act 2006 by the then Labour government to introduce just such a scheme soon floundered in the face of wide-ranging criticism and protest. When a new Conservative-led coalition took over power in 2010, scrapping the plan was high on its list of priorities. ​

Back in 2006, the government encountered criticism on grounds that included privacy, human rights, and security concerns. 

​But the failure of the 2006 project also needs to be seen in the context of a government that had been in power for several years. Popularity was waning and it was vulnerable to well-organized opposition from other parties and hostile media. 

Furthermore, much of the protest was focused on the idea of a National Identity Register (holding up to 50 different pieces of information on each citizen), rather than the card itself. Some public resentment was also down to the simple fact that people faced paying up to £60 for the privilege of acquiring one.

Clearly some of the fundamentals around which UK Verify has been built go a long way to addressing these issues. ​​

Let's see.

UK Verify is born into a different world

In the space of ten years, the environment has changed dramatically. In 2006, the government cited the need to combat illegal immigration, terrorism and welfare and identity fraud as compelling reasons to introduce an ID scheme. 

A decade later, all these issues have moved higher up the public agenda.

For example, even back in 2014, 41% of all fraud was identity fraud. And 84% of all identity fraud was committed online. As a result, there is far greater acceptance of the need for tighter security in general and identity protection in particular. 

The frequency with which citizens must resort to a driver's license or passport to prove their identity is also increasing, perhaps reinforcing the case for something designed specifically for that purpose. 

Just as significantly, with the rapid adoption of a host of mobile and online services, secure authentication of one form or another has become part and parcel of everyday life. 

The result is Verify: a single legally recognized means of online authentication that is designed to unlock the door to a new era of eGovernment in the UK.

Dodging the 'Big Brother' label – Verify's federated ecosystem

To avoid accusations of a 'Big Brother' approach, the GDS has created a federated ecosystem in which the online ID scheme is regulated by government, but effectively powered by a range of private sector certifying companies.

At present these include:

  • the Post Office and Royal Mail,
  • Barclays,
  • credit check specialist Experian,
  • security enterprises Digidentity, Secureidentity (by Morpho) and CitizenSafe.

End users enrolling with the Verify scheme choose one of these companies to certify their identity, and are asked to provide documentation to confirm who they are. Typically this might include a passport or driving license, and bank details. The certifying company then makes the necessary checks and, if successful, a Verify account is created.

This can then be used as a single means of access to all digital government services – anywhere the Gov.UK Verify logo is shown. The whole process is completely free-of-charge for end users.

According to PM Theresa May in April 2019, the system has saved UK taxpayers more than £300m but she admitted UK Verify is a challenging project.

The case of the US national ID​

The case of the US citizen​ ID is somewhat similar. ​There is no national ID card in the USA stricto sensu.

  • Today, the Social Security Card can be used to verify identity at certain occasions: employment, to obtain a passport, a driver's license or at the bank to obtain credit.
  • The driver's license in the United States is also a de facto ID document and can be used in many states to buy firearms, open a bank account or travel on domestic flights.
  • In addition, citizens not having a driver's license can get a State ID, issued at the state level and used for identification purposes such as banking, etc. 
  • Of course, the US government passport​ and passport card are official IDs as is the the military CAC card.

Real ID Act

A federal initiative known as the REAL ID Act, passed by Congress in 2005, established minimum security standards for state-issued driver's licenses and identification cards and prohibits Federal agencies from accepting for official purposes licenses and identification cards from states that do not meet these standards.

There's more.

​Identification needed for air travel in 2020

The US Department of Homeland Security (DHS) had requested that  starting January 22, 2018, passengers with a driver's license issued by a state still not compliant with the REAL ID Act would need to show an alternative form of identification (such as a passport) for domestic air travel.  

​​​ Nine states had non-valid DL at that time and ​ (Kentucky, Maine, Minnesota, Missouri, Montana, Oklahoma, Pennsylvania, South Carolina, and Washington) have been granted an extension.

As of Oct.1,​ 2020, Real ID will be the required form of state identification needed to board a plane or enter a federal facility according to CNBC​.

NSTIC federal initiative

The (US) ​National Strategy for Trusted Identities in Cyberspace is exploring a more global system of interoperable identity service providers (public and private), giving individuals the choice of secure credential/s using a variety of options from mobile phones to smart cards and computers.  ​

Public comments are now closed as of 1 May 2017 and are integrated in the NIST Digital Identity Guidelines formerly known​ as  NIST SP 800-63-3. NIST has published the official edition​ in June 2017.​

More from Gemalto on this topic with our 2016 white paper on National Identity schemes.

what is a government id ​