Clearing the pin code chaos on public web sites

Users of public electronic services may look forward to a better future. The Norwegian government has decided to establish a public infrastructure – a common hub – for electronic ID (eID). This decision means that in the future citizens may use the same eID to log on to several public electronic services; the number of services will increase and the services themselves will become more advanced; there’s an end in sight  to the existing pin code chaos.

- It should be safe and secure to use web based public services. Today, the users are required to remember a large number of different user names, passwords and pin codes. This is not only complicated and bothersome; it constitutes a security risk as well, says the Minister of administrative reform, Ms Heidi Grande Røys.

The Ministry of Government Administration and Reform intends to establish a public infrastructure to handle and verify different eIDs currently in use. This includes common eID issued by public authorities and eID issued by commercial sources. The Agency for Public Management and eGovernment (DIFI) has been given the task of establishing this hub.

- This is a reform that is going to have very noticeable effects. It will be  easier for public agencies to develop new electronic services that are technology neutral, advanced and future-oriented. It will be easier for the individual citizen to use public electronic services. It will also provide transparency and guidance  for the ICT industry in their efforts to develop services for public service providers, Ms Grande Røys says.

The new strategic guidelines for the continuing efforts with eID in the public sector are as follows:

- The State is going to offer all interested citizens a common public electronic ID with a medium high security level,  to be used for access to public web services.  The first version of such a common eID is currently available at the web portals MinSide and Altinn. The work to improve this solution starts now.

- A new common public infrastructure, a common  eID-interoperability hub, is going to handle and verify the common public eID as well as  government-approved eID solutions currently being used in the market place. The hub will also be offering single sign-on to public services. The Agency for Public Management and eGovernment (DIFI) has the task of establishing this hub.

-  Government guidelines for risk assessment and  designation of security level for  public agencies’ use of eID and electronic signature, are now published and distributed to all public agencies. This common framework is expected to contribute to a coordination of requirements  for  authentication solutions  and thus prevent each individual agency from developing their own,  agency specific eID for electronic communication with their users.

- The Ministry of Justice is going to present a law proposal about a national ID card in Norway before the end of this year. The national ID card will offer the citizens a  government- issued eID on a high security level.