DUBAI: Identity cards, or “Bitagat Al-Hawiyya” as they are known in the Arab world, have been around for decades, helping governments and institutions keep track of the public’s movements and their personal data for a variety of uses.
Many countries have some kind of mandatory national ID system, which allows citizens and residents to work, travel, pay their taxes and access government services. In exchange, citizens must hand over their personal data — in some cases even their medical history.
Entrusting the state with so much private data can seem unnerving or intrusive for some, wary of its potential abuse by third parties, especially now that technologies allow authorities to bulk collect and store electronic and biometric data.
The debate inevitably raises the question of just how much privacy citizens are willing to part with in exchange for security, efficiency and convenience in the modern digital economy. There are no easy answers of course.
Systems of identity verification have been around for thousands of years in the form of symbols, jewelry and even markings on the skin. More recently, authorities have been transitioning from paper-based credentials to far more comprehensive digital profiles.
In the case of Saudi Arabia, the shift from the National Register to the electronic identification (e-ID) program began at the end of 2007 as part of the government’s wider digital transformation strategy.
It began with the issuance of polarized cards to all citizens over the age of 15. “In 2008 we issued the first national identity card with an electronic chip that holds the citizen’s biographic and biometric data,” Pascal Lesaulnier, CEO of Thales Saudi Arabia, told Arab News.
“This was a crucial point in the evolution of the national identity scheme in the Kingdom of Saudi Arabia, as it opened the door to the possibilities of a wide application and usage of the e-ID across several platforms such as banking and telecommunications.”
It was these two sectors in particular that really propelled the shift towards e-IDs in Saudi Arabia, as new customers had to be verified before they could access financial and digital services, Lesaulnier said.
One country leading the way in digital identity verification is Singapore, becoming the first in the world to adopt facial verification in its national identity scheme in September.
The new system, which was designed to give Singaporeans secure access to public and commercial services, has stirred privacy fears. But the government’s technology agency insists the system is “fundamental” to its future digital economy.
Andrew Bud, founder and chief executive of iProov, the UK company providing the technology, told the BBC that “cloud-based face verification” will be integrated with Singapore’s digital identity scheme.
“You have to make sure that the person is genuinely present when they authenticate, that you’re not looking at a photograph or a video or a replayed recording or a deepfake,” he said, describing the system’s state-of-the-art functions.
The GCC countries have already embraced several digital ID programs that work in tandem with new e-services. In the UAE, for instance, the Emirates ID has long been used as a travel document since special e-gates were added at many of the country’s airports in 2002.
Insurance companies and medical facilities have also started linking ID cards to their networks, removing the need to carry around a health insurance card.
Meanwhile, in Saudi Arabia, Vision 2030 and the National Transformation Program (NTP) are accelerating primary and digital infrastructure projects with the aim of raising living standards. “Solutions such as the e-ID can help governments improve security and deploy electronic applications to offer better public services,” said Lesaulnier.
In 2011, the Saudi Ministry of Interior asked all nationals with ID cards expiring in 2012-13 to update their details in an effort to phase out the old photo cards and replace them with new ones.
Two years later, the Saudi government introduced its first mandatory national identity cards for women — independent of their fathers and husbands — phased in over a period of seven years. “The Saudi e-ID creates a secure digital identity for each cardholder. It is a simple provisioning means of credentials and a secure, efficient physical and electronic identity verification tool,” said Lesaulnier.
The new e-ID, which is valid for a period of 10 years, is made from a highly durable, laser-engraved material coupled with an electronic chip containing the carrier’s biographic and biometric data, including demographic background, photograph, fingerprints and even their Hajj records. Applications and renewals can be made at more than 100 offices across the Kingdom.
Besides being recognized as an official travel document between all GCC countries, the card also provides carriers with a digital signature through a Public Key Infrastructure (PKI) application
“For example, it has the ability to store the holder’s health profile, which ambulance crews can read and know which blood type the card holder has and whether he or she has any allergies or diseases. In emergency situations, this type of information could save lives,” Lesaulnier said.
Because the e-ID chip has a big memory capacity, Lesaulnier believes the possibilities are endless for all kinds of e-service innovations. “In the future, the e-ID card can see credentials saved in a cloud tied with a mobile wallet, where all service cards such as a driver license, vehicle registration and banking cards can also be featured, as well as verified and authenticated in the most secure way possible,” he said.
The privacy debate around ID cards will no doubt continue as governments keep updating regulations and shore up their cybercrime defenses. But as more and more aspects of life move conveniently into the digital domain, the question many might ask is how did we cope without them for so long.