By S de Labriolle on Sunday, 12 June 2022
Category: OSIA Publications

Unlocking the identity ecosystem with OSIA: A universal interoperability framework for innovation, competition, and sustainability

pdf DOWNLOAD FLYER (2.47 MB)

Around the globe, trusted legal identity is the foundation of national security, social protection, and economic growth strategies.
As the identity market matures, technologies like digital ID, biometrics and cloud platforms are transforming the ID landscape, making it possible to


To capture this opportunity without undue cost or time-consuming integration effort, governments need to be free to evolve, adapt, modernize, and add to their systems with confidence – and without fear of future compatibility issues.


Until recently, however, the initiation of highly functional and interoperable ID systems that are easy to upgrade or change has been constrained by a siloed approach and lack of standardization that made it difficult to connect registries or exchange, consult, or update data between systems.


In 2019, the Secure Identity Alliance (SIA) launched the global Open Standards Identity APIs (OSIA) initiative to address these challenges.


OSIA: Promoting open and transparent government-industry collaborations


Enabling the all-important government-industry collaborations needed to create the frameworks that make it possible to build truly open, innovative and future-proofed national ID systems, OSIA is transforming how governments leverage ID to deliver real-world impacts for their citizens and national economies.

OSIA: An Overview

To solve the interoperability challenges within the identity sector, the OSIA initiative is focused on a clearly defined scope of work:


1. Build a common understanding of the functional scope for identity systems building blocks


OSIA’s first step has been to formalize the definitions, scope, and main functionalities of each building block within the identity management system.

2. Create a set of standardized interfaces and data dictionary


For this core piece of work, OSIA is focused on developing the set of interfaces and standardized data dictionary needed to connect the multiple identity system components and ensure seamless interactions via pre-defined services.


It is then down to each government to define and implement the interaction processes between individual components (which in turn determines which interfaces are associated with each component), according to local laws and regulations.

OSIA: Interfaces to date

OSIA Benefits

Initiating a pragmatic approach that assures interoperability and harmonization across the extended ID ecosystem, OSIA delivers benefits for a multitude of stakeholders.


Unleashing market innovation


By delivering interoperability among vendor solutions, thanks to the development of open standard interfaces, OSIA both establishes the conditions that support an equal marketplace and makes it possible for the wider identity community to collaborate in new ways.

OSIA operates at the interface layer and does not define – or therefore favor - any technology at the component layer (which is typically where the differentiation among vendors takes place). Equal competition among vendors is therefore assured.

Like the Open Banking revolution, OSIA exposes high performing standardized interfaces that will enable new use cases and market offers – from the simple to the complex.

Market consolidation can often lead to major products being put into maintenance – leaving governments with little choice but to replace these. Now, thanks to OSIA’s open standards, whatever the status of a product, it will continue to be interoperable with new offers.


Address integrator/ vendor lock-in


Injecting new levels of flexibility and openness, OSIA enables governments to leverage industry expertise and exert full control over their sovereign identity systems. So they can pursue their national development agendas - without any fear of integrator/ vendor lock-in.
With OSIA, governments are no longer forced to implement a wall-to-wall solution from a single vendor and will not encounter compatibility difficulties when evolving their existing legacy solutions.
In other words, OSIA gives governments the freedom to:

Enabling identity as a service

Providing a universal framework that makes it possible for governments to initiate digital ID and services for all, OSIA empowers governments to build the foundations for a smarter citizen ID future. Whether that is unleashing new inclusive eGovernment solutions that give citizens ease of access to public services. Or enabling trusted digital ID schemes that extend the use of citizen ID into other online areas - such as banking and payments.

OSIA facilitates the link between sovereign identity management solutions and digital identity solutions, like mobile ID, by standardizing the ad hoc interfaces that decouple providers of the ID management solution and the digital ID solution.

OSIA enables the secure and controlled flow of data and services, like ID deduplication and authentication, across multiple foundational and functional registries – even where these registries are run by separate ministries and government agencies. Armed with these capabilities, governments are able to reduce public sector payroll fraud, reduce leakage in public benefits and social protection disbursements, reduce fraud associated with tax filing and ensure the integrity of the electoral process by reducing voter fraud.

OSIA and digital ID


Identity verification and document authentication


ID Usage consists of a set of services implemented on top of identity systems to favour third parties consumption of identity data. The services can be classified in three sets. The first, the Relaying Party (RP) API is provided within the OSIA framework, with the second and third – Digital Credential Management and Federation Services – delivered within an extended framework of ISO and Open ID Connect standards.

OSIA Relying Party API: submitting citizen ID attributes for validation


The purpose of the OSIA Relying Party (RP) API is to extend the use of government-issued identity to registered third party services. The individual will submit their ID attributes to the relying party in order to enroll for, or access, a particular service. The relying party will leverage the RP API to access the identity management system and verify the individual’s identity. In this way, external relying parties can quickly and easily verify individuals based on their government issued ID attributes.

The RP API enables a telco operator to check an individual’s identity when applying for a service contract. The telco relies on the government to confirm that the attributes submitted by the individual match against the data held in the database therefore being able to confidently identify the new subscriber. This scenario can be replicated across multiple sectors including banking and finance, airlines, hospitality, aid agencies and many more.

ISO Digital Credential Management: delegating digital issuance to third parties


The purpose of the Digital Credential Management is to enable external wallet providers to manage government issued digital credentials distribution, storage and usage. The OSIA specification points to the ISO ISO22230 standard.

The DCM enables individuals to request a digital driver license as a digital credential in their selected wallet to use for online and offline identification.

Open ID Connect Federation: user-initiated attributes sharing


The purpose of federation is to enable the user to share their attributes with a chosen relying party using well-known internet protocol: OpenID Connect. The relying party benefits from the government’s verified attributes.

Here, the Federation service enables individuals to log-in with their government credential (log-in/password) and share verified attributes ex. age (above 18) with the relying part.

OSIA is not a new concept

Watch webinar on Open APIs as a Pathway to Identity and Sectorial System Development


Harnessing open APIs to unlock value, fast track transformation, increase the agility of service development, and build deep and integrated identity systems isn’t a new notion.
Other industries have already seized on the transformational power of APIs to:

Let’s take a look at just two sectors that are using APIs to unlock new value, and to build and connect modern applications to one another – and to the data and services that power them.


Telecom

The telecommunications sector is deploying open APIs to enable rapid, repeatable, and flexible integration among operations and management systems that make it easier to create, build and operate complex innovative services.
Collaboratively developed by stakeholders from across the industry, the TM Forum’s Open API suite of 50+ APIs are propelling innovative new digital services in a number of key areas – including IoT applications, smart cities, mobile banking and more.


Open Banking


Powered by APIs that facilitate the flow of data and make it possible for banks to securely share customer information with verified third-party service providers, the Open Banking revolution is enabling banks to build new digital ecosystems and adapt fast to business and consumer demands for innovative services that save them time and money.
Whether that’s seeing all of their accounts, savings and credit cards in one place – regardless of who they bank with. Or tracking their payments to gain insights on spending patterns. Or determining their creditworthiness and demonstrating their eligibility for a range of financial services.


The evolution of the Open API Economy


Open APIs are now major enablers of full scale digital transformation across both public and private sectors. Beginning in the early 2000s as internal initiatives within technology companies, Open APIs evolved rapidly as online eCommerce giants like Amazon recognized the opportunities of levering this approach to open up systems and data to their merchant base. Today, we see a wealth of exciting new initiatives – not least open banking – being driven by a ever-evolving Open API ecosystems. Now, as adoption of OSIA grows across the world, we are witnessing the rapid growth of an Open API ecosystem coaleccing around Identity Management – and though this, the ability to create truly inclusive and more efficient public services.