Open Source API for National ID Ecosystems: Assuring Interoperability and Harmonization for Sovereign ID Programs
The SIA’s pioneering new Open Source API will bring interoperability among civil registration and civil identification registries – independent of technology, solution architecture or vendor.
Citizens around the world depend on government issued identities to prove they are who they say they are and to undertake commonplace transactions – from opening bank accounts or registering for school, to obtaining formal employment or receiving social transfers.
It is crucial, therefore, that governments are able to ensure citizens are the same person across all these various registries and issuing agencies, and that an individual’s data – or attributes – are up-to-date. Doing so protects the individual against the risk of identity theft and state agencies against fraud.
To achieve this objective these different registries need to ‘talk’ to one another.
It is this imperative that is currently driving governments around the globe to rollout national ID ecosystems in which multiple identity registries and systems, serving different functions, operate together as a cohesive whole.
The ID ecosystem harmonization challenge – the need for technical standards
ID ecosystem harmonization aims to bring disparate, multiple registries together in a cost-effective and sustainable manner. However, linking these individual systems to exchange, consult or update data represents a considerable task - from a legal, organizational and technical perspective.
Focusing for a moment on the technical challenge, the interoperability needed for creating a functional ID ecosystem is often hampered by the diversity of siloed repositories - each with its own data format, API, access rules, and database type. Added to which, some records may be held entirely in paper-based registers.
This lack of commonality is the direct result of a lack of technical standards for data exchange among registries – especially civil registration and civil identification registries – and it hinders the development of ID ecosystems.
With no standardized way to connect registries, identity system vendors often develop their own ad hoc API interfaces which are tailored to an individual register and based on proprietary technology.
This approach also creates vendor ‘lock-in’ scenarios that potentially leave governments with limited options should they need to evolve their ID ecosystems. Some may be forced to build from scratch and abandon their existing legacy investments.
Open Source API – the pathway to harmonization
To address these challenges, SIA is developing an Open Source Application Program Interface (API) that enables otherwise non-compatible systems to ‘talk’ to one another.
The Open Source API will interconnect Civil Registration (CR) and Civil Identification (CI) registries by defining the services by which attributes are communicated and the meta-language that serves as a template for any data format to be exchanged.
The Open Source API aims to resolve the interoperability and data sharing challenges created by the current lack of universal technical standards. Adhering to the Open Standards principle, the API is truly:
- open source and will be published in GitHub – being available to all
- vendor neutral – developed by a consortium of vendors, it will be maintained via a collaborative and consensus-driven process
- an architecture-neutral solution that preserves legacy systems– the API does not touch existing repositories but operates over the top of these, so governments will no longer be obliged to discard existing ID solutions
The SIA and its members believe that the Open Source API will ensure future interoperability among civil registry and civil identity registries, filling the gap created by the lack of universal technical standards for ID registries interoperability.
For further detailed information on the Open Source API, please contact
stephaniedelabriolle@secureidentityalliance.org
ID Ecosystem – the definition
An ID ecosystem is the ensemble of registries and databases pooled from all sectors and fully integrated to empower the beneficiaries to assert their unique identity to claim legal, human, and administrative rights.
These include:
- Civil Registration (CR) – that manages vital events such as live births, recognition, partnership, separation and deaths and includes key biographic information about the individual.
- Civil Identification (CI) – that usually includes biometrics and is the basis for a national ID card.
- Functional systems and registers – such as voters’ rolls, land registry, passport, vehicle registry, residence registry, education, health, benefits, police and judiciary.
Enabling interoperability and harmonization – the Open Source API
The Open Source Application Program Interface (API) enables otherwise non-compatible systems to communicate by:
- Defining a set of services:
o The API defines a set of services i.e. defines in which case systems should exchange information and for which purpose. For example the ‘ID_creation’ service, upon birth registration in the CR, exchanges baby attributes from CR to CI to create the baby’s identity in the CI
o The API defines which type of information exchange is taking place for each identified service. For example in the case of‘ID_creation, data is directly exchanged as opposed to simply consulted
- Defining a set of rules:
o The API defines which data is to be shared for each service. For example in the case of‘ID_creation, the CR shares name/surname, date of birth with the CI , and in exchange will receive a unique identifier (UIN) for the baby
o The API defines the way shared data must be recorded/written. For example in the case of‘ID_creation, the date of birth is expressed as dd/mm/yy and not mm/dd/yy
o The API defines the way data must be shared in a common namespace. For example in the case of‘ID_creation, this could be:
“name”=Debora;
“surname”=Comparin;
“date of birth”=23/02/89
- Defining protocols:
o The API defines the set of protocols by which data is exchanged (REST, HTTP, etc.)
