11
REGIONAL FRAMEWORK ON ELECTRONIC KNOW YOUR CUSTOMER (E-KYC) AND ELECTRONIC IDENTITY (E-ID) FOR ECAPI
2 INFRASTRUCTURE DEVELOPMENT AND POLICY IMPLEMENTATION The guiding principles in this section have been drafted to support the implementation of the overall system. They provide the technical features and capabilities that can be considered to ensure a robust system that meets a country’s current needs as well as evolves to allow for innovation and sustainability of the system. This section also focuses on features that will maintain security and privacy, and approaches that make the e-ID and e-KYC systems more user-centric.
GUIDING PRINCIPLE 5: BUILDING TECHNOLOGY FOR IDENTIFICATION SYSTEMS
Regulators can ensure that the technology used to develop the identity system is robust, has relevant capabilities, and is customizable. KEY ASPECTS > Regulators need to promote the building of trust frameworks for digital identity systems comprising technical specifications, laws, and policies related to data protection. A consent framework should also ideally be worked into the design of the system to ensure a user-centric approach is followed. > Authorities need to ensure that key features such as deduplication and fraud detection processes, and privacy by design, are embedded in the technology infrastructure. > Authorities need to oversee and ensure that the technology and devices used will support multimodal authentication (more than one biometric), offline authentication and onboarding, and other such exception handling procedures.
COMMON BIOMETRIC AUTHENTICATION MODES
Iris scan
Facial scan
Fingerprint scan
Voice recognition
> The architecture can also include the development of application programming interfaces (APIs) that can be leveraged for different use cases, such as e-KYC by third parties. APIs should be made easily available to streamline access to data for productive use. > Technical standards for the system need to adhere to international norms to ensure best practices are followed. Standards on biometrics, smart cards, digital signatures from standard-setting bodies such as ISO and NIST are integral to developing a system that is relevant and interoperable across regions.