French government to include NFC passport reading in digital identity app

Hand holding smartphone with Alicem and French Ministry of Interior logos over the top
AUTHENTICATION: French citizens will be able to create a digital ID via their smartphone using the Alicem app

A new digital identity service to be introduced by the French government this year will use NFC passport reading to enable citizens to use their smartphone to securely enrol themselves onto the system.

“President Emmanuel Macron’s government is pushing through plans to roll out an ID programme, dubbed Alicem, in November, earlier than an initial Christmas target,” Bloomberg reports.

“An ID will be created through a one-time enrolment that works by comparing a user’s photo in their biometric passport to a selfie video taken on the app that will capture expressions, movements and angles. The phone and the passport will communicate through their embedded chips.”

The new service was announced in May 2019 and has been undergoing testing by the French Ministry of the Interior since June.

The aim is to enable citizens to securely authenticate themselves to any of the 500-plus services available via FranceConnect, a government-backed online services gateway used by government agencies and private sector companies including banks.

The Alicem smartphone app will allow “anyone who decides to use it to securely prove their identity,” the Ministry says.

Advantages include simplified registration — since users will be able to use one eID to access multiple services rather than having to individually register with each service provider — an increased level of security and a high level of user control over their data, it adds.

“Alicem targets the ‘high’ guarantee level in the meaning of the European regulation on electronic identification and trust services for electronic transactions, known as the eIDAS regulation,” the Ministry explains.

“The aim of the eIDAS regulation is to increase confidence in electronic transactions within the European Union for online services, including public ones. It defines three levels of guarantee: low, substantial and high, depending on the degree of robustness of the electronic identification solution in the face of attempts at identity theft on the internet.

How it works

“The identity issued by Alicem is based on the information contained in the secure chip of a biometric title (passport or residence permit),” the Ministry adds.

“When creating the account, Alicem checks by facial recognition that the person who uses the smartphone is the holder of the title.

“This high level [of security] will gradually give the possibility to access services that currently require ‘physical’ verification of peoples’ identity, either at a counter or by examining copies of several documents sent in by the user.

“Personal data is only stored on the user’s mobile phone, under their exclusive control. With Alicem, the data is shared only with the online services to which the user chooses to connect. Sharing is only validated after the user has entered his security code.”

“No biometric data can be shared,” the Ministry adds. “The photo extracted from the chip of the title remains stored on the mobile phone of the user.

“The facial recognition video made when the account is created is deleted immediately after verification. The data will not be processed and will not be passed on to third parties.”

App registration

To register with Alicem, the first step will be to create an account on the app, French language technology publication 01net explains.

“In the manner of a contactless payment, you will need to scan the biometric chip of your electronic title (passport or residence card) using the phone. The system then has access to the data stored therein — except fingerprints — which will then be checked.

“This step deals with the authenticity and integrity of the document as well as the current validity of the document.”

The final step is to perform biometric identity verification using both a static photo and a dynamic video.

“In front of your screen, you have to move about so that the camera captures the features of your moving face,” the publication says. “Finally, at the end of this process, the ‘digital identity’ is generated.”