blockchain-based eID

Swiss City of Zug issues Ethereum blockchain-based eIDs

Abstract

Since November 2017 the Swiss City of Zug has been offering blockchain-based digital IDs to all of its 30,000 citizens, providing an alternative to identity management services provided by Facebook, Google and other Big Internet companies.

People can register for their IDs through the uPort app and an online portal. Each applicant needs to make a quick initial visit to the city hall to confirm that they are indeed a resident of Zug. Once they have been approved, their identity is publicly attested on the Ethereum blockchain.

From that moment on, the owner of the eID can use the mobile app to provide identity information. The authenticity of this data can be validated by checking its digital signature on the blockchain.

Since all personal data is stored only on individual mobile phones — not centrally on a server at the Zug datacentre or publicly on the Internet — and is encrypted, citizens are in full control of what information to release and to whom.

Policy context

Switzerland is having a hard time with electronic identity, the City said in its first announcement on the Zug eID. There is an indisputable need for an electronic identity system, and soon too, if we want to catch the momentum of digitalisation. Ever more digital applications in the private and public sectors require an unambiguous, forgery-proof identification that is not based solely on a password. Currently the focus is only on centralised solutions, including those pursued by the federal government with external partners, like the Suisse ID [1, 2], for example. But so far these solutions have not become accepted. This is mainly because they are relatively complicated to use — and even today they are technically obsolete.

So Zug has decided to go its own way and started a pilot project. We want a single electronic identity — like digital passport — for all kinds of applications, said mayor Dolfi Müller. And we want this digital ID to reside not centrally on the City's premises, but on the blockchain. Our role is only to verify and confirm the identity of a person.

Crypto Valley

For anyone following the blockchain revolution, this move by the City of Zug will be no surprise. In recent years the City has taken a leading role in the deployment of blockchain-based technology. The Municipality of Zug has been accepting Bitcoin payments up to CHF 200 (about 175 Euro) at the Residents' Registration Office since July 2016. Typical applications are fees for small government services like issuing a birth certificate, a proof of residence, or an identity document. According to an article in the January edition of the Zug Stadtmagazin, around fifty people have actually paid fees in Bitcoin using their mobile wallets.

In November 2017 the Zug Chamber of Commerce started accepting Bitcoin payments, as well as payments in Ether, the cryptocurrency that comes with the Ethereum blockchain.

The embracement of blockchain-based technologies fits the city's ambition to become a regional hub for the financial technology (fintech) sector in Switzerland. Over the last few years, the Zug region has become home to a cluster of companies in the digital finance sector. Since January 2017 the Swiss "Crypto Valley" has had its own industry association, CVA, which now boasts more than 500 members. By accepting Bitcoin as an official method of payment, the City Council wanted to send a message to fintech companies and the public.

Stadtmagazin19-screenshot0-cropped.jpg

Description of target users and groups

After the test phase, which started in July 2017, the Zug eID entered a pilot phase on 15 November 2017. The current pilot will last at least six months.

As of February 2018, about 150 citizens had registered for the eID.

Description of the way to implement the initiative

The eID was developed and implemented by the IT Department of the City of Zug (Informatik Zug) in collaboration with the Institut für Finanzdienstleistungen Zug (IFZ), the Lucerne School of Business, and two commercial partners: Consensys-uPort (Zug) and ti&m (Zurich, Switzerland).

Consensys, the developer of the uPort app, is responsible for the self-sovereign identity management system, according to Daniel Truttmann, head of the Zug IT department. ti&m has built the portal where citizens register for their eIDs, and also the certification used by the City of Zug. IFZ was the project initiator, responsible for developing the concept and the system architecture. And the Economic contact point of the Zug Canton has taken upon itself some of the coordination.

Technology solution

The Zug eID consists of three parts. First is the digital vault, which is part of the mobile app. This contains the actual digital ID, which is encrypted; it can be unlocked by the owner biometrically or using a PIN code. Second is the Ethereum blockchain — which by the way has Swiss roots — where the app creates a unique cryptographic address for its holder. Third is the certification portal used by the officials who check that the applicant is a resident of Zug.

After the applicant's name, address, date of birth, nationality, and passport number or ID card number have been verified, this data is digitally signed by the City of Zug, and the signature is stored as a certificate in the citizen's digital vault. Since the City's public key is publicly available from the Ethereum blockchain, anyone who receives an eID from its holder can readily verify its authenticity.

The way the scheme is implemented by uPort is described in more detail here. First, a controller contract for the user is created on the Ethereum blockchain. This allows the user to regain access to their digital identity if they should lose their phone, for example. The controller contract is the actual owner of the identity contract, which is another smart contract on the blockchain.

After a succesful residency check, the City of Zug — itself a digital identity on the blockchain, albeit with special privileges — signs the identity contract of the user, for anyone to see and verify on the Internet. The owner of this special identity is the Zug city clerk.

Zug-eID-screenshot.png

Main results, benefits and impacts

The City is now evaluating several concrete applications that will build on this new identity infrastructure. Examples include access to all the City's online services, bicycle rentals, car parking, borrowing books from the library, and the collection of other fees. The idea is that small simplifications — like being able to borrow books without a library card or rent a bike without a deposit — will make life easier for citizens. Over time, more complex applications will be developed. Third parties could also use the eID, for example when someone wants to rent a room.

As part of the City's 2017 Digital Strategy, each department is now looking into possible applications for its own areas of responsibility. According to city clerk Martin Würmli, digitalisation and e-government will be the central themes of this year for the Zug City Council.

In the second quarter of 2018 Zug plans to organise a consultation on a specific topic for existing eID holders. Its primary goal will be to collect ideas for e-voting based on the new eID.

Return on investment description

We are standing at the beginning of a new technical era, Müller is quoted as saying in the Stadtmagazin article, just like at the end of the '90s when the Internet gradually came into our lives. But we don't have time to plan or wait for years. Let's just do it, and turn Zug into a future-proof smart city.

According to a spokesperson, the pilot project has not generated any costs to the City of Zug.

Categorisation

Type of document
General case study
The content of this field is kept private and will not be shown publicly.