By Markus Hoffmeister, cryptovision GmbH.
For many years, we have worked with our clients across the African continent with the aim to bring secure ID systems to the African people. Combining cryptovision’s experience with European technical and regulatory standards and our customers’ understanding of local requirements has been the basis of many successful projects in the region. When the Economic Community of Western Africa (ECOWAS) decided to implement a unique ID card for all its member states’ citizens, cryptovision realized the huge opportunity this presented. It is because of our understanding of the European interoperability efforts, that we see the enormous relevance of the ECOWAS ID card standard for our clients in West Africa, such as Ghana and Nigeria.
A West African Identification System
What is the scope of the ECOWAS ID card? It is designed to provide the maximum protection against fraud and identity theft while offering interoperability with the various national systems. The Economic Community of Western Africa (ECOWAS) consists of 15 countries whose aim it is, to promote economic and political cooperation, abolish trade restrictions, remove obstacles to the free movement of people, goods and services and the achieve harmonization between the regional policies of the member States. Passport-free travel is a complex vision and, within the ECOWAS, concerns a population of more than 300 million, a surface area of more than 5 million square kilometres, 5300 km of Atlantic coastline and 12 member states with ocean access.
Interoperability of national ID schemes is key
The nature of any national ID scheme is exactly that – its national. However, insufficient cross-border interoperability prevents citizens and businesses from benefitting from Economic Communities, such as ECOWAS. In the European Economic Area, national identity cards are issued to their citizens by the governments of all European Union members except Denmark, Ireland and the UK. Citizens holding a national identity card cannot only use it as an identification card in their home country, but also as an ICAO-standardized travel document to exercise the right of free movement in the EAA. Already in 2006, all European Union member states agreed to implement common design and minimum security standards for their perspective national ID cards, such as the size, material, ICAO-specified and machine readable biographical data as well as compliance of the electronic ID functionality with the ISO / IEC standard 144443.
Among the first ECOWAS BIC documents issued – GhanaCard
As a key vendor to the Ghanaian prime contractor Identity Management Systems (IMS), a subsidiary of Margins Group, cryptovision delivered critical components for the project, including the applications on the eID card, the backend certificate infrastructure, and middleware components used at the card issuance terminals.
The Ghanaian government has ambitious goals to issue a total of 16 million eIDs to its citizens within 12 months. The GhanaCard is a multi-application document. In addition to the primary function of identity verification, it also serves as a passport equivalent for travel within the ECOWAS sub region. Furthermore, it will enable strong two-factor authentication as a password replacement for eGovernment services online and can be used for digital signature of electronic documents. It is also suitable for financial transactions, as the plan is to enable citizens to activate the payment application after card issuance.
To ensure the security of the GhanaCard and its infrastructure, the Ghanaian government rely on technology provided by cryptovision: For the functions on the card and also the Public Key Infrastructure (PKI), as well as the token based access to the PKI. The GhanaCard PKI, which is designed for 16 million certificate holders, ranks among the most advanced certificate management systems worldwide – incorporating several certification authorities (CAs) and multiple certificates on each card.
In terms of document security, Ghana Card is one of the few eID documents outside of the EU to feature a card verifiable, certificate-based PKI. Leveraging EAC and SAC provides one of the most secure eID documents in Africa, while still providing a simple method to access card information via the CAN. The government of Ghana is planning to use the same chip platform and ePasslet for other documents, like an electronic passport and the electronic driving license.