search

EUSurvey / EUSURVEY

EUSurvey is an opensource surveying tool. It features different types of questions, free text fields as well as more complex elements like editable tables and gallery elements. Results can be displayed as histograms, percentages or in full details and can be exported to different formats. All submitted answers (or a sub-set) can be published automatically on a dedicated webpage within the application. It is freely available for any organisation or administration, public or private and can also be deployed as an open source version.
https://ec.europa.eu/eusurvey
European Union Public License 1.2
126 stars 33 forks source link

allow to require eID login #456

Open edmundlaugasson opened 3 years ago

edmundlaugasson commented 3 years ago

Is your feature request related to a problem? Please describe. Currently there is not possible to identify real person behind the EU ID. Anyone can create fake email and go to https://ecas.ec.europa.eu/cas/ and create a fake account, activate it via fake email and voila - fake identity has been created. Therefore it is not possible to identify the real person behind the identity, which makes survey unreliable.

Describe the solution you'd like This could be solved, when to allow require eID login for EUSurvey. This in turn requires in first place to connect EU Login with eID, then it would be possible to participate in such survey, which is the intended behaviour to avoid fraud with fake account.

Here is the design idea, how it could look like: eu-survey-security-design-idea

This means, that each identity could be required independently and, or together with others.

Describe alternatives you've considered There are no alternatives at the moment.

Additional context Today we can connect EU Login with eID via such dialog: eID-login

edmundlaugasson commented 3 years ago

In addition I would propose to solve it so, that person can set up EU Login to require eID with login. Then it could be easier to require just eID with survey via EU Login. The idea is to just add the eID choice to that menu. When choosing eID, there will be checked, whether the used account has connected with eID and if it is, the login will continue with eID and later EUSurvey can detect, that user has authenticated via eID and is suitable to respond to such survey, where eID was required. Also any other website, that is using EU Login. eu-survey-security-design-idea2

BRU-EUSurvey commented 3 years ago

Thank you. We have passed your request to the EU Login team. If/when they implement this new login option, then we will adapt EUSurvey accordingly. Please note that the best is to contact the EU Login team directly.