Background/Motivation

[dbosk]

En identifiering med e-legitimation kostar runt 20 öre [An identification with e-ID costs around 0.20 SEK]. This is bad. More on this.

Also, the centralized design of BankID is bad for privacy.

It also just supports identity-based authentication instead of fully-fledged anonymous credentials.

[dbosk]

Currently the scenario for BankID is this. Alice wants to log in to service S. She clicks login and enters her ID-number (national identification number), she opens her phone, checks it's the correct service that wants to authenticate her, she enters her secret code and voilà, she's logged in. (Alice can log in to the service from another app or her computer.)

I'm fairly certain that BankID could replace SSO services like Facebook and Google. And I think Identity Mixer could replace BankID:

• It must be adapted it to a federated environment, many certificate authorities.
• We need a decentralized design, then the only point of centralization would be the certificate issuance by the certificate authorities.
• We also have the usability aspect, we need to achieve the level of usability as the BankID app has.

[dbosk]

There is eIDAS regulation to consider (Wikipedia summary). In Sweden it's the Swedish E-identification Board/E-legetimationsnämnden who is the responsible agency for electronic IDs.