Directorate for Science, Technology and Industry

Digital Identity Management and Electronic Authentication

 

Return to > Information security and privacy

Short address for this page: www.oecd.org/internet/idm

© semisatch - Fotolia.com 

Digital identity management | Electronic authentication

Digital identity management

Digital identity management is fundamental for the further development of the Internet Economy

The management of digital identity has many facets - technical, economic, social and cultural - and is complex to understand and address as a whole. It raises the issue of how to translate in the digital world the mechanisms through which individuals trust each others as a prerequisite to interacting with each other.

Thus managing digital identity is essential for the Internet to operate as a platform for economic development and social progress.

At this stage, the management of digital identity does not seem to have reached the level of maturity which would enable the full realisation of the Internet economy. In particular, interactions which carry a high level of risk are not yet common on the Internet.

The level of trust that existing digital identity management practices provide is not high enough for users to engage into this type of transactions. Why is the market not providing an appropriate response?  How should governments approach this question and what should be their role?Download

‌Digital Identity Management:
Enabling Innovation and
Trust in the Internet Economy

This booklet on “Digital Identity Management: Enabling Innovation and Trust in the Internet Economy” represents the culmination of analytical work by the OECD between 2007 and 2011 to achieve a shared understanding among government policymakers about digital identity management, its role in the Internet economy and how to develop better public policies in this area.

The booklet compiles four reports which are also available separately.

  • Main section: Guidance for policy makers (2011)

The main section explains briefly what digital identity management is and why it is fundamental for the further development of the Internet Economy. It provides guidance to government policy makers for developing digital identity management strategies that support innovation across the public and private sectors while enhancing security, privacy and trust online (also available separately). This section builds on the main findings of the work reflected in the annexes below.

  • Annex 1: National Strategies and Policies for Digital Identity Management in OECD Countries (2010)

This annex includes a comparative analysis of national strategies for digital identity management in 18 OECD countries. It explores how governments approach digital identity policy making and identifies key commonalities and differences across countries at strategic and policy levels. It is also available separately.

  • Annex 2: The role of Digital Identity Management in the Internet Economy: A Primer for Policy Makers (2009)

This annex reflects the general understanding of this policy area in 2009, before the analysis of government strategies. It provides policy makers with a broad-brush understanding of the various dimensions of digital identity management and aims to support efforts to address public policy issues for securely managing and protecting digital identities. It is also available separately.

  • Annex 3: OECD Workshop on Digital Identity Management (IDM) - Trondheim, Norway, 8-9 May 2007

This annex includes the proceedings of a workshop organised by the OECD and hosted by the Norwegian Ministry of Education and Research and Ministry of Government Administration and Reform in 2007. The workshop brought together experts from government, industry and civil society to explore the main information security and privacy issues surrounding digital identity management. The agenda, presentations and proceedings are also available online.

OECD work on digital identity management was developed in furtherance of the Seoul Ministerial Declaration on the Future of the Internet Economy (2008). It stands at the crossroad of OECD activities in the area of security of information systems and networks and privacy protection, all carried out by the WPISP.

 

Electronic authentication

Download

OECD Recommendation
on Electronic Authentication
and OECD Guidance
for Electronic Authentication
‌OECD work on digital identity is the continuation of almost ten years of policy work on electronic authentication since 1998, in the early days of e-commerce and e-government. The main outputs include:

This legal instrument encourages efforts by Member countries to establish compatible, technology-neutral approaches for effective domestic and cross-border electronic authentication of persons and entities. It should be read in conjunction with OECD Guidance for Electronic Authentication (see below).

This document provides policy and practical guidance for the development, implementation and use of electronic authentication products and services as they relate to the authentication of persons and entities.

The Guidance sets out the context and importance of electronic authentication for electronic commerce and electronic government and provides a number of foundation and operational principles that constitute a common denominator for cross-jurisdictional interoperability. It aims to help Member countries and non-Member economies establish or, as appropriate, amend their approaches to electronic authentication with a view to facilitate cross-border co-operation.

It served as the basis for the 2007 OECD Council Recommendation on electronic authentication (see above).

This Declaration was adopted at the Ministerial Conference "A Borderless World: Realising the Potential of Global Electronic Commerce" held in Ottawa, Canada. It recognises the importance of authentication for electronic commerce and outlined a number of actions to promote the development and use of electronic authentication technologies and mechanisms.

 

See also

OECD Workshop on Digital Identity Management (Trondheim, Norway, 2007)

What is the Working Party on Information Security and Privacy (WPISP) ?

Information Security

OECD Policies for Information Security & Privacy

 

 

 

Countries list

  • Afghanistan
  • Albania
  • Algeria
  • Andorra
  • Angola
  • Anguilla
  • Antigua and Barbuda
  • Argentina
  • Armenia
  • Aruba
  • Australia
  • Austria
  • Azerbaijan
  • Bahamas
  • Bahrain
  • Bangladesh
  • Barbados
  • Belarus
  • Belgium
  • Belize
  • Benin
  • Bermuda
  • Bhutan
  • Bolivia
  • Bosnia and Herzegovina
  • Botswana
  • Brazil
  • Brunei Darussalam
  • Bulgaria
  • Burkina Faso
  • Burundi
  • Cambodia
  • Cameroon
  • Canada
  • Cape Verde
  • Cayman Islands
  • Central African Republic
  • Chad
  • Chile
  • China (People’s Republic of)
  • Chinese Taipei
  • Colombia
  • Comoros
  • Congo
  • Cook Islands
  • Costa Rica
  • Croatia
  • Cuba
  • Cyprus
  • Czech Republic
  • Côte d'Ivoire
  • Democratic People's Republic of Korea
  • Democratic Republic of the Congo
  • Denmark
  • Djibouti
  • Dominica
  • Dominican Republic
  • Ecuador
  • Egypt
  • El Salvador
  • Equatorial Guinea
  • Eritrea
  • Estonia
  • Ethiopia
  • European Union
  • Faeroe Islands
  • Fiji
  • Finland
  • Former Yugoslav Republic of Macedonia (FYROM)
  • France
  • French Guiana
  • Gabon
  • Gambia
  • Georgia
  • Germany
  • Ghana
  • Gibraltar
  • Greece
  • Greenland
  • Grenada
  • Guatemala
  • Guernsey
  • Guinea
  • Guinea-Bissau
  • Guyana
  • Haiti
  • Honduras
  • Hong Kong, China
  • Hungary
  • Iceland
  • India
  • Indonesia
  • Iraq
  • Ireland
  • Islamic Republic of Iran
  • Isle of Man
  • Israel
  • Italy
  • Jamaica
  • Japan
  • Jersey
  • Jordan
  • Kazakhstan
  • Kenya
  • Kiribati
  • Korea
  • Kuwait
  • Kyrgyzstan
  • Lao People's Democratic Republic
  • Latvia
  • Lebanon
  • Lesotho
  • Liberia
  • Libya
  • Liechtenstein
  • Lithuania
  • Luxembourg
  • Macao (China)
  • Madagascar
  • Malawi
  • Malaysia
  • Maldives
  • Mali
  • Malta
  • Marshall Islands
  • Mauritania
  • Mauritius
  • Mayotte
  • Mexico
  • Micronesia (Federated States of)
  • Moldova
  • Monaco
  • Mongolia
  • Montenegro
  • Montserrat
  • Morocco
  • Mozambique
  • Myanmar
  • Namibia
  • Nauru
  • Nepal
  • Netherlands
  • Netherlands Antilles
  • New Zealand
  • Nicaragua
  • Niger
  • Nigeria
  • Niue
  • Norway
  • Oman
  • Pakistan
  • Palau
  • Palestinian Administered Areas
  • Panama
  • Papua New Guinea
  • Paraguay
  • Peru
  • Philippines
  • Poland
  • Portugal
  • Puerto Rico
  • Qatar
  • Romania
  • Russian Federation
  • Rwanda
  • Saint Helena
  • Saint Kitts and Nevis
  • Saint Lucia
  • Saint Vincent and the Grenadines
  • Samoa
  • San Marino
  • Sao Tome and Principe
  • Saudi Arabia
  • Senegal
  • Serbia
  • Serbia and Montenegro (pre-June 2006)
  • Seychelles
  • Sierra Leone
  • Singapore
  • Slovak Republic
  • Slovenia
  • Solomon Islands
  • Somalia
  • South Africa
  • South Sudan
  • Spain
  • Sri Lanka
  • Sudan
  • Suriname
  • Swaziland
  • Sweden
  • Switzerland
  • Syrian Arab Republic
  • Tajikistan
  • Tanzania
  • Thailand
  • Timor-Leste
  • Togo
  • Tokelau
  • Tonga
  • Trinidad and Tobago
  • Tunisia
  • Turkey
  • Turkmenistan
  • Turks and Caicos Islands
  • Tuvalu
  • Uganda
  • Ukraine
  • United Arab Emirates
  • United Kingdom
  • United States
  • United States Virgin Islands
  • Uruguay
  • Uzbekistan
  • Vanuatu
  • Venezuela
  • Vietnam
  • Virgin Islands (UK)
  • Wallis and Futuna Islands
  • Western Sahara
  • Yemen
  • Zambia
  • Zimbabwe
  • Topics list