National Identity Document, or DNI. Its name expresses what it is: an object that you must carry around to prove that you are who you say you are. Not carrying it or having it expired can incur more serious fines and penalties. But in the current era, in which digital is imposed on the rest, that of always carrying a piece of plastic with you, and having to make appointments to renew it, sounds archaic.
Why not have it digital, just like bank credit cards? That is what the DNIe project will be looking for.
DNIe Digital Identity Project
Just yesterday, the Director General of the Police, Francisco Pardo, announced in the Interior Commission of Congress, where he has explained the body’s budgets for 2021, that the National Police is developing an application that will allow citizens to carry their DNI mobile phone. An app called DNIe that will be accompanied by a series of measures that will expedite the issuance of that document, such as paying fees with a credit card.
The DNIe Digital Identity project will be financed with resources from the EU Fund for the Recovery and Resilience of the Spanish economy, which has a global endowment of 25 million euros. Of these, 6.5 million will be incorporated next year to carry out the following actions: DNI 4.0; Express DNI; inclusion of tablets in the issuance of documents; payment of fees through POS terminals and the APP “DNIe en el Móvil”.
And as a consequence of this, it will no longer be necessary to bring a photograph for the renovation, because it can be done at the moment in the office itself.
The DNIe 3.0 was a cutting-edge identification card that met all national and international requirements, but as it was a product that had been created more than ten years ago, a new design is needed. Although Pardo did not want to go into more details about DNI 4.0, in this official document of the ICCC 2019 (International Common Criteria Conference) we have more details about the intentions regarding redesign, security and improvement of the elements that have become obsolete:
Longer shelf life
The DNIe 4.0 requirements, called to have a longer useful life, must be totally redesigned and developed taking into account the latest technical requirements, not only the selection of chips, but also the available functions and certification standards.
New trends in security should be included in new software architecture designs. Furthermore, two different symmetric key algorithms must be supported. Thus, if a cyberattack breaks the security of the scanning algorithm, it could be easily resolved by switching to the second algorithm.
The new DNIe must comply with the IDAE Regulation and with three different protection profiles: eID, ePasaporte and QSCD to guarantee interoperability abroad. The ‘Contactless’ or non-direct contact communication channel -without inserting it in any slot- that the DNI 3.0 makes use of and which is operated by Microsoft has “some limitations”. The restrictions must disappear and the DNIe 4.0 must be used with contact and non-contact readers, and indistinctly
The new products must be designed in such a way that the document can be configured at the FNMT facilities as a DNIe, Passport or Residence Permit. One of the goals is to minimize the time the card spends generating asymmetric keys, which is the most time consuming step.