Verifying applicant identity currently constitutes a significant use of time and manpower when processing travel document applications. In Guangdong, China, the immigration bureau is trialling two new methods of digital identity verification: the self-service ‘Smart Kiosk’, and mobile identity verification via the applicant’s own mobile phone. These methods aim to facilitate the administrative process for both applicants and authorities. Whilst some questions still remain regarding how to implement these new systems, pilot schemes for both have shown promising results and it is likely that their use will be expanded in the future.

Due to uneven economic development and mobility of the population, the driving force for adopting new technologies in China varies from province to province, leading to the fragmentation of administrative pro­cesses in different provinces. However, as one of the most modernised and advanced provinces, Guangdong takes on the role of pioneer in promoting innovations in handling administrative affairs.

Guangdong is also the most populated province in China, with over 111 million residents in 2017 – the only province in China with a population over 100 million. Therefore, the local government faces numerous challenges in terms of population management, posing a heavy burden on the provincial immigration bureau when handling travel document applications. Traditional application processes can no longer meet expectations in terms of efficiency, and therefore the Guangdong provincial immigration bureau has become very pro­active in seeking innovative ways of handling travel document applications.

Starting in early 2018, two pilot cases – the Smart Kiosk (see Figure 1) and Mobile ID
(see Figure 2) – have been trialled by the Guangdong provincial immigration bureau in an attempt to assess the feasibility of adopting digital identification using self-service kiosks and enabling auto­matic identity verification
by electronic means. Both cases have successfully passed the feasibility assess­ment, marking the first cornerstone in a
move towards a world of digital identities.

Pilot 1: The Smart Kiosk

Besides general self-services such as fingerprint collection, portrait shooting, application processing, electronic signature and e-Payment, several innovations have been implemented in the Smart Kiosk to ensure the integrity of the enrolment process and data security, including liveness detection, big data forecasting, risk assessment for early warning, and facilitation of the application process in one go.TE_24507_Fig01Figure 1: The Smart Kiosk: a cubicle with an inner private space for handling travel document applications, and a side module for issuance of travel permits for mainland travellers to Hong Kong and Macao.

TE_24507_FIG02Figure 2: Mobile ID: identity verification by mobile phone.

Liveness detection

Live-captured digital images such as the movement of eyelashes and eyelids, pupil contraction and expan­sion in response to different light sources, are auto-processed and compared in the background to ensure the integrity of the application.

TE_24507_Fig03Figure 3: The nationwide platform for big data forecasting and risk assessment for early warning.

Big data forecasting and risk assessment for early warning

A nationwide platform that synergises personal infor­mation from across multiple government segments provides new fore­casting models and risk assessment data, which enable the authority to better plan for resource allocation and risk management (see Figure 3).

Facilitation of the application process in one go

Empowered by big data and intelligent handling, all self-services can be done in one go at the kiosk, including immediate issuance of a permit for travel to Hong Kong and Macao, minimising the effort spent on applicant enrolment processes and strengthening the security of personal information.

Observations on the Smart Kiosk pilot

The Smart Kiosk trial has been very successful in terms of its practicability for both the public and authorities. Firstly, the average time spent by an applicant on operating the kiosk for a single application has been reduced to less than 12 minutes in one go, compared to the traditional processing method which would take 80% more time to complete in multiple stages. Secondly, the artificial intelligence implemented in the kiosk has helped to significantly reduce the cost of additional resources, especially manpower, required on site to handle the traditional method of processing applications. It is expected that the number of appli­cations processed by the Smart Kiosks will reach more than 120 per day per kiosk when they are running at full capacity, which would be equivalent to two additional members of staff on duty. Moreover, the Smart Kiosk is able to run 24/7, which adds a lot of value to the current provincial immigration services.

The Smart Kiosk has also successfully met expecta­tions from the perspective of data security and accu­racy. Currently all Smart Kiosks are imple­mented in secure locations at authority offices, where data security during all transactions is guaranteed by the local secure network. Moreover, thanks to the application of big data and intelligent handling, the Smart Kiosk facilitates the task of automatically updating personal data, while at the same time using machine learning to increase the confidence level of liveness detection. According to the assessment report on self-service applications handled by the Smart Kiosk, so far no false or invalid cases have been identified or reported.

Pilot 2: Mobile ID

The Mobile ID concept being trialled focuses on identity verification on the user’s mobile phone, which aims to facilitate e-Government services, synergise resources, and allow implementation within the private sector. Beside the adoption of the latest mobile technology for use in hardware security and biometric verification, several innovative ideas have been implemented in day-to-day situations, such as CTID-based liveness detection, and cardless electronic identity verification.TE_24507_Fig04Figure 4: CTID-based liveness detection interface on Mobile ID.

 

CTID-based liveness detection

Cyber Trusted Identification, or CTID, is an electronic identity verification platform developed and operated by the First Research Institute of the Ministry of Public Security, which serves as a trusted portal for identity verification and ID card verification. Besides the live-capture of digital images for various biometric features, voice recognition is also being implemented as an additional facet of the identity verification process (see Figure 4).

Cardless electronic identity verification

The aim of this initiative is to reduce the risk of personal information being leaked during traditional identity verification, where a physical identity card is required to be presented and photocopied. The cardless electronic identity verification system will generate an encrypted certification and generate a dynamic QR code on the user’s mobile phone.TE_24507_Fig05Figure 5: Cardless hotel check-in with Mobile ID.

This cardless electronic identity verification system has already been initiated in several situations, such as checking into a hotel (see Figure 5), pawn shop registration, patrol checking, access control and logistic registration. The level of uptake varies from city to city, depending on existing infrastructure.

Observations on the Mobile ID pilot

In the current digital world, demand is growing for convenient services that the customer can access on their own mobile phone in real time. The Mobile ID trial shows great potential in facilitating e-services in a more secure and efficient way by implementing identity verification on a mobile device. From a data security and information protection point of view, the Mobile ID system is very successful due to the fact that CTID is endorsed by various authorities and certified by the Ministry of Public Services, ensuring user trust and the security of data transactions.

However, there have proven to be some difficulties in implementing Mobile ID in practice. Firstly, there is a lack of motivation in some parts of the private sector as the implementation requires investment, whilst immediate profit cannot be expected. Secondly, many administrative processes in the public sector are too complex and layered, resulting in difficulties scaling the use of the new technology to its full potential. Last but not least, there are still limitations on the Mobile ID enrolment process that discourage uptake by the public. One example of this is that the cardholder is required to make a trip to the designated station with their physical identity card in order to activate the electronic verification function. There is still a long way to go.

Future direction

Although both pilot cases have shown great potential in the feasibility assessment, the overall plan to integrate the schemes within the digital identity world is still only half way there, and a number of concerns need to be addressed before progressing forward.

Security at public or remote locations

The core concern in improving the mobility feature of the Smart Kiosk is how to ensure the kiosk itself and the associated data will not be tampered with when a kiosk is moved to a public or remote location, and how to ensure data integrity as well as personal information security in the absence of a secure private network environment and guarded facility. It is believed that additional hardware security features, such as trusted embedded elements, will have to be implemented in order to increase the level of security when handling travel document applications at remote locations. However, exactly what kind of hardware security features are adequate to the expected security requirements has yet to be evaluated.

Possibility to modernise and improve the Smart Kiosk

It is believed that e-Government services could be the first to benefit in terms of efficiency and cost reduction from adopting Mobile ID verification in the enrolment process. By adopting Mobile ID verification using the Smart Kiosk, the applicant might be able to access the same level of service without having to go to the immigration bureau office. Future travel permits may also be replaced by an electronic equivalent, which could be used along with Mobile ID verification, adding value to the authority as cost of printing documents can be reduced and card durability will be improved.

Possibility to expand the use of Mobile ID

Similarly to the implementation of e-Government services by the immigration bureau, the social security bureau is also pilot-testing the use of Mobile ID as an aid in liveness and remote identity verification for elders over 65+ years old to minimise the effort they must spend on travelling. The transportation depart­ment is also performing a feasibility evaluation on the adoptability of an e-Driving licence using Mobile ID verification. It is believed that more and more govern­ment sectors will take Mobile ID into consideration as a tool to facili­tate existing e-Government services.