digitalswitzerland is a Swiss-wide, cross-industry initiative that aims to strengthen and anchor Switzerland as a global leader in digital innovation. Under the umbrella of digitalswitzerland, Association members and politically neutral Foundation partners work together transversally to achieve this goal. The appointment of new Managing Director Stefan Metzger in January 2022 highlights a transition to a stronger focus on impact, with 6 priority activities to make Switzerland one of the leading digital nations in the world.
Are you interested in a membership or partnership? We are happy to have a conversation with you about our offerings, answer any questions you might have and to discuss the next steps. Please contact us at firstname.lastname@example.org.
The winter session will deal with a smaller number of political issues with a clear digital connection (about 15) than the previous autumn session (more than 30).
The focus of the winter session will undoubtedly be on the election of the two Federal Councillors. In addition, the “hot topic” of energy and the implementation of the OECD tax bill will dominate both chambers.
A central concern for the digitalisation of Switzerland is the Federal Act on the Use of Electronic Means for the Performance of Official Duties (EMBAG). This is currently in the process of being amended. If the law is adopted, which we assume it will be, the following principles will be realised in the public sector, more specifically in the area of e-government: open government data, open standards and open source. Furthermore, the EMBAG enables the start-up financing of public-private digitalisation projects of public interest. digitalswitzerland has campaigned for the EMBAG and is we hope that this milestone towards the principle of “digital first” will be reached.
By 2030, there will be a shortage of 38,700 ICT specialists in Switzerland, as the latest study by ICT-Berufsbildung Schweiz shows. This is despite increased efforts to promote young talent. As the largest contributor, vocational education and training (VET) is the key to meeting the demand for skilled workers. This is because 79 percent of all ICT degrees originate in VET. In order to meet the growing demand for ICT specialists, the apprenticeship quota must be increased from 5.9 to 8.1 percent.
In their study, ICT-Berufsbildung Schweiz explains why the ICT skills shortage has implications not only for the ICT sector but for the Swiss economy as a whole and what we can expect for the future. Further, the organisation proposes additional measures to solve this pressing issue.
In a letter dated 18 May 2022, the consultation on the Maturity Recognition Ordinance and the Administrative Agreement on the Recognition of Maturity Certificates was launched. digitalswitzerland thanks economiesuisse for this opportunity and is happy to comment from the perspective of the digital economy. We would like to state that we fully support economiesuisse’s statement.
The forecasts for the demand of skilled workers in previous years were always too conservative: Switzerland’s ICT sector is growing faster than expected. However, Switzerland is losing ground to other nations.
The study “Opportunity costs of the ICT skills shortage” published by digitalswitzerland shows: The weaker growth of the Swiss ICT sector compared to surrounding countries will make Switzerland less and less attractive for foreign skilled workers, which can have serious consequences over time. The study reveals what these consequences are and what actions economy, politics and education could take.
The study was created by IWSB Institute for Economic Studie Basel on behalf of digitalswitzerland.
5 September marked the kick-off of Swiss Digital Days 2022, which include more than 200 free offers for the population. The big highlight on opening day: the unveiling of a unique, Switzerland-wide crypto-art project in cooperation with Swiss Post. The study “Opportunity costs of the ICT skills shortage”, also published today by digitalswitzerland, once again highlights the importance of the Swiss Digitaltage, as it impressively shows the consequences of the skills shortage on Switzerland’s competitiveness in the medium to long term. To actively address this problem, a substantial part of the Digital Days programme revolves around the promotion of future skills of young talents, for example through the main format “NextGen: Future Skills Labs”.
Study on digitalisation and cybersecurity in SMEs 2022
With the propagated “end” of the pandemic, the flexibility of SMEs is also coming to an end. Primarily working from home has not become established, as the results of the latest study on digitalisation and cybersecurity in SMEs show. The situation is similar with cybersecurity: despite a strong presence in the media, the topic has a low priority among the companies surveyed. The implementation of organisational and technical measures to improve cybersecurity has also not increased. One third of the surveyed SMEs outsource their IT security to external service providers. The quality of the services offered is thus crucial for the security of small businesses in Switzerland.
The survey was carried out on behalf of the Swiss Mobiliar Insurance Company Ltd, digitalswitzerland, Allianz Digitale Sicherheit Schweiz, the University of Applied Sciences Northwestern Switzerland FHNW – Digital Transformation Competence Centre and the Swiss Academy of Engineering Sciences SATW.
2022 marks an important phase for digitalswitzerland with work on further strategy refinement and a new direction. The appointment of new Managing Director Stefan Metzger in January 2022 highlights a transition to a stronger focus on impact with six priority activities to make Switzerland one of the leading digital nations in the world. digitalswitzerland is dedicated to supporting Switzerland’s digital transformation as a leading and fertile breeding ground for digital innovation.
“Times of change create new opportunities. And there is no doubt that digitalswitzerland is experiencing an exciting evolution with every year that passes. I look ahead to the next 12 months with enthusiasm and optimism. As a team and as a nation, we have overcome many challenges in recent times. The continued fallout from the Covid-19 pandemic and rapid digitalisation has created a ‘new normal’ that shapes the way we live. Our strategy embraces ambiguity and will use it to our advantage. It allows flexibility and freedom, while also keeping a laser focus on our areas of impact. We will challenge ourselves to question how all regions of Switzerland and every actor in our society can play an active role in digitalisation for future prosperity and success.“
–Stefan Metzger, Managing Director digitalswitzerland
The refinement of the strategy, known as Strategy 2025, defines the key success factors that make up a digital nation. These will be strongly promoted by digitalswitzerland and other key players. digitalswitzerland’s priorities for 2022 are focused on the following key areas of impact: Education, Cybersecurity, e-Health, e-Sustainability, strengthening regions and SMEs and lastly, cloud availability and infrastructure. We concentrate on enablement, collaboration and orchestrating united thinking on these important topics.
Review of 2021
Members & Partners
The merger between digitalswitzerland and ICT-Switzerland, which took effect on 1 January 2021, resulted in a distribution of Association members and politically-neutral Foundation Partners. Members of the Association play an active role in bringing digitalswitzerland projects to life – including political ones. The digitalswitzerland Foundation provides an open and independent forum for neutral debates around digital change.
At our Annual General Assembly on 27 May 2021, Sascha Zahnd was elected the new President of digitalswitzerland. He succeeds Ivo Furrer, who stepped down after three years in office.
“SMEs are integral to what makes Switzerland’s economy unique and make up over 99% of companies and create two-thirds of the jobs in our country. We must make sure that SMEs are equipped to embrace the digital future. Digital literacy and the opportunity to avail of new skills and competences, spread across all regions of the country will help to foster growth and future success. Digitalisation continues topush every nation’s boundaries of what is possible. Switzerland needs to step up to this challenge and continue to innovate to remain competitive. Our 2025 strategy is underpinned by mobilising the strength of our regions, and SMEs that can be elevated to the next level by embracing digitalisation. We must act now.“
–Sascha Zahnd, President digitalswitzerland
Education & Skilled Workforce
In order to remain competitive, Switzerland’s most important resource is education. The last twelve months have seen the team and our supporters and network collectively tackle the challenges that face the Swiss education system across all age groups. We continue to champion lifelong learning and new skills, promote diversity in the workforce and create flexible paths for education.
digitalwitzerland’s 2021 output: The partnership with the association ICT-Berufsbildung Schweiz, which aims to actively counter the ICT skills shortage in Switzerland, continued to be at the forefront in 2021. Jointly, we shape ICT vocational training in Switzerland for competent ICT professionals.
Striving for balance
When it comes to activities in STEM, we are fully committed to moving the dial forward on female attainment in STEM. This topic is in immediate need of attention. For an international comparison, Switzerland has one of the lowest percentages of women graduating in STEM fields. In 2017, women accounted for 22% of STEM degrees in Switzerland. In the OECD, only Chile has a lower proportion of women. The percentage of women entering STEM degree programmes in Switzerland increased from 28.2% in 2010 to 31.2% in 2019. There is still huge work to do in the area and at this rate of growth, it will take until 2074 to equalise the gender balance in STEM majors.
digitalwitzerland’s 2021 output: In 2021, the STEM campaign launched the previous year by digitalswitzerland and Pro Juventute continued with enthusiasm. The aim of the campaign is to bundle existing STEM campaigns and actions in order to significantly raise awareness of the opportunities of STEM career choices nationwide.
Our Future Skills campaign reaches out to young people and showcases inspirational role models who have chosen STEM careers. Meet our 12 Role Models on our dedicated playlist on YouTube. To address our skills shortage, we must mobilise younger generations and effectively communicate the advantages and opportunities of STEM. 80% of the ICT workforce comes from ICT apprenticeships, highlighting the projected skills shortage.
This campaign has the aim to promote STEM as a key part of the solution to address the exciting and pressing challenges facing our world. We also used the last 12 months to reach youth and new audience groups through various channels. Our Future Skills campaign resulted in 10’000 + combined views on YouTube, TikTok and Instagram.
The Boost Programme
The future will depend on how we are shaping it. But in order to proactively co-create the digital world, we need to invest in the digital literacy of our society and the education of the next generation to create empowered citizens in a digital age. There is a lack of investment in lifelong learning: only 0.8% of personnel costs and 0.8% of working time are spent on lifelong learning in Switzerland.
digitalwitzerland’s 2021 output: Since May 2021, the Boost Programme supports the digital upskilling of employees in Switzerland for the second time. Special focus is given to least-qualified employees and the promotion of basic digital skills. The programme is led by digitalswitzerland and UBS and is open to SMEs, large companies and self-employed individuals based in Switzerland.
Lifelong learning offers Switzerland the opportunity to remain competitive. Successful re-skilling typically yields productivity gains of 6 to 12% and is a real driver of long-term success. During the 2021-2022 edition, an impressive 131 individuals were admitted to the Boost Programme. We are proud that since the 2020 launch, 243 people have benefited from digital training.
Each individual takes away something different in terms of training and testimonials from Reto Sidler and Johanny Pestalozzi bring to life the unique commitment of each candidate to their digital future. Over CHF 80’000 has been committed to beneficiaries since May 2021 and we look forward to even greater reach and success as the year unfolds.
Leap Digital Demo Day
At the annual Leap Digital Demo Day digitalswitzerland members and partners were inspired by the 15 plus collaborative innovation projects. We presented and celebrated the existing thriving member-initiated projects within the Leap ecosystem.
Privacy Icons emerged as the winner from six contenders. Their innovative solution has created a Swiss standard for data processing based on pictograms & bots that enables a simplified usage of personal data. More than 100 guests from the Swiss economy and research participated in the public online event, via live stream. The goal of the collaboration is for diverse teams from different disciplines and industries to jointly master transversal challenges with digital, sustainable and clearly defined innovation projects
Circular Economy & Digitalisation
In 2021, digitalswitzerland and sanu durabilitas published a joint whitepaper, exploring how digital technologies can become key to the circular economy and bring important benefits to all stakeholders.
The publication entitled; “Two megatrends leading towards a Switzerland of the future – the interplay of circular economy and digitalisation” highlights the state of development of innovative solutions, supporting policies and frameworks in Switzerland, and which products are already pioneers in this area.
Many stark facts were put under this spotlight in this publication which calls for change including the following: 100 billion tonnes of materials enter the global economy every year (Circle Economy, 2021), of which 87 million tonnes enter the Swiss economy (Empa, 2021).
4T-DLT gaining momentum
On 1 August 2021, Switzerland became one of the first countries in the world to enact legal regulations for blockchain technology. This creates legal certainty and enables innovation and growth. Switzerland is one of the leading locations in the area of distributed ledger technology (DLT) and blockchain.
2021 was a year of intense activity and milestones for “4T-DLT” initiative, which emerged from digitalswitzerland’s innovation programme.
During the year, four short educational videos were released explaining the cornerstones of a trustworthy Swiss digital data infrastructure. Under the umbrella of digitalswitzerland, members pursue the approach of federated, collaborative innovation with the intention of strengthening Switzerland as a leading financial centre and global innovation hub for DLT and FinTech projects.
Another important goal was reached with the release of the whitepaper: The Four Elements of Trust of a Reliable and Interoperable DLT Infrastructure. Launched in 2021, the whitepaper sets out the technical and legal framework for building a secure, interoperable, reliable and trustworthy digital infrastructure. This is also intended to provide the basis for the future implementation of standards for products and services required for decentralised financial markets.
Collaborative Innovation | WISER
In 2021, Innosuisse approved the WISER project with CHF 4.8 Mio for the next four years. digitalswitzerland brought together 14 leading industry and research partners to jointly build the world’s largest open source ecosystem for CO2 emissions accounting made in Switzerland. This project focuses on enabling decarbonisation and is digitalswitzerland’s biggest project since its inception. Against the backdrop of the Paris Climate Agreement, we are taking a closer look at the ambitious net zero goals that Swiss organisations have set for themselves.
Stephanie Tauber Gomez, Innovation Lead from dCH explains in this video the vision of WISER and how to join.
“With the WISER flagship, we intend to address and solve two transversal challenges that need to be considered on the way to a net zero Switzerland: simplifying the analysis and exchange of data on GHG emissions from various stakeholders to then enable more efficient, informed & automated actions to tackle climate change.”
– Didier Beloin-Saint-Pierre, Scientific Lead from Empa
The initiative counts private companies, cities and research institutes as partners who will jointly design use-cases to implement the proposed solutions.
Digital Days 2021 goes hybrid
At Digital Days and during the six-week run-up, more than 100’000 people were interested in 700 events that took place both online and at more than 30 venues across Switzerland. Digital Days also offered viewers a varied 18-hour livestream programme on two channels. There was something for all ages and interests.
#HerHACK Female-led Hackathon
#herHACK – the biggest female-led Hackathon in Switzerland, mobilised female brain power and creativity to come up with prototypes and digital solutions for a more sustainable future. Over 200 women took on seven challenges, bringing seven teams to the final round. Ideas and solutions flowed with the result that three teams celebrated; Team Iconics with a solution for sustainable nutrition, Team Full Snack Developers and Team Watercount.
Digital Economy Award
At the Digital Economy Award, more than 1’000 guests from the digital industry, research, business and politics celebrated the digital achievements of the year. The award ceremony took place at the Hallenstadion Zurich as part of a gala dinner. Federal Councillor Karin Keller-Sutter delivered an inspiring opening speech and reminded guests of the importance of active participation in shaping our digital future; “Digitalisation must serve people – and not the other way around.”
A 40-member expert jury chose the deserving winners. In addition to the awards in the categories Digital Excellence, Digital Innovation of the Year, Highest Digital Quality and The Next Global Hot Thing, we celebrated two NextGen Hero winners. These inspiring personalities under the age of 25 play a significant role in shaping Switzerland’s digital future.
Keeping SMEs safe in the digital space Did you know that ⅓ of all Swiss SMEs have already been the victim of a cyber attack? This worrying statistic calls into focus the immediate need to support and educate the Swiss population on the dire consequences of a cyber breach.
Successful CyberSeal Launch
Tackling this challenge head-on led to the successful creation and launch of the CyberSeal. It certifies IT service providers who ensure their customers an appropriate level of cyber security by taking the necessary technical and organisational measures. The seal of approval increases the digital security of SMEs and raises digitalisation to a higher level of quality. The CyberSeal seal of approval is valid for three years and in the pilot phase, 11 companies were certified. A successful start and with great ambitions for 2022 and beyond.
Study on digitalisation and cybersecurity in SMEs 2021
Together with Mobiliar, FHNW, SATW and Allianz Digitale Sicherheit Schweiz, a representative survey of SME CEOs throughout Switzerland was conducted in 2021. The study “Home Office and Cybersecurity in Swiss SMEs” shows that although the majority of executives are more or less aware of cyber threats, the general level of knowledge about cyber security still needs to be improved.
While a quarter of the companies surveyed were affected by cyberattacks in 2020, more than a third were in the second survey. The implementation of technical measures against cyberattacks is at a high level. However, there is much potential in the implementation of organisational measures such as conducting security audits and employee training.
Cybersecurity quick check for SME
The security of citizens, the state and companies in the virtual space remained a key concern during 2021. We want every organisation, especially SMEs to question how well their company is protected and prepared against attacks from cyberspace? The online quick check helps to determine the current situation. A great success of the last 12 months is that this service for SMEs reached 2’000 individuals in 2021.
The Cybersecurity Committee which consists of 38 members and met four times a year during the course of 2021. In the meetings of the Cybersecurity Committee, the current developments in the implementation of the Confederation’s National Cyber Strategy were discussed with the federal representatives. In addition, there was an exchange on the general threat and security situation as well as a report on current projects and a mutual exchange of experiences.
Startup & International
Switzerland: a high quality startup location
Switzerland is one of the most attractive countries in the world when it comes to access to venture capital for Startups. And to demonstrate the point, 2021 brought exponential growth with over CHF 3.1 billion invested in startups. When we compare the year 2020, CHF 2 billion of investment was made. Switzerland also ranks first in the Global Innovation Index of the World Intellectual Property Organization (WIPO) for more than ten years in a row. It is no surprise that this impacts startups positively, especially in technology transfer and early-stage financing. However weaknesses exist in digitization and accelerating growth. These areas must be addressed to ensure Switzerland remains competitive on the global stage.
Swiss Startup Battle (Digital Days)
15 selected startups from Switzerland showcased how they want to change the future and create impact. The jury and the audience decided on the 5 finalists, who pitched in front of an exclusive jury for the win of CHF 10’000 and AWS credits. The startup that took home the recognition of the public vote was Amplify, while the overall and grand prize winner was Smeetz.
8x ScaleUp Bootcamps
The ScaleUp Bootcamps offered Swiss and international startups unique business development opportunities. The 2021 matchmaking event brought together 244 industry leaders and startups.
We welcomed a total of 244 participants with an average of 30 participants per bootcamp. For the 1-to-1 meetings, there were a total of 359 participants with an average of 45 per bootcamp. Finally, there were 137 follow-ups planned by participating corporates with an average of 3.3 per corporate and 73% can leverage the contacts they made during the SUB in the future.
ScaleUp Cruise Zurich
180 people came together to cruise beautiful Lake Zurich: 70 scale-ups, 30 investors and 50 startup CEOs. Together with Samuel Müller (Scandit), Lea von Bidder (AVA), Alain Chuard (Wildfire), Dominique Mégret (Swisscom Ventures) and Gina Domanig (Emerald Technology Ventures), the scaleup playbook and the focus on recruitment and fundraising took centre stage at the event.
Swisstech: CES Las Vegas virtual
The Consumer Electronics Show (CES) 2021 took place virtually for the first time in 50 years. Switzerland presented itself under the umbrella of Swisstech with 23 startups. To ensure an intensive digital experience, S-GE and Swisstech partners Presence Switzerland, Innosuisse, swissnex, digitalswitzerland and the Swiss Business Hub USA have organised a virtual stage.
Hannover Messe goes virtual
With Hannover Messe 2021, the world’s most important industrial trade fair took place from 12 to 16 April in a purely digital format, and Switzerland was once again represented with a national pavilion. From unmanned helicopters and the use of the latest models of artificial intelligence to tube machine producers, the Swiss online exhibit had a lot to offer.
The Federal Government has outlined its Directional Decision for the E-ID 3.0 by calling for a Swiss e-ID ecosystem, based on state-operated infrastructure. The new Expert Studio format was launched to bundle the existing knowledge on the e-ID ecosystem.
GITEX Parliamentary trip
Exploring the Middle East’s vibrant innovation ecosystem and meeting digital pioneers from around the world: The 9th Parliamentary Seminar took place on 16-17 October 2021 on the occasion of Dubai World Expo and GITEX Technology Week in Dubai. Besides visiting both exhibitions, the participants could expect interesting presentations, discussions and meetings.
digitalswitzerland advocates for clear understanding and favourable framework conditions enabling the successful digitalisation of Switzerland. Political positions taken by digitalswitzerland reflect exclusively the opinion of the digitalswitzerland association and its members, and not the position of the foundation’s partners.
The following two position papers were published in 2021:
15 March 2021 – Letter regarding the political business “Provisional judicial opening, adaptation to changed business practice (digitalisation) [19.3448, Dobler]: Read the statement: German version, French Version
Our Public Affairs Committee consists of 27 members and had six meetings in 2021. The Public Affairs Committee is responsible for the discussion and evaluation of political business in digital policy. Where necessary and appropriate, digitalswitzerland’s concerns are communicated to politicians and the public in the form of statements, position papers or at events.
ePower session event: 28 September 2021
In the national parliament, we have two parliamentary groups that deal with topics of digital politics: the parliamentary group ePower – ICT for Switzerland and the parliamentary group digital sustainability Parldigi. Together, we regularly organise session events on current digital policy issues.
digitalswitzerland Session Event Monday, 14 June 2021 | Can Switzerland go digital? Lessons from the crisis. Read the review: German version, French version
What’s to come: 2022 and beyond
Public Dialogue | Digital Days
The countdown to the Swiss Digital Days 2022 is really on. This year’s event marks a return to physical experiences for the first time in two years. Taking place on 5 September – 23 October 2022, a pop-up installation will accompany local activities in seven regions of Switzerland.
eHealth under the microscope
eHealth will remain a strong focus for digitalswitzerland. Switzerland’s healthcare system is the second most expensive healthcare system in the world. Only through a common national vision to digitalise the healthcare system successfully can we move forward and reduce healthcare costs. Currently in the ideation phase, the team is conducting interviews with members and experts from the Swiss healthcare system. When it comes to events, an exciting panel discussion will also take place at the WEF Breakfast, hosted in the ETH Pavilion with all key healthcare players in May.
When we look to the future, we will further expand the reach of digitalswitzerland in the regions. Central Switzerland will continue work on a roadmap to establish activities. A close consultation process will be pursued with Cantons and existing initiatives. The possibility of joint activities with the startup initiative *zünder (Central Switzerland Founders) are under evaluation. In Ticino, the spotlight remains on member acquisition and relationship building to create even more impact.
The last months have been a hive of activity for our member relations team. digitalswitzerland acquired 16 new members who now join our 200+ strong network. The newly refined strategy will continue to place a strong focus on attracting SMEs and regional organisations. Continuing to push our boundaries and reach, in the next quarter, we will focus on the players in the pharmaceutical industry.
A future of opportunity
Our digital future is dependent on how we adopt or reject new thinking and technologies. We will embrace the remainder of 2022 with enthusiasm to bring our new strategy to life, and invite the Swiss population to join us. A warm thanks to our members and their support of our mission. This allows us to refine and sharpen our 25 Swiss-wide initiatives to deliver even more impact.
The transition to an ecosystem of digital credentials, initiated by the federal government’s directional decision, is a generational project that requires input from – and collaboration between – government, the private sector, academia, and civil society. This document is intended to serve as an initial contribution to the ongoing meta-level debate about the development of the e-ID ecosystem in Switzerland. As this field continues to evolve, the document can be understood as an early expert perspective that reflects the views from private sector organisations and academic institutions and will be further refined in future versions.
The document does not constitute a political statement on behalf of digitialswitzerland, nor should it be understood as such. Likewise, the experts’ contributions do not imply any political statement on behalf of their respective organisations. The discussion input is intended for all stakeholders in Switzerland, whether from politics, business, academia or administration, who are interested in the ongoing development of the e-ID ecosystem.
About the Authors
This document was jointly written by ten digital identity experts from the private sector and academia. It was produced between January and April 2022 by a working group, called the ‘Expert Studio’, which was initialised and moderated by digitalswitzerland. All digitalswitzerland members were invited to participate.
The following experts made this discussion input possible through the generous commitment of their time:
Vitus Ammann, Senior Advisor Digital Transformation, SBB CFF FFS
Graeme Entwistle, Emerging Tech Innovator, UBS
Christoph Graf, Programme Manager, SWITCH
Raffael Knecht, Senior Manager/Lawyer, Swisscom
Marius Matter, Member of the Executive Board, ti&m
Frank Michaud, Principal Engineer, Cisco
Stéphane Mingot, Head of Adnovum Incubator, Adnovum
Prof. Dr. Tim Weingärtner, Professor of Blockchain & Smart Contracts, Lucerne University of Applied Sciences and Arts (HSLU)
Prof. Dr. Reinhard Riedl, Professor of E-Government, Berne University of Applied Sciences (BFH)
Andreas Schneider, Chief IT Architect, Allianz Suisse
Jan Friedli, Senior Innovation Manager, digitalswitzerland
digitalswitzerland is a nationwide, cross-sector initiative that aims to strengthen Switzerland’s position as a leading digital nation. Under the umbrella of digitalswitzerland more than 230 organisations, consisting of association members and politically neutral foundation partners, are working together to achieve this goal. digitalswitzerland is the point of contact for all questions relating to digitalisation and is committed to solving a wide range of challenges. Learn more about digitalswitzerland here.
Special thanks go to the Digital Identity and Data Sovereignty Association (DIDAS) for their invaluable contribution to this discussion paper and for generously providing many of the images in this document. We are particularly grateful to Vasily Suvorov, President of DIDAS, for his excellent input.
In December 2021, the Federal Council took a directional decision that envisions an e-ID ecosystem based on a state-operated infrastructure and in line with the principles of self-sovereign identity (SSI) and the focus on data protection, privacy by design, data minimisation, and decentralised storage. In this context, the e-ID is the main verifiable credential (VC) – to which other VCs can be linked – but nonetheless one VC among many within a digital wallet. There are several national and international efforts relevant for this e-ID ecosystem. See Chapter 1 for details.
The Vision of a Swiss Ecosystem of Digital Credentials
The proposed ecosystem would transpose the current reality of traditional (paper or plastic) credentials to the digital world. Traditional human trust (e.g. trust in reliable issuers of defined credentials in different areas of everyday life) would be complemented by technical trust based on international standards and cryptographic technologies. As far as human trust is concerned, it would be sensible to rely on the same institutions that we trust today in the analogue world. However, to establish technical trust, a national, publicly licensed network with a government-designated supervisory authority would be expedient. The nodes of the network should be distributed across several Swiss organisations, including the government, non-governmental organisations (NGOs), universities, and the private sector. See Chapter 2 for details.
Concrete User Value
Only a level 3 ecosystem, where there are many issuers and verifiers, can offer enough benefits to justify the investment and risks. In other words, opting for ‘small and simple solutions’ carries a much higher risk of failure. A level 3 e-ID ecosystem that follows SSI principles would put the identity holder at the centre and empower them to own their digital identity. For the government and the state, the issuance of various VCs in combination with the e-ID could provide an alternative to the current reliance on in-person authentication and significantly boost digital services in the e-government sector. Finally, the e-ID would offer the basis for innovative services to be built by sectoral ecosystems. See Chapter 3 for details.
We recommend implementing the e-ID ecosystem according to SSI principles with the appropriate technology. It would thus consist of three roles (holders, verifiers, issuers) that communicate with each other and verify data using a decentralised registry. Establishing trust in the technologies and standards, as well as in the participants of such an ecosystem will be critical. This can be guaranteed through open standards, robust reference implementations, and a certification process that is instituted by the federal government. In addition, interoperability must be ensured at the three levels of ambition, between ecosystems in the sector, and in an international perspective, through the use of common standards by all stakeholders. To gain confidence and insights, it would be useful to set up a sandbox with representative use cases to validate the standards and establish a reference implementation. With this approach, we can lay the foundation for productive use of the technology and governance framework. See Chapter 4 for details.
In the analogue world, we use the well-established Swiss ID card for various identification processes and leverage the existing human trust in the state governance of the processes around the ID card. According to Level 3, an e-ID ecosystem should transfer this existing trust to the digital world by having – wherever possible – the same entities that already ensure human trust in the ID card ecosystem take on the same role in the ecosystem of digital credentials (EDC). This could be accomplished by mirroring the e-ID process to that of the ID card and giving existing trust operators (e.g. the commercial register) a corresponding role in the EDC (e.g. issuing VCs with information from the commercial register). Many sectoral use cases will rely on such existing trust services. See Chapter 5 for details.
Creating a reliable digital trust ecosystem, where secure identities form the basis for legal proof fills an important gap, as the lack of trust-building elements in digital transactions is the biggest barrier to digitisation today. Addressing this shortcoming will create a solid breeding ground for the digital economy and for high-quality e-government. From a legal perspective, it would be useful to create a legal framework that is in line with international e-ID solutions, especially those of the EU. See Chapter 6 for details.
An e-ID ecosystem in line with SSI principles implies that the responsibility for managing the digital wallet and its VCs is transferred to the user. This brings significant advantages (e.g. data ownership), but also requires considerable secondary efforts (e.g. awareness campaigns). The digital wallet as the central interface to the e-ID and VCs is particularly important and should be as intuitive as possible. The issuing and revoking of VCs must thus be simple, fast, and straightforward. In addition, societal diversity needs to be considered when discussing and implementing the e-ID, the associated VCs, and the digital wallet. In the spirit of digital inclusion, all citizens must be actively supported in understanding and using the new technologies (e.g. through training). See Chapter 7 for details.
The opportunity cost of the unresolved trust problem as an obstacle to digital transformation is very high. In building an EDC, however, we face a kind of chicken-and-egg problem involving three actors (holders, verifiers, issuers). In this context, a Level 3 e-ID ecosystem has the greatest chance to succeed. To enable adoption, the cost of issuing the e-ID should be equal or less than the cost of issuing the physical ID card it digitally represents. Further, the identification process via e-ID should therefore be free of charge for both consumers and organisations. In general, building an ecosystem can neither be fully planned in advance nor can it be fully implemented ad hoc. See Chapter 8 for details.
The starting point for the building of the e-ID ecosystem will be the issuance of the e-ID itself, together with e-ID enabled digital signatures. The Swiss government has the political mandate for this implementation. This will kick off two parallel work streams. One will focus on developing demonstrators that show potential use cases in a sandbox setting, the other on designing and building infrastructure and governance. For example, e-government services could start accepting government-issued VCs in combination with the e-ID. The ecosystem, in turn, could issue VCs in combination with the e-ID in cases where the short- to medium-term economic benefits are obvious and/or for instances where broad stakeholder commitment can be achieved through regulatory means or through existing offerings. See Chapter 9 for details.
Chapter 1: Starting Point
In September 2019, the Swiss parliament passed the Federal Act on Electronic Identification Services (e-ID Act) by a clear majority. Shortly thereafter, a referendum was successfully called against the e-ID Act. It was clearly rejected in March 2021. Following the rejection, the federal council instructed the Federal Department of Justice and Police (FDJP) to swiftly work out a solution in cooperation with the Federal Chancellery (FC) and the Federal Department of Finance (FDF). On this basis, the FDJP conducted a public consultation from September 2 to October 14, 2021. digitalswitzerland was invited to provide its perspective. The primary purpose of the public consultation was to determine the scope of future e-ID use (“levels of ambition”) and accordingly the scope of the ecosystem. Three levels of ambition were presented in the process. In a second step, three technological implementation options were presented as a basis for discussion in the public consultation: Self-sovereign identity, public key infrastructure, and central governmental identity provider. A detailed presentation of the ambition levels and the associated technological implementation options can be found in the “Discussion paper on the target vision for an e-ID”.
In September 2019, the Swiss parliament passed the Federal Act on Electronic Identification Services (e-On behalf of its members, digitalswitzerland submitted a written statement on October 13th to advocate for ambition level 3 (ecosystem of digital credentials), at the same time emphasising the importance of data protection and sovereignty, well-aligned governance principles, and international connectivity. The full written statement can be found here.
1.2. Directional Decision
60 written comments were received from 21 organisations, 16 cantons, 16 companies, 4 political parties, and 3 higher education institutions. According to the aggregated analysis by the FDJP in November 2021, ambition level 3 is named as the final target by almost all participants who explicitly commented on the ambition level. A majority of the participants also see the Self-sovereign identity (SSI) technology approach as the best possible option to implement the required value propositions and functions. On this basis, the federal council communicated the principles for the design of a future state e-ID in a press release on December 17, 2021. They are:
The users of the e-ID should have the greatest possible control over their data (self-sovereign identity). Data protection should be ensured, among other things, by the system itself (privacy by design), but also by minimising the necessary data flows (principle of data minimisation) and decentralised data storage. The e-ID should be based on a state-operated infrastructure. It could be available to government and private entities for issuing various digital credentials (e-ID ecosystem).
With this guidance, the federal council is meeting the demands of various parliamentary initiatives. The directional decision points out that the e-ID, based on a state-operated infrastructure, is the most important verifiable credential (VC), but still one VC among many within the e-ID ecosystem (see Chapter 2). The consultation procedure for the new law (germ. Vernehmlassung) will begin in mid-2022; the federal council will then prepare and adopt a dispatch by autumn 2023 (germ. Verabschiedung der Botschaft). In order to account for the rapidly-evolving nature of technology, the law will be formulated in a technology-neutral way. As part of the preparation of the dispatch, the FDJP and the federal council are still examining various points such as the issuing procedure and the scope of operation of the e-ID infrastructure by the state.
In the federal council’s directional decision two central points were further specified: First, the e-ID ecosystem should be built in stages (germ: ‘schrittweise’). Second, the federal government outlined its intention to launch three pilot projects.
Three Federal Government Pilot Projects
Pilot Project ‘Digital Driver’s Licence’, led by the Federal Roads Office (FEDRO) and the Association of Swiss Road Traffic Offices (asa) with a focus on connecting specialist applications, credential content and testing.Pilot Project ‘Proof of Concept ePerso (germ. ‘Bundespersonalausweis’), led by the Federal Personnel Office with a focus on security aspects and logins.Pilot Project ‘Base Infrastructure’ (germ. ‘Basis-Infrastruktur’), led by the Federal Office of Information Technology, Systems and Telecommunication (FOITT) with a focus on the shared infrastructure and aspects revolving around wallet, registry and communication.
In parallel, the federal government’s e-ID project team has established a ‘Governance sounding board’ as well as an ‘Open source community’ for external stakeholder participation. Both take the form of community-facilitated GitHub forums open to the public.
1.3. Efforts in Switzerland
The Swiss market for an ecosystem of digital credentials is gradually maturing with several promising initiatives and use cases. Such efforts provide a unique opportunity to learn in a real-world working context that is driven by the private sector and has the potential to inspire other projects. While there exists a multitude of such use cases and initiatives, we highlight here three of the most mature efforts in the Swiss market.
Strategic partnership between Orell Füssli and Swisscom On January 4, 2022, Orell Füssli and Swisscom announced a strategic partnership, to offer trusted, forgery-proof, and smart digital certificates to citizens, businesses, and public authorities. These will be retrievable in real-time via smartphone, according to the press release. These digital certificates can beverifiably integrated into business processes to enable new and more efficient user interactions. These include age verification when purchasing age-restricted products or at entry checks, digitally verifiable applications, and the combination with legally valid digital signatures as a digital expression of will. The solutions developed, which are to be made available within the next 12 months, are based on the principles of privacy by design, data economy, and decentralised data storage.
SSI-initiative, a joint project of the canton of Aargau, Adnovum, cardossier and SwissSign On January 12, 2022, an initiative was announced that aims at building an exemplary self-sovereign identity (SSI) ecosystem. The intent is to lay the groundwork for exploring aspects of technology, user experience, added value, and compliance. To highlight the issuance and use of digital credentials in the form of SSI verifiable credentials (VC), the exemplary SSI ecosystem consists of three use cases. First, the issuance of a basic identity on the grounds of a SwissID. Second, building on this, a certificate of residence (germ. ‘Wohnsitzbescheinigung)’ is issued on the eGov portal of the canton of Aargau. Third, the registration of a vehicle on the cardossier platform, which stores all relevant information about a vehicle’s history, with the policyholder’s identity and certificate of residence serving as verifiable credentials. The initiative has already led to numerous insights and is open to interested players looking to enrich the ecosystem with use cases.
A decentral identity for eGov services offered by Zug, ti&m, HSLU, and uPORT In the summer of 2017, the City of Zug launched a pilot programme to register resident IDs on the public Ethereum blockchain. This was one of the world’s first live implementations of a government-issued self-sovereign identity project on the Ethereum blockchain. The Institute for Financial Services Zug of the Lucerne University of Applied Sciences and Arts, the companies Consensys-uPort and ti&m, as well as the IT department of the city of Zug were involved in the development and implementation. The pilot program has enabled Zug citizens to manage their personal identity data which is stored neither centrally nor on the Internet but encrypted on their own cell phones. Without the user’s consent, the data on the cell phone remains locked. In 2018, Zug citizens were able to participate in the first blockchain-based ballot. Since 2020, the IT department of the city of Zug has been developing the eZug app to enable residents to use municipal government services via a digital channel, such as the issuance of a certificate of origin (germ. ‘Heimatausweis’).
The three aforementioned projects represent the first concrete steps towards building an ecosystem of digital credentials. While this is only a small sample of the overall activities in this area, these initiatives and use cases clarify several aspects:
These use cases follow an ecosystem approach with public and private sector organisations that need to work together to deliver value to the user.
The broad range of applications speaks to the versatility of the SSI framework and the importance of the sectoral ecosystem (see Chapter 2).
The value proposition delivered by the SSI framework can be interpreted differently depending on the respective end-user (e.g. increasing privacy or reducing the administrative burden).
There is a wide variation in technical design (e.g. blockchain or no blockchain).
In general, it should be noted that many of the SSI initiatives in Switzerland are still in an experimental phase and consequently have only a limited number of active users. In order to scale up such initiatives to nationwide solutions, it is imperative to avoid fragmentation of the SSI landscape and to find common ground.
Several organisations are taking a leading role alongside digitalswitzerland in the search for such common ground. These include the Digital Identity and Data Sovereignty Association (DIDAS), a non-profit organisation based in the Canton of Zug. The primary goal of DIDAS is to establish and promote Switzerland as a leading ecosystem in the development and introduction of technologies, services and products for the protection of privacy that preserve and use digital identity and electronically verifiable data. In addition, many IT service providers have demonstrated their expertise and commitment to the expansion of the Swiss ecosystem. Among them are Adnovum, Cisco, Swisscom, Switch, ti&m, and others.
1.4. International Development
The need for trust in digital interactions does not stop at national borders. Many other international developments are impacting the Swiss landscape for an ecosystem of digital credentials. In addition to the international legal context (see Chapter 6), several notable international developments exist:
The World Wide Web Consortium
The current regulatory uncertainty has resulted in the formation of several industry-led consortia that are working together to establish standards and/or guidelines to support the development of SSI initiatives at an international level. Among the most influential of these efforts is the World Wide Web Consortium (W3C). The W3C is an international community with over 450 members working together to develop Web standards. Through its verifiable credentials working group, it has produced a number of foundational documents, including the widely accepted Verifiable Credentials Data Model V1.1.
The Hyperledger Foundation
In parallel, the Hyperledger Foundation, which is part of the larger Linux Foundation, hosts a number of enterprise-grade blockchain software projects, conceived and built by the developer community. Here two collaborative projects are of particular note. Hyperledger Aries provides a shared, reusable and interoperable toolkit for initiatives and solutions focused on creating, transmitting, and storing VCs, while Hyperledger Indy provides tools, libraries, and reusable components for digital identities rooted in blockchains that are highly interoperable.
The Trust Over IP Foundation
Another international effort impacting the SSI landscape is the Trust over IP (ToIP) Foundation, which was launched in May 2020 and already counts over 300 member organisations at the time of writing. Its stated goal is to create and converge an interoperable architecture for decentralised digital trust at the intersection of digital identity, verifiable credentials, and blockchain technology. To achieve this, ToIP has launched several collaborative working groups. To date, they have produced various foundational documents, design principles, and specifications for the digital trust landscape that are widely supported by the expert community.
Building on these collaborative standards, the IDunion, an ecosystem of public and private parties, has begun developing and operating a basic infrastructure to enable the issuance and verification of digital credentials. The vision is to build and operate a decentralised network to link and secure the identities of individuals, legal entities, and things, in compliance with the relevant legal requirements in Europe (e.g. the General Data Protection Regulation (GDPR) or the Regulation on electronic identification and trust services (eIDAS Regulation)). The IDunion concept for decentralised and self-sovereign identities complies with the global standards of the W3C and the ToIP Foundation.
ISO Technical Committees
Several specific working groups of the International organisation for standardisation (ISO) are also noteworthy, including the technical committees ‘Security, privacy and identity for Blockchain and distributed ledger technologies (DLT)’ (TC307/JWG4), ‘Overview of existing DLT systems for identity management’ (TR23249), and ‘Overview of trust anchors for DLT-based identity management’ (TR23644).
All these international consortia, ecosystems, and standards have practical consequences for Switzerland. If we wish to preserve the option of international interoperability and connectivity to emerging ecosystems (e.g. IDunion), we should be mindful of these standards and consider joining these efforts.
Private Sector Initiatives
At an international level there are other important developments that revolve around the initiatives launched by technology and electronics companies. Other than physical wallets, SSI initiatives focus on digital wallets within mobile phones. Corresponding initiatives have been launched by several companies. This is particularly evident in countries with more tech-friendly legal frameworks, such as the US.
Apple, for instance, has announced that some of its users can now add driver’s licences and ID cards to their Apple wallets. The U.S. states of Arizona, Connecticut, Georgia, Iowa, Kentucky, Maryland, Oklahoma, and Utah are among the first to participate in pilots. In addition, selected U.S. airports will be the first to allow users to get through security using the digital ID stored in their wallet app. Google also is widely believed to be pushing its own initiatives to link driver’s licences and passports to Google Pay, but no official statements have yet been released at the time of writing. The tech-friendly regulatory framework and their financial muscle give these companies the ability to quickly develop and launch services. In some cases, they may move faster than legislative developments.
Meanwhile, Microsoft maintains that if the EDC is to grow, the standards, technical components, and code must be open-source and accessible to all. Microsoft, therefore, focuses on working with members of the Decentralised identity foundation (DIF), the W3C Credentials Community Group, and the wider identity community.
In Germany, Samsung has partnered with the Federal Ministry of the Interior, of Construction and Home Affairs, the Federal Office for Information Security, Bundesdruckerei, Deutsche Telekom Security, Governikus as part of the OPTIMOS 2.0 project. It makes it possible to securely store the identification data stored in the chips of identity documents, such as the ID card, on compatible smartphones. While the first compatible mobile phone is from Samsung, the underlying open ecosystem is connectable for different identity service providers.
There are, quite obviously, still more initiatives at an international level, but a complete overview is beyond the scope of this discussion input. The important point here is that the initiatives of technology and electronics companies must be taken into account, as they have a considerable influence on the development of the SSI landscape in Switzerland.
Chapter 2: Vision of a Swiss Ecosystem of Digital Credentials
The diagram shows the key players in the ecosystem of digital credentials. By way of example, an issuer (e.g. a university) might issue a credential (e.g. a degree) to a holder (e.g. the successful graduate), who can then present this credential to a verifier (e.g. a prospective employer). The latter then verifies that the degree comes from a properly accredited university via the trust registry, which is a list of accredited issuers of credentials. Only the holder is in possession of the degree certificate and can present it to any number of potential employers without the university’s knowledge or involvement in the process, as is the case with today’s physical credentials. The authenticity and validity of the presented credentials can be verified via the cryptographic fingerprint of the credentials stored (without any reference to the content of the VC) in the verifiable data registry. Many types of credentials can be issued and submitted this way. In the following subsections, we elaborate on and discuss these various components.
2.2 Verifiable Credential
A credential is an assertion or proof of something about someone. In our example above, the degree certificate is proof that a certain level of education has been achieved at a particular university. Credentials are issued by an issuing authority (see 2.4) which may be a public or private body. The issuer is, in turn, certified as such by either an appropriate government agency or a sector-specific authority. This certification confirms that the issuer has the right to issue certain credentials, so that trust is firmly rooted.
A verifiable credential (VC) is a digital representation of what may currently be a paper-based credential (ID card, driver’s licence, health pass, diploma, membership card, etc.). It can be verified by cryptographic means as having been issued by a specific issuer without the issuer being involved. The e-ID is a VC issued by the government. It is one of many VCs, but arguably the most important. When issued, a VC may be tied to the e-ID, which is called the subject of the VC.
It is possible for a credential to expire at a predetermined time, to be deleted by the holder, or be revoked by the issuer. For example, our student’s degree might be revoked by the university if he or she is found guilty of plagiarism. It will be part of the verification procedure conducted by the verifier, to determine whether or not an otherwise valid credential has been revoked.
The e-ID ecosystem, made up of many VCs, is fundamentally inclusive and open. There will be points of connection between existing solutions and the new e-ID ecosystem. It is important to draw a clear distinction between current private ID solutions (e.g. SwissID) and the e-ID (i.e. the digital representation of the ID card). Pre-existing private IDs can be issued and used as VCs in the new ecosystem. However, none of them could become the e-ID. The issuance and control of the e-ID as a VC lies solely with the government.
2.3. Holder with Wallet
The holders are the sole owners of all credentials issued to them. Just as they used to keep paper or card-based credentials in physical wallets or files, they now store their digital credentials in a wallet.
The wallet is an application that runs on a computing device, such as a cell phone (for technical details, see Chapter 4). It performs transactions solely on the holders’ behalf, provided that they have given consent.
In case a verifier requests proof of a specific credential claim and the holder gives consent, the digital wallet sends this proof with the required information only. This gives the holder full control over whom they share the credential proof with. Issuers never know when or where any of the credentials they have issued are being presented. For example, in a transaction that requires proof of age, such as the purchase of a bottle of wine, the user might decide to only provide proof that they are “over 18”, while refraining from sharing other information, such as their exact age.
Wallets that ‘store’ all the VCs may be offered to holders by the government or by private organisations as stand-alone applications or as part of a broader service package. We suggest that the government set standards and rules for security, privacy and data protection so that holders can have trust in their agents. Usability issues are addressed in Chapter 9.
The issuer creates verifiable credentials at the request of an individual, confirming certain attributes of that person. These credentials are forwarded to the person, henceforth called the holder, who has then full control over them. The issuer has no way of tracking the use of these credentials. The issuer can be a public or private person or organisation certified to issue credentials for a specified type of attribute. An example would be a university certified to issue bachelor’s degrees, master’s degrees, PhDs, cas, das, and emba degrees. This creates a chain of trust that should be rooted in government and involves the issuers of analogous degrees, namely universities. In the above example, universities of all types are the natural institutions to issue digital credentials for academic degrees.
Anyone and anything can act as a verifier of credentials if – and only if – the holder is willing to submit them. An example of a verifier might be a prospective employer requesting proof of academic qualifications. The verifier communicates with the holder via the wallet, first to obtain permission to establish a secure connection, and then to ask for the required credentials or specific claims contained in a credential. The credential contains all the necessary information to allow the verifier to ascertain the accuracy and validity of the credential. As mentioned above, there is no communication between the verifier and the issuer at any time.
2.6. Registry / Trust Infrastructure
Trust is a central issue when it comes to representing and verifying identities. In the trust triangle (issuer-holder-verifier) the verifier can check the authenticity and validity of a verifiable credential presented to him. The verifier is able to trust the issuing party (the issuer), as evidenced by the trust registry. This trust infrastructure is based on secure, resilient, and privacy-preserving decentralised registries which use cryptographic technologies. Trust is ensured without the need for direct communication between verifier and issuer.
2.6.1 Verifiable Data Registry
It is very important that the verifiable data registry does not store identity data, but only cryptographic information (DID, public keys, revocation information, no credential content) and therefore supports principles of privacy by design. This cryptographic information is provided by the issuers. The registry must support not only credential issuance and verification, but also revocation. A distributed implementation guarantees high availability and resilience to attacks on or failures of single nodes.
2.6.2 Trust Registry
The trust registry stores information about the participating parties (mainly issuers) so that anyone can verify that an issuer is authorised to issue and revoke credentials of a particular type. It reflects human trust at the appropriate level in the system.
2.6.3 Governance of Trust Infrastructure
Governance of this trust infrastructure, consisting of both registries, is critical. We suggest that the government, in collaboration with the private sector, academia, and civil society, develop a formal “requirement profile” (germ. “Anforderungsprofil”). In this, we see the value of a national, publicly accredited network where the supervisory authority is appointed by the government. This government supervision is an expression of the trust and values Switzerland stands for. In accordance with the principles of decentralisation, the network should be spread across several Swiss organisations (government, NGOs, universities, larger companies, etc.) to ensure a high degree of distribution. One option for implementation would be through distributed ledger technology (DLT) to take advantage of features such as immutability, transparency and distribution. The government should ensure adequate distribution and be guided by the principles of performance, security and efficiency. Nevertheless, a permissioned character with government supervision should be guaranteed. This means that only approved stakeholders listed in the trust registry can write to the verifiable data registry. Furthermore, even though the network is Swiss, international interoperability must be guaranteed at all times. This is achieved by basing it on international standards, such as the SSI standards.
2.7. (Sub-)Ecosystems / Sectors within the e-ID-Ecosystem
We are used to keeping all kinds of credentials in our physical wallets and files, from ID and membership cards to health-related documents, licences, diplomas and much more. In an e-ID ecosystem, all of these credentials are typically managed within a specific sector, also known as a sector-EDC. In the conceptual model published by the Trust over IP foundation (ToIP) the term ‘ecosystem’ is normally used to refer to a specific sector (e.g. health ecosystem).
Clear rules for issuing and validating credentials in each sector have been established for the analogue world. All these rules only need to be adapted to the new possibility of issuing the credentials in a verifiable digital form. The same authorities that set the rules in their respective sectors must do so for the definition and issuance of verifiable credentials. They also need to ensure international interoperability within their sector.
One of these sectors is the area of e-government, where official credentials such as an e-ID and all kinds of licences are issued. Here, too, the relevant regulations and authorities are already well defined for physical credentials such as ID cards or a driver’s licence. They will need to be adapted for use within an ecosystem of digital credentials (aka e-ID ecosystem).
Another task of the federal government will be to define standards, rules and organisation of the basic infrastructure, such as the verifiable data registry and the technical standards for the various applications for issuing, holding and verifying digital credentials (see Chapter 4).
The federal government has already launched pilot projects in these areas, including the federal ID card and the base infrastructure (see Chapter 1).
In order to maximise the adoption, reach and efficiency of an e-ID ecosystem, all sectors must be able to use the same trust network for issuing and verifying their sector-specific credential types as early as possible. Most credentials will be used across multiple sectors as illustrated by the following examples:
Government agencies act as both issuers and verifiers of VCs: All official documents and certificates issued by municipal and cantonal authorities to private individuals can be issued in digital form. This means that driver’s licences, extracts from various registries (commercial registry, land registry, criminal records registry, debt enforcement registry, etc.) and certificates based on registries such as the civil status registry can be issued as digital credentials by the same agencies issuing corresponding analogue certificates today. The digital counterpart of the passport and the identity card is the e-ID, the electronic identity.
In addition to its role as an issuer, the government also acts as a verifier of documents in its interaction with citizens and businesses. They have the option, but not the obligation, to submit digital credentials that are issued either by government agencies or by other institutions. In the case of a tax declaration, all types of documents that citizens are required to submit could be issued as digital credentials by employers, banks, mobility service providers, insurance companies, etc. Digital credentials can be used to prove income as well as deductible expenses. The same is true for most mandatory government services, whether activities that are mandatory for citizens – such as the registration of a change of residence – or activities requested by citizens, such as changing entries in the land register.
In the health sector, the information contained in the analogue health insurance card can be covered by a health insurance credential issued by health insurance companies, which can also issue cost commitment statements. These credentials are then verified by health service providers to clarify in a trusted way who will cover the costs incurred.
In addition, all types of documents certifying health information, such as vaccination or recovery certificates, can be issued as verifiable credentials. In this regard, government-approved health care providers issue the certificates to individuals and stakeholders wishing to ascertain a person’s health status and act as verifiers. These certificates may be used in immigration portals, registration portals (e.g. for hospital admission), or in booking portals (e.g. when a Covid-certificate is required to attend a theatre performance) to reduce the burden of control for both parties. Since it is a chain of trust that needs to be verified, rather than individual credentials, it is easy to revoke credentials if an issuer creates fake certificates, e.g. for vaccinations. This is especially important when the issuer is unwilling to revoke forged health certificates. In such a case, the authority of the issuer to issue certain certificates is revoked.
There is a wide range of applications in education. Membership cards (e.g. student ID cards or the Edulog ID card in schools, library cards, etc.), certificates of attendance, and all kinds of diplomas can be issued as verifiable credentials. The issuers, in this case, are schools, universities and other educational institutions. These organisations may also act as verifiers – e.g. for enrolment in a school or university, or to ensure access to library services – but in addition, many other organisations may also act as verifiers. Employers may review diploma transcripts submitted as part of a digital resume. Service providers that offer discounted fees to students can verify student ID credentials. School publishers can guarantee access to textbooks and interactive materials based on an Edulog credential, etc. In all these cases, the holders of the VCs cannot be traced by anyone through the system.
Chapter 3: Concrete User Value
3.1 Status Quo
Physical credentials are ubiquitous in our lives, but they are neither efficient nor trustworthy. Let’s take the example of a university diploma as a VC to illustrate the current challenges. When a former student sends their diploma to a prospective employer, there are at least four instances of uncertainty for the latter:
Is the person who shows me these credentials really the person it belongs to?
Was the credential really issued by a trusted entity?
Has the credential really not been changed before the verifier sees it?
Is the credential really still valid or has it been withdrawn?
In today’s digital economy, this lack of trust is often put up with as there simply seems to be no other option or because reducing these uncertainties would be time-consuming and expensive. In the proposed e-ID ecosystem, the issuer (accredited university), the holder (student), and the verifier (employer) would collaborate in a harmonised manner to exchange VCs. These VCs would be re-usable, instantly verifiable, secure, tamper-proof, and fully controlled by the user (i.e. student or holder).
When it comes to the actual e-ID or digital verification of ‘you are who you are’, we have to rely on intermediaries. The simplest example of this is arguably the credit card. By means of a bank account, a person can obtain a credit card that can be reused to some extent in the digital world to prove their identity and establish enough trust to open a customer account or purchase goods. Interestingly, a significant portion of the Internet and its transactions are based on the trust that banks are reliable and issue credit cards to people who exist physically. There are, of course, many other intermediaries and corresponding private sector solutions. These are beyond the scope of this discussion input.
The current status quo raises the question: What are the benefits that an ecosystem of digital credentials can offer to the general public, i.e. users and citizens, to the state and its various organs, as well as to the economy and its stakeholders? In the following, we address the potential benefits for each stakeholder group before outlining the shared benefits in the context of the ecosystem.
3.2. The Identity Holder (aka User or Citizen)
An e-ID ecosystem that follows SSI principles puts the identity holder at the centre and empowers them to fully own their digital identity without relying on third parties. From the perspective of the citizen and the digital consumer, this is also the biggest benefit and change from the current situation. A digital identity is no longer based on a proprietary third party, e.g. a company, and associated credentials, but can be fully owned and managed by the holder. Take the example of social media. Today, an identity on social media is owned by the social media company, and a user gains access to it based on temporary credentials and in accordance with the company’s terms and conditions. The users may not be aware of it, but the credentials they need to log in, the identity they use to move around social media, and all of their interactions belong to the social media company – if the latter decides, for whatever reason, to delete the user, the digital identity ceases to exist, regardless of the person behind the social media account (e.g. Twitter suspending Donald Trump’s account).
In addition to giving the citizens power and autonomy over their digital identities, there is another important consequence – the creation of true digital identities. Instead of using identities created by third parties, we can provide identity verification during the onboarding process. This allows us to immediately identify a specific person in the digital world, without having to make educated guesses about the ‘real person’ behind some digital interaction or statement. In doing so, we also achieve a new level of trust in the digital space and information and interactions taking place there, knowing what can be attributed to a real person and what may be fake or based solely on unverifiable claims.
There are three types of potential benefits to this:
We can assume that the various onboarding processes in digital ecosystems, as well as the digital interactions taking place, do so at lower processing costs, are more convenient, and are faster. Instead of filling out forms, waiting for an SMS or the required PIN number to arrive by post, we can prove who we are, and already complete the onboarding or agree to a contract based on this verification.
With trusted credential verification in the digital world, the value of the digital ecosystems immediately increases for all participants, as trust in the information, interactions, and services provided is significantly higher.
There will likely be a significant number of new and innovative use cases and experiences that were not seen or possible before.
3.3. Government and State
For the state and its institutions, an ecosystem of digital credentials is the answer to some of the challenges that come with the current wave of digitalization. Citizens expect to have the same user experience as they do in their private digital world. However, government and other public services inherently require a higher level of trust and thus rely heavily on existing authentication and authorization processes in the real world. This dependency hinders the digitalization and digital transformation of public services and leads to the well-known cumbersome physical interactions with government agencies. It also makes these processes less efficient in parts, i.e. more time-consuming and costly.
Breaking this dependency by creating verifiable credentials will significantly boost digital services in the public sector and in e-government, reduce transaction costs, and increase the reliability of transactions by reducing error-prone manual interactions. The cantons of Zug and Aargau are already participating in pilot projects in this regard (see Chapter 1).
An innovative ecosystem of new digital services will not emerge here immediately. But the complete digitalisation and real-time availability of existing public services for citizens, public space users, and businesses will already have a significant impact and strengthen Switzerland’s position in the global economy. In addition to efficiency and economic benefits, an ecosystem of digital credentials would also favour the grassroots democracy and militia-oriented political system. Digital political election and voting processes based on an EDC could create significantly different dynamics at all levels of state, government, and society. There is the potential for such an ecosystem to embrace the digital space for political participation, discussions, opinion-forming, polling, and decision making, and to give Switzerland a further push towards a digital future.
3.4. Economy and Business Sector Ecosystems
In addition to natural persons (aka citizens, consumers, or users) and the government sector, there are numerous participants and companies of various sectoral business ecosystems that could benefit from an EDC. Not all business sectors will profit equally. As discussed in Chapter 9, use cases would start in sectors where the short- to mid-term economic benefits are obvious, resulting in a small but dedicated sectoral ecosystem of issuers, holders, and verifiers. Or, in instances where a broad stakeholder commitment can be achieved, through regulatory means or existing offerings (even if the benefits are only mid- to long-term). Two examples are given below:
The education sector could benefit by issuing digital diplomas. There is an even greater benefit if a profession is tied to regular, scheduled training and certification processes. For instance, medical doctors must attend various continuing education courses and conferences and earn a certain number of credits to maintain their licence to practice. Other professions are similarly governed, either under specific regulatory requirements or in public or military services, where a certain level of clearance or ongoing training is mandated. This could be easily established with an EDC of holders, issuers, and verifiers.
The retail sector could benefit from transparent and verified supply chains for their products. The entire digital process of buying and selling certainly benefits from the e-ID of organisations, also called Legal Entity Identifier (LEI). In theory, this could be used to better understand the various participants in the retail supply chain.
3.5. Joint Advantages, Scaling and Multiplication in Ecosystems
As already stated, there are three overarching drivers that will create value for all stakeholders. Reduced transaction costs in identification, authentication and verification will increase efficiency and lower prices. Introducing real-world proofs in the digital space in the form of VCs will have an immediate positive impact on all digital environments and processes, as actual trust in the digital space is very limited. Lower costs and higher value will naturally increase transactions, usage, and thus the opportunity for further innovation significantly. The benefits for all stakeholders may be even greater if we look at potential combined use cases spanning all stakeholders. Indeed, these sectoral ecosystems, which are mutually reinforcing, enable a systemic shift toward a trust ecosystem.
Another dimension is the scope of the Swiss trust ecosystem. Technically, it is possible to give all entities – citizens, organisations, and even things – e-IDs and corresponding VCs. This would enable radically new use cases across sectoral boundaries. For example, the agriculture authority (one entity) could issue sustainability and organic processing certificates to farmers (another entity) who sell yogurt (another entity) to food companies (another entity). In this case, the farmer must be trusted to have produced a certain type of yogurt that meets the requirements of the organic label. Under an ecosystem of digital credentials, consumers could check the veracity of this claim and also determine whether the retailer is meeting their sustainability goals. In addition, agricultural authorities could verify the eligibility of farmers and retailers to receive certain subsidies.
Chapter 4: Technical Perspective
This section highlights the technical aspects to be considered when implementing an ecosystem of digital credentials (EDC). We recommend implementing the EDC according to SSI principles with the appropriate technology.
4.1. SSI Components and Architectural Layers
As described in Chapter 2, SSI ecosystems consist of three roles (holder, verifiers, issuer) which communicate with each other and verify data by means of a decentralised registry. The following diagram shows the four layers, with the bottom two layers primarily focused on achieving technical trust and the top two layers focused on achieving human trust:
4.2. How to Create Trust?
SSI is an emerging technology. In order to use it in a trustworthy and secure manner within the EDC, we propose the following actions to be part of the governance framework:
We establish trust in the technologies and standards used: In general, the technology must have a high level of maturity. Therefore, we need robust open standards and solid reference implementations. We also need to have confidence that the implementations are of high quality. Depending on the criticality of the use cases and regulatory requirements, there must be stringent security and quality requirements for critical architectural components of an SSI solution, enforced through certification, e.g. for wallets and agents to protect user credentials throughout the credential lifecycle. For simple use cases that require less security, a lower trust level, and less stringent requirements can be applied. The Swiss government will have to define and manage the standards as well as the certification processes to be applied to the EDC (e.g. in the form of eCH standards that complement the W3C/DIF standards and define requirements for issuers, holders, and verifiers). For specific SSI architectural components we recommend that the Swiss government publish reference implementations.
We establish trust in EDC participants: Depending on the criticality of use cases and regulatory requirements, we need to have a high level of trust in EDC participants. As part of an issuance or verification process, the holder must be able to verify the identity and rights of the counterparty (issuer or verifier). This is possible through the implementation of so-called trust anchors managed in sector-specific trust registries (e.g. swissuniversities for the universities, the Federal Office of Transport for all licensed public transport companies, or the Federal Roads Office for all cantonal road authorities). The Swiss government will need to define a solution and all processes related to the creation and management of such trust anchors. Furthermore, standards are needed for the verification of trust anchors, e.g. audit and oversight.
4.3. How to Ensure Interoperability?
Interoperability is one of the 10 guiding principles of the SSI, which states that credentials should be usable to the greatest extent possible. In the case of the EDC, interoperability at the three levels of ambition, between sector ecosystems, and from an international perspective is a critical success factor. It needs to be ensured through the use of common standards by all participants.
SSI standardisation is ongoing and several international ecosystems are evolving (e.g. IDUnion). The maturity of standards and implementations varies widely, but we expect convergence towards a set of mature standards from W3C, DIF, etc., spanning all four architectural layers of SSI. Today’s major SSI platforms, stacks, and ecosystems will continue to adapt.
We recommend the Swiss government to provide direction on the selected set of SSI standards for EDC application. These standards should be aligned with the international implementation (especially the EU and the EUDI wallet initiative) and standards with priority on open source. From today’s perspective, we deem it sensible for the initial implementation to be oriented towards the Trust over IP (ToIP) stack, similar to what has been done in case of IDunion and what is planned in the context of ESSIF.
Another aspect of interoperability is the interaction with existing identity and access management (IAM) solutions. SSI and current IAM implementations are complementary and can benefit from each other. For example, a VC can be used as an additional means of authentication. SSI can also leverage existing IAM infrastructure and processes. Thus, trust levels of existing digital credentials can be transferred to new verifiable credentials (e.g. using an existing x.509 certificate to issue a VC without a new onboarding process). In addition, VCs can be used for SSI-based access control (SSIBAC) in access management solutions, an important step towards a better security posture (e.g. granting access to a user based on their business role as defined in a VC). This interoperability with existing IAM solutions can be enabled by so-called bridge solutions (e.g. OIDC bridge) permitting to leverage existing identification standards such as OpenID Connect.
4.4. How to Implement?
There is no better way to understand a new technology, assess its potential added value and limitations, and foster innovation than a real-life implementation based on representative use cases. In the case of EDC, we recommend an agile implementation of a sandbox across the four layers with proofs of concept (PoCs) and pilots to validate the standards and establish a reference implementation. With this approach, also proposed by the Digital Identity and Data Sovereignty Association (DIDAS), we could lay the foundation for the productive use of the technology and governance framework and generate value. Ideally, the selected use cases should be cascaded across sectoral ecosystems (e.g. using university diplomas within an application process). In addition, these implementations could be accompanied by a crowd security initiative such as a bug bounty program.
Chapter 5: Governance Perspective
The main role of the EDC governance is to guarantee an appropriate level of trust in all transactions it facilitates or supports. A substantial challenge arises with ambition level 3 as it increases the number and diversity of actors with respect to levels 1 or 2. While an initial approach with ambition level 1 or 2 would be somewhat easier to implement and govern, we propose starting directly with ambition level 3 for the following reasons:
To maximise the benefits of a government-issued and guaranteed e-ID, it must be able to support as many everyday use cases as possible with high user-friendliness. Only ambition level 3 removes the barriers between public and private sector use cases.
The lack of support for private sector use cases in the e-ID ecosystem would motivate the creation of separate structures to accommodate such use cases. This has a number of drawbacks:
It would fail to produce the intended learning outcomes needed or a future integration into a single e-ID ecosystem.
The cost and effort to set up the ambition level 1 or 2 infrastructure would have to be borne entirely by the public sector.
Since pure public sector use cases are rare for most residents, large-scale demand for the e-ID will be difficult to achieve and support will become comparatively expensive (see also Chapter 6).
The industry will be pushed to build parallel infrastructures outside the regulatory framework of the e-ID ecosystem and possibly use an incompatible technology base. This would make later integration even more difficult.
SSI is able to combine credentials from different sources, which is a key feature for supporting the large number of contributors expected in an ambition level 3 ecosystem. It is the responsibility of the governance framework to ensure a sufficient level of trust in the information provided in this way. How can this seemingly daunting task be accomplished?
5.1. Human Trust
We see value in establishing new governance structures specifically tailored to the EDC only where strictly necessary, and would otherwise advise relying on existing structures in the analogue world and linking them to the EDC. We would therefore enable existing actors and structures to carry their current analogue-world role into the new SSI world of the EDC. In this way, we could achieve an alignment of the governance of existing ecosystems with the EDC’s governance:
It is sensible that existing authoritative sources of a given type of information would act as issuers of VCs within the e-ID ecosystem. This is best illustrated by an example: The Rectors’ Conference of Swiss Universities (swissuniversities) maintains a list of recognised or accredited higher education institutions in Switzerland which constitutes an important source of information for validating university diplomas. swissuniversities could make the accreditation status of universities available as a verifiable credential to the verifiers who check the validity of issued diplomas. Similarly, the commercial register could become an issuer of VCs on the basis of the information contained in its register.
An important trust anchor in the analogue world for identifying individuals is the government-issued personal ID card. The e-ID will play the same role in identifying people in the digital world. To leverage the existing human trust in the ID card, we propose that the e-ID be aligned as closely as possible to the lifecycle processes of the ID card and issued by the same body.
5.2. Verifiable Data Registry
The registry is a publicly readable repository of the cryptographic evidence necessary to validate verifiable credentials. It acts as a trusted source of information for all stakeholders in the e-ID ecosystem. In particular, it assists verifiers in validating proof, e.g. assessing whether required certifications or accreditations are available and have been issued by authorised parties. It is worth noting that the registry does not store verifiable credentials and thus does not contain any personal information.
Given international comparisons, the following principles seem sensible around the verifiable data registry.
A governance structure where the federal government has overall responsibility but can delegate as much as possible to appropriate bodies.
A permissioned, public ledger based on blockchain technology under the direction of the federal government as the foundation of the Swiss e-ID ecosystem.
An emphasis on its decentralised nature and increased trust and resilience via the sharing of selected operational tasks of the registry with private parties where appropriate (see also Chapter 4).
A governance framework that follows international best practices use cases for public sector and private sector.
5.3. Trust Registries / Sector Regulations
The sectors that are to participate in the e-ID ecosystem can be considered as sector-EDC, able to define their own standards and procedures in many areas. These sectors could successfully operate their own human trust anchors by promoting labels and brands, and they could also operate a sector-EDC on their own – unless the EDC is attractive enough to be used for sector purposes as well. The more sectors that participate in the EDC, the more they can all profit from cross-sector use cases, such as reusing VCs from other sectors and offering their own to others.
The following principles and recommendations seem sensible to make the EDC attractive to other sectors and thus transform our EDC into a true ambition level 3 EDC that benefits from the advantages outlined at the beginning of Chapter 5:
The government acts as the governing body for the EDC as a whole, providing appropriate technical trust anchors (e.g. in the verifiable trust registry) and human trust anchors (e.g. regulations and processes). The EDC framework should allow for the inclusion of sectoral trust anchors (e.g. through accreditation or auditing) with reasonably lightweight procedures.
All sectors are affected in many ways by the regulatory frameworks of public authorities. These frameworks should be reviewed to best support (or at least not hinder) EDC adoption.
The government might consider creating human trust anchors for trusted verifiers by providing accreditation processes and promoting trust labels. Wallets might use this information to help holders decide which attribute to present to a verifier before submitting potentially sensitive information.
5.4. e-ID (eGov sector) and Wallet
While the e-ID is technically only one verifiable credential among many, we expect it to act as the trusted identity basis and thus become the credential most commonly used in cross-sector use cases.
We anticipate that the e-ID requirements will have a significant impact on other components of the EDC and will define the boundaries for the e-ID ecosystem in general.
Alignment with e-ID approaches in other nations and regions, in particular the EU, should be pursued to facilitate support for future cross-border use cases.
In case the government creates its own wallet, we hope that there will not be any regulation to hinder the development of a complementary “market of wallets”. For this, the government would have to formulate clear criteria for wallets.
Chapter 6: Legal Perspective
6.1. Legal Classification
Secure identities form the basis for legal proof and are thus an indispensable prerequisite for business and societal relationships. In the physical world, the government issues conventional means of identification for this purpose, namely, in the case of Switzerland, the Swiss passport, the identity card, or the alien identity card. In addition, it should now also be possible to prove the identity of a natural person electronically. State-recognized e-IDs will enable holders to identify and authenticate themselves in digital space as well. Wherever no specific regulations or requirements of the involved parties apply, and a business transaction can be completed with immediate payment, no further proof is usually required to complete a transaction.
In this field of tension, concepts such as the self-sovereign identity (SSI) approach aim to fulfil data protection concerns such as the principle of data minimization as best as possible through self-managed identities and attributes. At the same time, the other requirements of the actors involved, especially user-friendliness (see Chapter 9), are to be considered by conceptually linking them to familiar processes from the physical world. Such a trust ecosystem ultimately forms the basic infrastructure for a digital landscape, on which existing applications can become widely established and new applications can flourish. Much-discussed examples of this are the electronic patient dossier, e-collecting, and e-voting systems, the ordering of register extracts of all kinds, and, of overriding importance, the digital declaration of will by means of electronic signatures. Widely available, recognized electronic identification means therefore form an elementary building block in a more comprehensive e-ID ecosystem that can establish security and trust in the economy. As a result, sophisticated business transactions with the state as well as between private individuals can be conducted electronically and thus more efficiently as well as independent of location and time.
In addition, they form a basis for trust services, such as the electronic signature, which are offered in Switzerland and the EU by private trust service providers in accordance with strict regulatory requirements, but are not part of the e-ID.
6.2 Constitutional Dimension
It is a general achievement of the democratic constitutional system that laws grant us legal rights and that there are courts to ensure their enforcement. The COVID-19 pandemic has shown how important it is to significantly improve digital access to these courts, but also to the authorities in general.
According to the Federal statistical office (FSO) survey on Internet use in Swiss households, the proportion of Internet users among the adult population of Switzerland continued to increase. From 84% in 2014, it rose to 90% in 2017 and 93% in 2019. Accordingly, by age, almost all people between 15 and 55 use the Internet, 95% of them daily. The biggest increase is seen in the highest age groups. 88% of 65-74-year olds used the Internet in 2019 (up 11 percentage points from 2017). The numbers for Internet use in a professional context are even more impressive: 87% of employed people in Switzerland use a computer or other electronic equipment at work. 57% work with specialist software and nearly 40% are given their tasks or instructions via a dedicated application.
Today, media disruptions (germ. Medienbrüche) occur wherever formal requirements block the digital path and there is no access to a legally compliant digital alternative, or when evidence is only physically available. A national infrastructure enabling the state and private parties to issue and verify digital evidence is therefore a necessary component for exploiting the value creation potential of digitalisation and maintaining the high level of legal certainty relevant to Switzerland as a location in the medium and long term. Finally, it should be noted that (identity) proof is regularly required, especially for use cases of high importance such as official business or judicial proceedings. In view of the high level of use of the Internet across all population groups, the current lack of a digital trust infrastructure also de facto impedes access to essential public services.
In summary, creating a reliable digital trust ecosystem fills an essential gap, as the lack of trust elements in digital transactions is the biggest barrier to digitalisation today. Addressing this shortcoming will create a solid breeding ground for the future digital economy and high-quality e-government services.
6.3 Requirements for the Legal Framework
A concrete proposal for the regulation of an SSI-based e-ID approach is still pending. Nevertheless, the following core elements for the legal framework can be derived from the lessons learned from previous attempts to establish a national e-ID solution and from similar foreign projects:
A Swiss e-ID solution in line with international e-ID solutions, in particular with the solutions in the EU, would be preferable (no “Swiss finish”).
The federal government should be primarily responsible for the legal framework of the decentralised network. However, the possibility of jointly operating this network with other actors should not be ruled out.
The legal framework should set the guardrails for innovative private sector offerings in the area of digital trust.
We anticipate a wallet-level market (i.e. a multi-wallet market), in parallel with a wallet by the Federal Government (should this be provided).
In addition, the creation of a comprehensive e-ID solution will have far-reaching implications for existing legislation, which need to be considered in terms of the entire ecosystem.
First and foremost, the Federal Act on Identity Cards for Swiss Citizens (SR 143.1) seems to be affected by the matter. ID cards under this law serve to prove the holder’s Swiss nationality and his or her own identity. However, it is generally understood that the legal scope of an e-ID is less far-reaching. It neither confers citizenship rights nor does it serve as proof of Swiss citizenship, for example when crossing national borders. Rather, it is intended to serve its holder merely for online identification and authentication.
Finally, extending the view to the ecosystem of digital credentials, it must be ensured that further use cases such as age verification when purchasing tobacco products or alcoholic beverages or check-ins in the tourism sector are legally harmonised across sectors (e.g. standard use cases). Standardised requirements should even be considered in these areas to the extent necessary. This is the only way to ascertain that market participants in the ecosystem can operate such solutions economically and sustainably. User-friendliness also means that a hotel check-in in Geneva, for example, is no different from a hotel check-in in Adelboden. Precisely because these are purely technical requirements, a federal legal framework for this appears to be a sensible solution.
Chapter 7: Usability Perspective
7.1. Focus on User-Friendliness
Usability is one of the most important aspects and crucial for acceptance and adoption of the Swiss e-ID ecosystem, as it complements and partially competes against the long-established physical identity card or other physical credentials. For most users, the digital wallet is the part of the e-ID ecosystem they interact with most often and thus embodies the EDC in their eyes. This must be given the utmost attention. Other areas where usability plays a major role include the issuance, verification or withdrawal of VCs, all of which are important process steps.
7.2. Requirements for a Digital Identity Wallet
It is important to note that even the physical ID card has weaknesses and does not provide 100% protection against counterfeiting. Also, not all security features are checked at every point. These aspects have to be considered when discussing the potential security gaps of any new solution. Below is a preliminary list of key requirements that could be relevant for a digital identity wallet.
The wallet solution must support all popular mobile devices.
VCs must be usable on different devices.
Two-factor authentication should be used whenever possible as a security feature, as should biometric information. It is worth noting that there are different levels of security and that not every identity requires maximum protection, just as in today’s physical world.
In the context of physical interaction, the wallet must also function offline or in situations without Internet connection.
To create and restore a backup must be as automatic and effortless as possible.
The rollout of software updates must be as smooth as feasible. At the same time, it must be factored in that many users do not or only irregularly update their devices. This should affect the use of the wallet as little as possible.
Setup and operation should require a minimum of steps and be easy, even for inexperienced users.
There must be maximum protection against phishing or other attempts to steal VCs. This is particularly important in situations where a VC must be shown or passed on quickly and unreflectively.
The unknowing or knowing disclosure of a VC must be made as difficult as possible. This means that the verification of a credential must establish that the wallet belongs to the specified user (e.g. through photographic proof).
Just as with physical documents, such as ID cards, passports, etc., and unlike with centralised digital accounts, the introduction of VCs under SSI principles implies that the responsibility for managing these credentials is transferred. Holders are responsible for storing and managing their VCs. This transfer of responsibility has the added benefit of ensuring that there is no single point of attack. This needs to be backed up by awareness campaigns.
Of course, this list is by no means exhaustive. The development of a digital wallet calls for a detailed list of functional and non-functional requirements.
7.3. Issuing and Verification Process Requirements
As outlined earlier, the wallet is the central user interface for the e-ID and other VCs. For most users, it is the primary point of interaction with respect to their identity. Nevertheless, the processes around issuance and verification are also critical.
For these processes, the following requirements exist:
Issuing and revoking a VC must be simple, fast, and straightforward. It should preferably be done digitally so that no physical presence is required.
According to current research, our society is struggling to adopt yet more new technologies. It is therefore important to introduce the EDC by implementing processes that are as similar as possible to those used with other technologies. In fact, they should even simplify these processes since the EDC will reduce the number and variety of already existing verification processes.
Verification of a credential needs to be as simple as possible and without interface issues. QR codes are a very good option for interaction between the wallet and a business application; the COVID certificate is a case in point.
The processes for generic use cases (e.g. sign-in) need to be as consistent as possible across all participants, creating a certain standardisation and thus a logical flow for users.
The fact that verifiable credentials are managed for other individuals, e.g. for children or persons lacking legal capacity, must be taken into account.
New features such as the zero-knowledge proof must be designed to be understandable and comprehensible. The technological background does not need to be understood, but the benefits and features should be communicated to all users by means of examples.
The introduction of the digital identity wallet should be facilitated with the help of factsheets, videos, support, and training. This is critical to achieving broad acceptance. It is important to remember that all of us were introduced to the use of physical solutions as children. For future generations, the same will be true with respect to the new digital solutions.
By involving experts in usability research and considering the lessons learned from current digital identity solutions, it is possible to develop an identity solution that is easy to use and user-friendly. Today’s physical solution also has its weaknesses and flaws and, most importantly, is not designed for a digital future.
The e-ID is an important complement to the existing ID card or passport and is primarily designed for interaction in the digital world. In the future, it will most likely be the primary means of proving one’s identity. As explained above, other VCs and their combination with the e-ID are crucial in our digital lives. For some people, they will be more important than for others. For some use cases, a verifiable full identity of a person will be necessary, for others only single credentials will suffice. This diversity in society has to be acknowledged when discussing and adopting digital identity and digital credentials. In this regard, a comprehensive strategy on digital inclusion would be sensible.
Chapter 8: Economic Perspective
In many situations, the biggest obstacle to digital transformation is the lack of customer trust. This can take different forms. First and foremost, it can be due to users fearing the potential risks of a new technology and therefore shying away from adopting it. Second, it may stem from the tendency to strongly underestimate the long-term benefits based on the experience that the promised potential of new technology is rarely fulfilled in today’s society. As a result, in the public’s perception, both the short-term costs and risks outweigh the benefits, compelling them not to use the technology. Third, it can be an excuse to reject a change of professional practice brought about by a technological solution. For example, in countries that have implemented the inter-organizational sharing of patient data through electronic patient files, many medical doctors claim reluctance to share data for fear of misuse. In reality, they are far more concerned about insurance companies using the data to control their therapeutic decisions. Fourth, the lack of trust may take the form of endless political discussions in the media or in parliament. The debate over the use of social security numbers to identify citizens is a typical Swiss example.
Regardless of whether there is actual distrust of technology, resistance for other reasons or lack of clarity as to citizens’ actual thoughts about a solution, the discussion of the trust problem significantly delays the necessary measures to ensure technology deployment. For example, deficits in user experience are usually hidden behind security and trust discussions, as in the case of the Austrian Electronic Health Record ELGA as the main e-Health backbone. Solving the trust problem is therefore the biggest challenge in many sectors, blocking digital transformation in numerous cases for more than a decade. The opportunity costs of the unsolved trust problem are likely very high, although it is not possible to adequately quantify them.
Unfortunately, the trust problem is a complex social problem. In the past, we have seen many failed attempts to solve complex social problems with simple technological solutions. The principle of requisite complexity tells us that this is to be expected. Social problems require technological solutions that reflect the complexity of the original problem. These solutions should preferably be based on established cultural practices without copying analogue processes. In other words, they should exploit the new degrees of freedom in the design of digital solutions without requiring any kind of new thinking from the users. This is especially true for the trust problem depicted above. In essence, the technological solution should complement and simplify existing trust practices rather than invent new ones.
8.1. Value for Switzerland
The e-ID ecosystem of VCs provides a solution to the digital transformation’s trust problem that adequately addresses the requisite complexity. It establishes a distributed trust anchor for the digital transformation of the economy in Switzerland. In doing so, it creates a trust space based on culturally valid trust principles and practices and extends them to the digital world. The resulting trust space is anchored in a democratically controlled government, but fully owned by citizens. Thus, it combines self-sovereignty with good government. In particular, the e-ID ecosystem does not require citizens to adapt their fundamental judgements since it is rooted in analogue trust. Citizens only have to learn how to handle the digital tools, but do not need to acquire new world models. This makes it more likely that widespread adoption will eventually occur. The fact that no one other than the citizens decides how their credentials are used will keep distrust in the ecosystem to a minimum. The overall design also reduces the risks of actual systemic misuse of personal data. Thus, trust is underpinned by the technological trustworthiness of the entire ecosystem. In this way, the e-ID ecosystem helps accelerate the digital transformation of the Swiss economy and society, which in turn increases the competitiveness of the Swiss economy as well as the social and economic attractiveness of the location.
The ecosystem of digital credentials also contributes to digital sovereignty in Switzerland. At the individual level, citizens can control the use of their VCs, at the organisational level, companies and institutions control the issuance of VCs, while at the national level, Switzerland as a country has full control over the trust anchor. Due to interoperability properties, the e-ID ecosystem will be compliant with the emerging ecosystems in other countries as well as with the European ecosystem around the digital wallet that will replace the eIDAS concept and infrastructure. In this way, Swiss citizens and companies would not have to adapt to foreign solutions for activities across Europe. Likewise, foreign nationals would be able to use their credentials in Switzerland without adaptation.
So far, however, there are still some limitations. The EU Commission’s current requirements under the proposed new eIDAS regulation stipulate that the wallet must be implemented with the EU toolbox, failing which it is not possible to be part of the trust registry or bring the EU VCs into your wallet. Nonetheless, the basic interoperability in terms of all dimensions of the European interoperability framework (EIF) provides a good foundation for the future unlimited and unhindered cross-border use of digital credentials.
To summarise: The ecosystem of digital credentials, by design, creates a sustainable solution to the trust problem. It thus reduces the obstacles on the path to the digital transformation of the Swiss economy, helping it to grow. In addition, it strengthens digital sovereignty and thus creates public value for Swiss society.
8.2. The Complexity Challenge
The e-ID ecosystem provides small, ever-growing benefits to many actors, but also imposes costs on them. Strong network and economy of scale effects occur. The more actors participate, the greater the benefits for all participants. The costs of having more actors in the system are zero for a single actor, and the marginal costs of issuing and holding more credentials or presenting and verifying them more often are very low. Consequently, the potential benefits to individual actors depend on the size of the ecosystem, i.e. the number of credential holders, credential issuers, and verifiers, while the individual costs are independent of the size of the ecosystem.
More issuers and more verifiers implies that credential holders can use credentials in more situations, while their costs stay nearly the same. The time costs for installing a digital wallet (and the financial costs that may be incurred) are much higher than the costs for using it, i.e. for presenting credentials to verifiers. Thus, the overall costs will be offset only if there are enough usage opportunities.
More credential holders and more credential issuers implies that verifiers can benefit more often from established verification processes, while their costs remain essentially the same. The cost of setting up these procedures and the necessary infrastructure is much higher than the cost of conducting verifications. Thus, the overall costs are compensated only if enough people use these procedures.
Finally, more credential holders and more credential verifiers means that the issuance of paper certificates can be replaced in most cases on the credential issuer side, with costs again remaining essentially the same. The cost for setting up the issuance infrastructure and the issuance processes is much higher than the cost of issuing a verifiable certificate. Thus, the overall cost will be only offset if enough paper documents can be replaced with digital credentials.
In other words, when building the e-ID ecosystem, we are dealing with a version of the chicken-and-egg problem involving three groups of actors (instead of the two groups of actors in the classical chicken-and-egg conundrum). The ‘first copy costs’, i.e. the costs for putting in place the necessary infrastructure and processes, and the costs for running the infrastructure are many times higher than the costs of operating the processes in an actual use case. The decisive factor for a successful solution to the chicken-and-egg problem is therefore the number of uses. As long as this number is low, there is little incentive for stakeholders to participate in the ecosystem.
It is important to note that the presented chicken-and-egg problem is not a purely quantitative one. It also involves a qualitative aspect, namely diversity. The ecosystem as a whole benefits from both a few highly attractive single-use cases and a wide diversity of the many other verification use cases.
8.3. How to Solve the Chicken-and-Egg Problem
There are many experiences with the chicken-and-egg problem in the technological context, some of which are rather unfortunate. Usually, full adoption does not occur immediately, but with longer delays. In general, technological progress and the economic use of the technology do not run in parallel, which may in fact prevent the rise of a new technology. The only way to overcome these problems is to make sure that: a) there is a wide range of usage options with tangible added value, and b) people are aware and committed pioneers are exploring enough of these options.
In general, there are six principles that we can learn from to build the Swiss Trust Ecosystem:
The larger the optional system, the more likely it is to be adopted. Consequently, a level 3 ecosystem has a much greater chance of becoming successful than a level 1 or level 2 ecosystem.
The low cost of use is a necessary condition for solving the chicken-and-egg problem. Therefore, as an infrastructure component of the e-ID ecosystem, the verifiable data registry should be provided by the government as a public service.
Communication must take the difficult route of explaining the underlying concept, rather than telling simplistic stories that reduce the big picture to trivial or even atypical use cases.
Pioneering efforts must be supported in effective ways. Relying on the lucky emergence of enough pioneers without supporting this process carries a significant risk of delay or even failure. Instead, a strategy is needed as to which activities and fields of action should be prioritised.
Building an ecosystem cannot be fully planned in advance, nor can it be fully carried out ad hoc. Instead, it is necessary to implement a clear strategy in an agile manner and adjust plans according to observed successes and failures.
Examples from abroad show that if the use of verifiable credentials from the e-ID ecosystem is made mandatory for accessing e-government services, adoption significantly increases. In contrast, failure to adopt key e-government services undermines trust in the e-ID ecosystem.
Chapter 9: A Possible Roadmap
In December 2021, the Federal Council called for an e-ID ecosystem based on a state-operated infrastructure in its directional decision. We outline a possible roadmap of what an e-ID ecosystem could look like in the Swiss context. This is of course based on preliminary information and is thus largely hypothetical. It is merely a first attempt to understand what is to come. It is by no means comprehensive and is intended to be iterated upon as new information becomes available.
9.1. e-ID, e-ID-backed Digital Signatures, and Digital Driver’s Licences
The starting point for the formation of the e-ID ecosystem will be the issuance of the e-ID itself, together with e-ID backed digital signatures. The Swiss government has the political mandate for this implementation. It must be stated again that in an EDC, the e-ID, while being the most important VC, remains one VC among many. In other words, the e-ID as a means to enable citizens to authenticate themselves in a trustworthy manner is a core element of the EDC. It is our understanding that the e-ID credentials can be used universally for trusted identification and for the application of digital signatures. The issuance of the e-ID and subsequent e-ID-backed digital signatures will therefore be decisive milestones in the development of the EDC in Switzerland. This will actually set in motion two parallel efforts. One includes initiatives driven by the federal government, while the other entails initiatives driven by the private sector and academia. We will discuss both in turn.
In addition, VCs for driver’s licences, which are being developed in a pilot project by asa and FEDRO (see Chapter 1), may become a core part of the EDC. Legal foundations already exist in this area. Moreover, it is already planned to extend this pilot project to navigation licences.
9.2. Subsequent Government Efforts
The issuance of the e-ID and subsequent e-ID-backed digital signatures opens up two options for the government:
Use of government-issued VCs and the e-ID for e-government processes
Citizens’ adoption of e-ID would be greatly enhanced if all e-government services requiring authentication accepted (or even required) the use of an e-ID. This, in turn, could be pushed by providing open-source components that can be used by government agencies on all federal levels to implement the authentication process via e-ID. Similar support through open source components has already been successfully implemented abroad, e.g. at the national level in Austria for the ‘Handy-Signatur’ and at the supranational level in the EU for the eIDAS nodes (see Chapter 1).
Use of externally issued VCs for e-government services
Many mandatory e-government processes require relevant declarations from third parties. Tax declarations, for example, typically involve declarations of income, accounts balances, and expenses. Theoretically, these tax-relevant statements could be issued as VCs by the relevant organisations. Since they have to issue the declaration anyway, they do not need to set up new processes, but simply add the possibility of VC issuance to existing processes that can be automated. This would eliminate media disruptions, with some benefits for users and significant benefits for the government agencies involved. One way to move this forward could be to require organisations to provide VCs on demand in selected cases. Some of these VCs could then be reused in business transactions.
In this context, it is important to note that the federal government has announced two EDC projects. One is a pilot project for digital driver’s licences, for which a legal basis already exists. The other is a proof-of-concept (PoC) project for digital VCs intended for federal employees (see Chapter 1).
9.3. Subsequent Ecosystem Efforts
The issuance of e-ID and e-ID-enabled digital signatures will provide opportunities for the ecosystem, notably the private sector and academia, to initiate use case scenarios. In light of the chicken-and-egg problem (Chapter 8), it will be important to prioritise the fields of activity. Two types of usage scenarios are most likely to succeed. The first involves instances where the short- to mid-term economic benefits are evident, resulting in a small but committed sectoral ecosystem of issuers, holders, and verifiers. The ongoing SSI efforts fall into this category (see Chapter 1). The second are cases where a broad stakeholder engagement can be achieved through regulatory means or through existing offerings (even if the benefits are mid- to long-term only). For instance, these could include efforts around membership cards. The two following sectoral scenarios are built on this basis:
Academic Institutions Issuing VCs to Students
Universities can issue all kinds of diplomas (as well as of course student IDs) as VCs. They can also require VCs for enrolment in courses or matriculation. Investing in this sectoral ecosystem is a means for universities to become digital transformation pioneers. Lagging behind is not an option for individual institutions, as it might affect their position in an increasingly competitive market. The economic benefit of this usage scenario is the simplification of document verification, which will allow a lot of time to be saved and increase the flexibility to set up courses on an ad hoc basis. In the long run, academic certificates as VCs will help streamline the accreditation process and reduce the possibility of fake diplomas while improving organisations’ recruitment efforts. This is a case in point where the short- to mid-term economic benefits are obvious. As a result, a small but engaged sectoral ecosystem of issuers, holders, and verifiers may emerge.
Organisations Issuing Membership or Affiliation Status to Employees
Companies, institutions, and associations can issue VCs of membership or affiliation status to their employees, partners, or customers. These VCs can then be used to gain access to digital or analogue resources (e.g. access to buildings). In most cases, organisations need to issue some form of credentials anyway. Thus, they just have to extend existing processes for allowing the issuance of VCs. VCs help them to automate access control digitally and save money on membership cards, while VC holders no longer need to carry around large stacks of analogue membership cards. As a side benefit, organisations can standardise their access control systems, which simplifies related procedures, saves time, and improves security.
Other Promising Use Cases
There are further promising use cases that merit closer investigation. These include verifiable credentials in healthcare, e.g. to reliably document the education and training of professionals or the insurance status of patients. Furthermore, VCs for account status could be offered as a service in banking, depending on the market sector and the business strategy, or companies could issue VCs to their legal representatives. Once the ecosystem is established through the efforts outlined before (Chapter 9, as well as points 1 and 2 in this Section), there is an opportunity for companies and other organisations to promote use cases as innovation, either by adopting verification practices and acting as verifiers or by issuing new types of verifiable credentials.
9.4. Use Case Development
The question remains how to concretely address the above usage scenarios. Innovators will have to deal with the following issues:
How to move forward when expectations are high while many unanswered questions seem to halt progress?
How can we demonstrate the value of an ever-evolving technology before all open questions have been clarified?
In light of this contradiction, we propose a two-stream approach to implementing these usage scenarios. The main goal of stream 1 is to show, not to tell. In a sandbox-like test environment, practical use cases of all types and for all sectors could be developed and demonstrated to people who are not yet familiar with the concepts associated with an e-ID-Ecosystem. Initial sandbox-like environments already exist in the Swiss market. In such environments, prototypes or minimal viable products (MVPs) could be built based on frameworks readily available for the underlying decentralised trust network. These applications will never go directly into production, but serve to demonstrate the interaction of all players in such an ecosystem. The proposed federal law on the use of electronic means to fulfil government tasks (EMBaG) supports stream 1 projects. Its final form will define the specific setting for these projects. However, stream 1 projects could also be implemented in the private sector.
The goal of stream 2 is to design and build the infrastructure, tools and governance required to create a solid, secure, and internationally interoperable foundation for a Swiss e-ID ecosystem, including the digital wallet. Here, the federal government is predestined to play a leading role. Ideally, these two streams will run in parallel and cross-fertilize each other. This presumes that there are communication channels between the two streams to exchange experiences and perspectives.
We believe active interaction between academia, industry, government, and the general public is essential for the successful deployment of an e-ID ecosystem in Switzerland. An orientation towards the quadruple innovation helix concept would be particularly expedient here. Only in the spirit of collaboration, transparency, and inclusion can we move towards a Swiss trust ecosystem that will deliver on its promises.
Chapter 10: Open Questions
What happens when a digital wallet is lost? How does the backup work?
How would digital signatures work as part of the e-ID?
What exactly does the management of the trust registries look like?
How exactly will verifiers be approved to participate in the trust registries?
Will the federal government also issue its own wallet? If so, will it be mandatory? What kind of private sector involvement can be expected? And if not, will the federal government support wallet solutions in other ways (e.g. through standards or developer kits)?
What is the practical interplay between trust anchor and user control?
How will international technology and electronics companies react to digital credentials from a government-controlled ecosystem?
This document is intended to serve as an initial contribution to the ongoing meta-level debate about the development of the e-ID ecosystem in Switzerland. Therein, it intends to initiate a constructive dialogue as this topic matures.
Feel free to share your thoughts via our Thread in the GitHub Forum, which was set up by the Federal E-ID Project Team.
Get the latest digital thinking direct to your inbox. Join more than 12,000 fellow digital enthusiasts for our regular round-up of the latest news, project updates and ideas to inspire.