Feasibility study of my number card
NICSS: Next generation IC card System Study group
ASIST: Advanced research center for Social Information
Science and Technology
Tokyo Institute of Technology
Prof. Nagaaki OHYAMA
C
Copyright 東京工業大学 大山永昭
1
My number ACT
• The new regulation (My number act) was approved by the
parliament on 24th of May, 2013
• Based on this act, every resident in Japan will receive his/her
personal number on 1st of Oct., 2015 by mail; notification of
personal number
• The new ID number can be used only in the tax and social security
areas; every money flow excluding health information
• New ID card will be issued from 1st of Jan., 2016
• Link system and my number card will be available from 2016
C
Copyright 東京工業大学 大山永昭
2
Schematic diagram of link system : personal basis
My portal
Link code A
New ID #
Personal data A
e-ID card
Agencies in tax and
social security area
National ID#
Link code B
Internal ID #
Link code P
Personal data B
Link code A
Local government
Resident registration
code
・
・
・
・
・
Link code B
Link code X
internal ID #
Personal data X
Link code X
Core system using pseudonym
Private sector in future
C
Copyright 東京工業大学 大山永昭
3
My number card under preparation
• My number card will be issued from 1st of Jan., 2016
• Together with my number act, resident registration and JPKI
acts were revised and authorized simultaneously
• Revised JPKI act will come into reality on 1st of Jan., 2016
• My number card will support both digital signature (nonrepudiation) and personal authentication services
• My number card will have facial photo
• My number is printed on the backside of the card with copy
protection
C
Copyright 東京工業大学 大山永昭
4
My number card under preparation
• Replacement of the resident registration card
• Certificate of authentication service does not include 4 personal
information
• My number card will be issued on request
up to 130M
• CRL will be disclosed to private sector under permission of
minister of MIC (ministry of internal affairs and communication)
Note; Current JPKI is limited to the public sector in order to avoid a
potential depression of private business of PKI
C
Copyright 東京工業大学 大山永昭
5
Personal authentication service
service provider
certificate
① request of log-in
④ receive R
② validation of
certificate, then
generate “r”
R
③ encrypt “r”
→R
⑤ decrypt R
r’
⑦ check if
r＝r’
⑥ send r’
User
e-ID card
internet
This certificate does not include 4 personal information
C
Copyright 東京工業大学 大山永昭
6
Enrichment of card services
• Services could be securely linked to my number card
through the on-line authentication
– Attributes such as license and qualification
• Validation of the health insurance through linking to the insurers
– Payment services under plan
• Functions of debit card, internet banking card and credit card
(secondary card), etc.
– Pin-less scheme will be supported by my number card
• Useful for micro payment just like sign-less
• Statistics tells us that Monday morning, we have 15 M transactions
for the validation of health insurance
C
Copyright 東京工業大学 大山永昭
7
Multi-application using my number card
Cable TV
Credit card
Bank
Table of serial #
with bank account
ATM
R/W
STB
Table with customer
number
With credit
card number
My number card
Personal authentication service
C
Copyright 東京工業大学 大山永昭
8
Trials under preparation
① Log-in to my portal through cable TV at home
– Checking the access logs of the personal information access
through the link system
– Portal of e-Gov. and social insurance including healthcare
– Portal of private sector services such as Electronic Commerce
② Use cases away from home
– Identification at bank and government offices, etc.
– Issuance service of official documents at Kiosk
– One card for healthcare and daily life in the near future
C
Copyright 東京工業大学 大山永昭
9
Promising use case
Useful scenario; going to see a doctor ⇒ health insurance, payment, eprescription, etc.
• At present
– Go to a hospital with an medical insurance certificate
– Receive a paper-prescription and pay 30% of the medical fee by cash, credit or debit
– Go to a pharmacy with prescription, pay 30% by cash, credit or debit and receive
medicine
• In the near future
– Go to a hospital with my number card
– Prescription is up-loaded to the medical server and pay 30% by my number card
– Go to a pharmacy, download the prescription and pay by my number card
We do not have to wait for long time at the hospital
C
Copyright 東京工業大学 大山永昭
10
Summary
• New ID number exclusively use in taxation and social security
areas will be issued from 1st of Oct.,2015
• Resident registration card will be upgraded to my number card
• JPKI service will be expanded to the social security area as well as
authorized private sector such as cable TV, bank etc.
• My number card will be issued from 1st of Jan., 2016
• My number card together with JPKI will support IAS
(Identification, Authentication, Digital signature) to be fully
functional e-ID in Japan
• Pin-less scheme will bring various convenience to us
C
Copyright 東京工業大学 大山永昭
11