Fedict has selected ForgeRock to support identity and access management for the Federal Authentication Service (FAS). As a result, ForgeRock will enter the homes of 3.2 million Belgians. Identity is the new security perimeter. At the same time, ensuring easy access to public services is crucial.
Fedict, the Federal Public Service for Information and Communication Technology, has selected ForgeRock to support identity and access management for the Federal Authentication Service (FAS). As a result, ForgeRock will reach 3.2 million Belgians.
Identity is the new security perimeter. In the past, you literally had to walk through a gateway or door in order to get to work and access your files. Today, you may have online access to your digital files that is based on your identity. Employees used to have to walk to a filing cabinet to look something up, but now they simply log in to a database, and a similar situation also applies in the relationship between a business and its customers. You can, for example, pay for online purchases by logging on to PayPal.
Each application requires a customised level of security, of course, and the importance of the user experience also varies from one application to the next. A regular password is probably sufficient for something that you subsequently need to sign for. The highest level of assurance is required for accessing tax-on-web or other sensitive public services, and gaining access must be easy and user-friendly. It is therefore crucial for Fedict that your identity can be established reliably at any time, and that such data is stored securely.
“E-government is continuing to grow,” said David Mampaey, Service Manager at Fedict. “And identity is the cornerstone for this. We used to work only with the eID and tokens – a combination of something you have and something you know. However, there are now dozens of systems emerging that you can use to log in, such as Google Authenticator. This application uses a one-time password and is already available. Moreover, authentication based on iris recognition or other forms of biometric identification are emerging. We therefore need to work on new authentication methods that will lead to more people making use of the digital services provided by the government, but that still enable citizens to log on in a secure manner.”
ForgeRock provides a secure connection between the government and citizens. CSAM (Common Secure Access Management System), the result of collaboration between various public services, is the system used to access some 800 digital applications provided by the federal government and regional and local authorities. Fedict takes care of the one-time, secure identification of an individual. At the same time, it supplies information to the 800 applications. For example, Fedict ensures that the applications used in central databases can check which people have been given a particular mandate for a particular business, for example for filing VAT returns or bidding for public tenders.
To guarantee secure identification, Fedict selected ForgeRock. “Although the software is open source, extensive support is provided,” said David Mampaey. “There is no other product on the market that can be compared to ForgeRock.” Some 3.2 million Belgians used digital public services in 2015.
Paradigmo, which is specialised in identity and access management, is a ForgeRock partner. “Paradigmo handled the migration from FAS to ForgeRock's OpenAM,” David Mampaey explained. “Paradigmo and system integrator NRB/Trasys provide us with support in our day-to-day operations and in the event of incidents under a service level agreement (SLA). As it turns out, we have little need of this agreement. We started out six years ago with 2 million user licences; today there are 3.2 million. This steady growth is certain to continue.”