Brilliant. So thank you everyone for joining in with me today. Today I'm gonna talk about Sri Lanka's unique digital identity MO implementation. So I'm D ha, I work as a director, software architect at I CT A. So I T A is the PS policymaking body for government of Sri Lanka. We are a government organization, so we are empowered to drive the digital transformation in Sri Lanka. So we offer various services. So we digitize government departments and we focus on cybersecurity, digital skill training, and we empower startups also. That's little bit about ict. Okay, now let's focus on digital identity. So in any given ID system, there are two types, foundational and functional. So today we are go fo, going to focus on foundational id. So the basic role of a foundational ID is to provide identification and authentication, right? So, and also it'll provide unique IDs, digital credentials and authentication.
So that will be the basis of a foundational id. So does Sri Lanka need a digital id? So we have a very robust traditional ID which has been running since 1971, operated by department of Register of persons. So they are the main stakeholder of this project as well. But there are a lot of shortcomings. The currently the ID we have, it was bounded to a physical presence of the ID card owner. We can't operate digitally, we government can't do digital transactions and the authentication needs performed me on a visual check. We have to check the, do a comparison of the person in front and the card holder. And we have to, lot of times when we obtain government services, we have to provide additional documentation just to prove our identity, which is a big hassle. And there are many cases fraudulent transactions have been reported. So this is a bottleneck for our digital identity, our digital transformation journey.
So that's where we thought of coming in with a solution, which is the digital identity obviously. So this is twofold. Basically it's a biometric back identity and a digital credential for an individual to operate in the cyber race. So in terms of biometrics, we will collect fingerprint, iris and facial and we will do a D duplication and we will offer the identities. The service will be consumed by public sector as well as private sector. The citizens only have to give their detail once we follow a principle called collect ones. So afterwards, these details can be used for authentication as well as E K Y C purposes. So this project also D R P is empowered department of register of persons is empowered to do to or to drive the project. So as I C T A we do is the technology leadership.
Okay, before jumping into the digital identity, I want to show you something really important as a government, we have a government enterprise architecture. So on the bottom we have the network layer, which is Lanka government Network. On top of that we have the Lanka Garment cloud, which is the private cloud we have for dedicated for garment of Sri Lanka. On top of that, we are building the unique digital identity and a data exchange. So data exchange as an example, you know, extra similar to that. So those are the foundational layers, network, cloud and identity and data exchange. On top of that we have shared services like payments, email, collaboration, all will reside on top of the foundational layers. Then we have line of businesses specific to each domain. Those are delivered through mobile lab, web, Porwal, APIs, various mechanisms to the stakeholders. Stakeholders can be citizens, tourist, business startups, government organizations, private sector businesses can be anything but today's discussion. We are gonna focus on unique digital identity. So this is the one plus one vision diagram that we have come up with. So on the blue you can see the first year components that we are building as the unique digital identity. On yellow you can see the second year components. So this is a multi-stage project backed by technicalities, project management, legal aspects, and lot of engineering work as well.
So this is the digital government architecture. So this is my bread and butter, this is what I do. So on the bottom you can see the data layer. Basically there will be multiple databases including biometrics, biographic data, master data. On top of that we are gonna have a functional layer. So the functional layer will consist registration, authentication, E K Y C, and other admin services. These services will be exposed through a service exposure layer to web and mobile applications. And the third party integrations to be consumed by these stakeholders, citizens, D R P, who's the project owner, admins, public sector, private sector, even to the developer community to come up with applications. And on the left you can see the couple of non-functional requirements, important ones. And on the right you can see through SDK we are integrating A and biometric devices. So this is a high level overview or I would rather say high level functional reference architecture of slu. And if you can see, this is geared more towards moip, right? So the moip, we have been inspired by moip and we are using mossi for our identity layer.
So the process, we will do a pre-registration, which could be online as well as offline. So the offline, you'll get a form, you'll have to fill it out and you'll have to go to a registration center. At the registration center you will give your biometric and biographic data. So those will be duplicate. And afterwards those will be verified by A D R P officer. D R P means department of register persons. They'll be officers who will be manually verifying all of these against the existing artifacts such as birth certificate, marriage certificate, driver's license, water's registry. We'll use multiple sources. That way we can ensure that we will issue a valued license which citizen can use for authentication.
So this is the high level authentication and E K Y C flow. On the left you can see the request flow. On the right you can see the response flow. So basically we are using somewhat similar to ADA's approach where you have a trusted service provider to augment the identification systems functionality. So basically citizen will engage with the business application, which is owned by the user agency as an example. User agency can be a bank or can be a any service offering company and they will be integrated with the trusted service provider, mostly over VPN or, or can be even internet connectivity at times, right? So let's look at a quick workflow. So citizen will go to the service provider in this example, let's say a bank. Then he will give his biometric because in order to obtain financial services, you have to prove your identity.
Then those information will be sent to the TSP trusted service provider who will broker the I identification approach. Then TSP will send a notification to the citizen. So this can be a SMS or this can be a call, this can be through the mobile application just to get his consent. And the citizen will give the consent back to tsp. TSP will carry out the authentication, then the pass the response back to UA and ua. UA means user agency will offer the service to the citizen, right? So foundational framework for digital transformation. As you all aware, this will enable the digital transformation, very inclusive manner reducing and transactions and corruptions. And this will be the cornerstone enabling authentication for critical government services and citizen services. Also, this will lay the foundation for digital transformation in Sri Lanka and it'll enhance the visibility and the quality of service delivery that we do right now.
So these are a couple of examples. On the left you can see benefits that citizen will get on the right, you can see the benefits that service provider gets. So as I told you, we are mainly focused on moip. If you, if you ask me what is moip, it's a modular open source identity platform which allows governments to implement foundational id as we speak, Mossi has crossed the one 100 markoff registrations and they are funded by multiple parties. So why did we use mossi? So it is modular, you can customize as you want and it has the population scale performance and they use automation which will be efficient running ID platform. And most importantly what we have seen is in Sri Lanka, some of the systems they get vendor lock. So we from the, from the inception, we want to be vendor neutral. That's why we choose mosi.
So how do we ensure that all those characteristics are there in mo? The way we ensure this, we carried out a poc. In the poc, we covered all these functionalities process, then authentication, integration with the existing government department systems and integration of ABIs, email gateways, biometric devices, all these were done. So the first phase of the POC and the second phase of the POC has been completed up to now covering all of these aspects. And even this week on Monday we, I'm very proud to say we have published an RFP for vendors to bid. So it is up out there, IT the entire RFP is structured in a way we will get the infrastructure, biometric devices obese and SI two to implement digital identity in Sri Lanka. Right now let's look at a quick demo of the POC that we carried out, right? I hope you can see my screen?
Yes, yes you can.
Right? So on the left you can see it's the MO registration application. On the right you can see the applicant. I hope you can see the video. So they are giving now the
we cannot see the video. It's not playing.
Okay, let me play it again. Can you see the video playing now?
Yes. Now it's working here, right?
So on the left you can see the registration client, which we built on top of Moip. On the right you can see a registration happening. So he gave his biographic data. Now he's going to give his biometric data. So these are just artifacts, couple of artifacts that we collect the existing national ID driving license if, if he has any. Now he's giving IRS biometrics. So all these first tested during our poc, we even did two live use cases. First one is opening of a bank account, second one was obtaining a sim card. So these were live use cases that we did. Now he's going to give fingerprint on the second four fingers it's 4 42. Now he's going to give the other two fingers. All right. Now the phase biometrics. On the production deployment, we plan to capture the phase biometric also based on standards. This is supervisor's, username and password. And citizen will see a overview of data that he gave and the supervisor will upload these packets back to the server until such time these registrations packets will stay in the enrollment device. So on the production, not only enrollment stations, we plan to get
Portable enrollment devices also to address or or to enroll disabled persons or persons who are in rural areas. Because in a foundational ID inclusiveness is a key characteristics that we should strive for. So this is the D R P application where A D R P officer, a department officer will verify his details against other artifacts and he will approve. And once he approves he will receive a SMS as well as a email and he can log into the Porwal. This is just a a half bake Porwal we did just for the pilot, we, we are coming up with a better Porwal. This is just to try out APIs and the functionalities and a letter also will be generated. And with this information we will post back. Right? Let me share my screen again.
This one, just a reminder, we have one minute left.
Yeah, okay. Right. So I hope you can see my screen. I'll quickly run through. So these are, these are the standards that we comply to. Most of them are so standards. So this is the implementation timeline. So basically first year we'll get set of components, then the iteration two, four months we will get another set of components. Then we will go live implementation approach. We have a MSI and msp. So we covered all this. Now we plan to implement a digital digitally enabled Sri Lanka. So with that hope, I would like to conclude my presentation. If you have any questions, I would be happy to answer.
Thank you so much for your presentation. Rhonda. Applause for this one. Everyone.
