The Digital Mobile Key is the National ID mobile solution which allows citizens to electronically identify themselves in most public, and some private companies websites in order to perform digital services, through their smartphones, tablets or laptops.

It’s a simple electronic authentication mechanism that concurrently (i) safeguards a greater citizen comfort, (ii) supports more efficient public services and (iii) allows for greater complementarity, since a single password provides access to most of the Portuguese State portals, and even some private ones.

Apart from the mobile authentication feature, it also enables qualified electronic signatures both as natural persons and in a professional capacity. The Portuguese Professional Attributes Certification System (SCAP), brings the added value of allowing Public Officials, lawyers, engineers, doctors, among other professionals, to sign as such, being fully certificated that they are indeed those professionals.

The Digital Mobile Key has already been implemented, and is completely operational and being used by more than 215.000 citizens. At this point, one of the main goals is to continue to disseminate the Digital Mobile Key, increasing the number of citizens and private companies adopting this solution in their daily lives and businesses.

With that in mind, AMA developed a communication strategy which included: promotional products; the development of a single concept and image; the participation in public events to target multiple audiences; videos explaining how it works were published on youtube and on social media; and there were several publications on social media and an extensive media coverage.

The up-scaling of the connection with the private companies and the creation of new synergies, are also a priority at this stage. Whether regarding the use of the Digital Mobile Key as an authentication mechanism in their online platforms, or its expansion as a certified electronic signature instrument.

There are several entities endorsing the Digital Mobile Key, including central government bodies, municipalities and the National Post.

Also, MUDA, a national movement committed to the promotion of digital services, has been actively promoting the adoption of the Digital Mobile Key in Portugal.

The goal is also to increase the number of private companies adopting the Digital Mobile Key. Nevertheless, at the moment, there’re already protocols with EDP, Millenium, and MEO.

The registration for the Digital Mobile Key is simple and available to all citizens, regardless of their gender, age, location, economic context. And by using it, citizens can now access and perform hundreds of online public services in a free, easy and secure way.

Moreover, this alternative authentication method can be used either by Portuguese citizens or by non-Portuguese citizens living in Portugal, which can now start using Portuguese-based online public services.

By using the Digital Mobile Key, citizens can now access and perform hundreds of online public services in an easy and secure way, using a solution that brings greater convenience for citizens when interacting with the public administration, as well as the private sector.

Besides, the authentication can now be performed without a card reader and Portuguese citizens in other countries may also have access to the Portuguese online services, anytime, anywhere.

Since the Digital Mobile Key was implemented in 2014, there were more than 215.000 people adopting it as their authentication instrument and, since April 2018, as a way of electronically sign documents. Social security and the tax authority are the entities registering more authentications through the Digital Mobile Key.

Digital Mobile Key performance is made available at www.autenticacao.gov.pt, providing performance measure regarding Digital take-up and Digital Service Completion Rate, among others.

To become a viable authentication instrument, the Digital Mobile Key needed to be disseminated and adopted by several public entities. Since some of these entities feared to lose some control of their online platforms and security protocols, that was not always easy to do. It took a lot of negotiation to make them realize that this was an initiative that would benefit all.

Another challenge was its adoption by the citizens themselves. To make the initiative known to everyone, and to make citizens realize that this is an easy and secure way to authenticate took some effort and it is still a work in progress through communication strategies.

The fact that the Digital Mobile Key consists in a qualified electronic signature also needed to be addressed in terms of legislation, which presented a political challenge. At the beginning, for legal constraints, the qualified electronic signature was only possible using a smart card, but with the eIDAS Regulation (Regulation (EU) No 910/2014), that is no longer a problem.

The top level political support is always paramount for the success of any transversal initiative to all the governmental areas. Only with that kind of support, can we really implement an initiative which needed to change legislation and coordinate with different entities, breaking silos and harmonizing procedures throughout the public administration.

The fact that the Digital Mobile Key scaling was one of the 255 measures of SIMPLEX+, a collaborative and nationwide simplification program launched by the Portuguese government in 2016 to co-create new online public services, optimize existing ones and de-bureaucratize the relationship between public institutions and civil society, was also an element to success.

Finally, a flexible and hardworking team, prone to out-of-the-box thinking and committed to the citizen’s needs and the creation of an efficient, user friendly and secure authentication instrument are also key features to the success of the Digital Mobile Key.

Digital Mobile Key is an initiative which is already part of the citizen’s daily relationship with most of the public entities and is also used by private companies, so it is a replicable solution. Besides replicability, it’s also adaptable, using agile methodologies and technology, which facilitate its reuse.

Through the use of SAML 2, oAuth 2, CAS 3, among others, it’s based on open standards and developed using agile procedures, such as two weeks sprints that ensured its continuous improvement according to the user’s feedback. The source code can also be reused under the EUPL license.

Besides, the Digital Mobile Key was built as a GaaP approach, provided to public and private organizations with a standardized and open API which supports authentication and signature reuse across government and third party service providers. It is intended to break silos, facilitate the relationship between the citizens and the state, and at the same time bring costs reduction benefits.

One of the lessons learned is that it should never be forgotten that the solution is being built for the citizen, and if he/she doesn’t believe that the innovation is something needed and that can easily be used, the solution won’t be adopted.

Besides the emphasis on usability, an instrument such as the Digital Mobile Key also has to have a huge focus on security. In fact, the balance between mobility, user friendliness and security has to be kept in mind, since all of these aspects are essential for the success of the initiative. Only by doing so, will the citizens, and the private companies, trust and adopt the solution.

This being said, not only does the initiative has to be technologically consistent, secure, user friendly and useful, it also has to be properly communicated to its users, who need to understand it and trust it. This means that it helps to have a sound communication strategy supporting the launch of initiatives such as the Digital Mobile Key.

Another important aspect is the engagement of all the relevant stakeholders from the beginning. It’s important that they feel they’re part of the solution, and that their points of views are considered. The entities using the Digital Mobile Key, for instance, are renouncing a part of the control they had in terms of security of their online platforms, so it’s important that they trust the Digital Mobile Key, and that they feel comfortable using it.

The use of open standards also brings benefits, such as interoperability and data exchange, minimizes the risk of an application to become obsolete and enables the solution’s reuse. Its reuse being a very important feature of this innovation.

Since its reuse is an important feature, it’s also worth mentioning that there are several services being reused by the Digital Mobile Key, namely:
• National SMS Gateway (http://www.iap.gov.pt/services/SMSPlatform.aspx),
• National Interoperability Platform (http://www.iap.gov.pt/services/IntegrationPlatform.aspx),and
• National Identification Provider (https://autenticacao.gov.pt/). The Digital Mobile Key solution is implemented over the National Identity Provider (Autenticacao.gov), available in a website, and receives SAML requests from external Portal and Systems.