DRAFT FOR CONSULTATION PROCUREMENT GUIDE AND CHECKLIST for Digital Identification Systems © 2019 International Bank for Reconstruction and Development/The World Bank 1818 H Street NW Washington DC 20433 Telephone: 202-473-1000 Internet: www.worldbank.org This work is a product of the staff of The World Bank with external contributions. The findings, interpretations, and conclusions expressed in this work do not necessarily reflect the views of The World Bank, its Board of Executive Directors, or the governments they represent. The World Bank does not guarantee the accuracy of the data included in this work. The boundaries, colors, denominations, and other information shown on any map in this work do not imply any judgment on the part of boundaries. The World Bank concerning the legal status of any territory or the endorsement or acceptance of such ­ Rights and Permissions The material in this work is subject to copyright. Because The World Bank encourages dissemination of its knowl- ­ ttribution to edge, this work may be reproduced, in whole or in part, for noncommercial purposes as long as full a this work is given. ­ ublications, Any queries on rights and licenses, including subsidiary rights, should be addressed to World Bank P The World Bank Group, 1818 H Street NW, Washington, DC 20433, USA; fax: 202-522-2625; e-mail: pubrights@worldbank.org. TABLE OF CONTENTS ABOUT ID4D . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vii ACKNOWLEDGEMENTS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . viii ABBREVIATIONS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ix EXECUTIVE SUMMARY . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xi 1.  ID SYSTEM LIFECYCLE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Enabling Tenets of an ID System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Legal Framework . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Resident’s Charter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Architecture Principles of an ID System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Governance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Phase I – Plan and Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Phase II – Procurement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Phase III – Implementation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Phase IV – Steady State . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 2.  A DETAILED VIEW OF THE PROCUREMENT PHASE . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Procurement Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Assessment of In-House capability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Market Analysis and Vendor Consultation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Risk Assessment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Vendor or Technology Lock-in . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Procurement Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Procurement Considerations for IT components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 Procurement Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 Instructions to Bidders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 Scope of Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 Conditions of Contract . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 APPENDIX A: PLAN AND DESIGN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 APPENDIX B: IMPLEMENTATION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 APPENDIX C: STEADY STATE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 APPENDIX D: KEY TERMS AND DEFINITIONS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49    |   iii LIST OF BOXES BOX 1.1  LESSONS FROM THE PROCUREMENT PROCESS OF INDIA’S ID SYSTEM, AADHAAR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 BOX 2.1  POOR PLANNING AND DESIGN LEADS TO CHALLENGES IN PROCUREMENT PHASE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11 BOX 2.2  ILLUSTRATION OF PROCUREMENT RESULTING IN VENDOR AND TECHNOLOGY LOCK-IN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 BOX C.1  CHALLENGES FACED IN PROCUREMENT FOR DIGITAL ID SYSTEM BY COUNTRIES . . . . 46 LIST OF FIGURES FIGURE 0.1  PHASES OF A DIGITAL IDENTITY SYSTEM . . . . . . . . . . . . . . . . . . . . . . . . . xiii FIGURE 0.2  GOOD PRACTICES FOR PROCUREMENT OF ID SYSTEMS . . . . . . . . . . . . . . . xv FIGURE 0.3  LEGAL TERMS AND CONDITIONS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv FIGURE 1.1  LIFECYCLE OF A DIGITAL IDENTITY SYSTEM . . . . . . . . . . . . . . . . . . . . . . . . 1 FIGURE 1.2  ARCHITECTURE PRINCIPLES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 FIGURE 1.3  THE “DOS” OF THE PROCUREMENT PROCESS . . . . . . . . . . . . . . . . . . . . . . . 7 FIGURE 2.1  ISSUE AND MITIGATION FOR VENDOR AND TECHNOLOGY LOCK-IN . . . . . . . . . 12 FIGURE 2.2  KEY COMPONENTS OF A REQUEST FOR PROPOSALS . . . . . . . . . . . . . . . . . 18 FIGURE 2.3  EVALUATION AND QUALIFICATION CRITERIA . . . . . . . . . . . . . . . . . . . . . . 20 FIGURE 2.4  SCOPE OF WORK . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 FIGURE 2.5  CONDITIONS OF CONTRACT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 FIGURE A.1  KEY CONSIDERATIONS IN THE “PLAN & DESIGN” PHASE OF AN ID SYSTEM . . . . 29 FIGURE A.2  PROGRAM ELEMENTS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 FIGURE A.3  CORE IDENTITY FUNCTIONS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 FIGURE A.4  ANCILLARY IDENTITY FUNCTIONS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 FIGURE A.5  INSTITUTIONAL STRUCTURE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 FIGURE A.6  GOVERNANCE STRUCTURE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 FIGURE A.7  OVERVIEW OF OPERATING MODEL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 FIGURE A.8  BUSINESS MODEL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 | iv    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS LIST OF TABLES TABLE 1.1  BEST PROCUREMENT PRACTICES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 TABLE 2.1  RISKS AND MITIGATION DURING THE PROCUREMENT CYCLE . . . . . . . . . . . . . 10 TABLE 2.2  KEY DECISIONS IN THE TWO-STAGE PROCUREMENT PROCESS . . . . . . . . . . . . 17 TABLE 2.3  INSTRUCTIONS TO BIDDERS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 TABLE 2.4  EVALUATION CRITERIA IN THE FIRST STAGE . . . . . . . . . . . . . . . . . . . . . . . 20 TABLE 2.5  EVALUATION CRITERIA IN THE SECOND STAGE . . . . . . . . . . . . . . . . . . . . . . 21 TABLE 2.6  TECHNICAL EVALUATION CRITERIA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 TABLE 2.7  COMMERCIAL EVALUATION . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 TABLE 2.8  SCOPE OF WORK . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 TABLE 2.9  MASTER SERVICES AGREEMENT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 TABLE 2.10  NON-DISCLOSURE AGREEMENT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 TABLE 2.11  PAYMENT SCHEDULE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 TABLE 2.12  SERVICE LEVEL AGREEMENTS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 TABLE 2.13  SPECIAL CONDITIONS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28    |   v ABOUT ID4D The World Bank Group’s Identification for Development (ID4D) Initiative uses global knowledge and e ­ xpertise across sectors to help countries realize the transformational potential of digital identification systems to achieve the Sustainable Development Goals. It operates across the World Bank Group with global practices and units working on digital development, social protection, health, financial inclusion, governance, gender, and legal, among others. The mission of ID4D is to enable all people to access services and exercise their rights enabled by inclusive and trusted digital identification systems. ID4D makes this happen through its three pillars of work: • Thought leadership and analytics to generate evidence and fill knowledge gaps; • Global platforms and convening to amplify good practices, collaborate, and raise awareness; and • Country and regional engagement to provide financial and technical assistance for the implementation of inclusive and responsible digital identification systems that are integrated with civil registration. The work of ID4D is made possible with support from the World Bank Group, Bill & Melinda Gates Foundation, the U.K. Government, the French Government, the Australian Government and the Omidyar Network. To learn more about ID4D, visit id4d.worldbank.org. To participate in the conversation on social media, use the hashtag #ID4D. About ID4D  |   vii ACKNOWLEDGEMENTS This guide and checklist were prepared by Ernst & Young Global Limited (Thampy Koshy, Neeraj Jain, Rajeesh Menon and Mohit Singhal), as part of the Identification for Development (ID4D) Initiative, the World Bank Group’s cross-sectoral effort to support progress toward identification systems using 21st century solu- tions. It was made possible through the generous support of the partners of the ID4D Multi-Donor Trust Fund (Bill & Melinda Gates Foundation, the U.K. government, the French Government, the Australian government and the Omidyar Network). The guide and checklist benefited greatly from the inputs by Seth Ayers, Jerome Buchler, Luda Bujoreanu, Hunt La Cascia, Julia Clark, Adam Cooper, S.M. Quamrul Hasan, Anita Mittal, Georg Neumann, Tiago Carneiro Peixoto, Michiel van der Veen and Edgar Whitley under the supervision of Vyjayanti Desai. The guide and checklist are being published for consultation and may be updated based on feedback received. ID4D appreciates any feedback by email: id4d@worldbank.org. This work is a product of the staff of the World Bank with external contributions. The findings, interpretations, and conclusions expressed do not necessarily reflect the views of the World Bank, its Board of Executive Directors, or the governments they represent. The World Bank does not guarantee the accuracy of the data included in this work. | viii    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS ABBREVIATIONS ABIS Automated Biometric Identification System ACD Automatic Call Distribution AFIS Automated Fingerprint Identification System AMC Annual Maintenance Contract API Application Programming Interface BOOT Build Own Operate Transfer BOT Build Operate Transfer COTS Commercial Off-the-Shelf CRM Customer Relationship Management CRVS Civil Registration and Vital Statistics DC LAN Data Center – Local Area Network DC WAN Data Center – Wide Area Network eID Electronic Identity e-KYC electronic - Know Your Customer EOI Expression of Interest FMR False Match Rate FNMR False Negative Match Rate FPIR False Positive Identification Rate FNIR False Negative Identification Rate ICT Information and Communications Technology ID Identity ID4D Identification for Development (World Bank Group Initiative) IEC Information, Education and Communication IPR Intellectual Property Rights IT Information Technology IVRS Interactive Voice Response System KPIs Key Performance Indicators LOAs Level(s) of Assurance MSA Master Services Agreement NDA Non-Disclosure Agreement NOC Network Operation Center OTP One Time Password PIN Personal Information Number PKI Public Key Infrastructure PoA Proof of Address PoI Proof of Identity Abbreviations  |  ix PoR Proof of Residence RFI Request for Information RFP Request for Proposal SDG Sustainable Development Goal SLA Service Level Agreement SOC Software Operation Center SOP Standard Operating Process UAT User Acceptance Testing UIN Unique Identity Number YoY Year on Year | x    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS EXECUTIVE SUMMARY Identity (ID) systems are enablers for countries to • Implementation phase: After the selected achieve economic growth, financial inclusion, and vendor(s) are onboarded, implementation social protection goals. A well-established, founda- activities are initiated. As part of this phase, tional ID system can improve efficiency and efficacy the ID authority continuously monitor the imple- of public services delivery and reduce leakages. An mentation to ensure that it complies with the estimated one billion people worldwide1 struggle to requirements. prove their identity. The ‘invisible billion’ are typi- • Steady state: After a successful deployment cally members of the poorest and most vulnerable of the ID system, the ID authority needs to groups, with a majority living in Sub-Saharan Africa continuously monitor the performance of the and South Asia. Additionally, 47 percent of those system and the vendor, user experience, and without identification (ID) are children or youth under the changes taking place in the ecosystem the national ID age who were not registered at birth. to ensure sustainability of the program. This will drive refinements, upgrades, and innova- Lifecycle of an ID system: The typical implementa- tions to ensure better performance and user tion lifecycle of ID systems is illustrated in figure 0.1. experience. • Plan and Design phase: As a first step, major Importance of Effective Procurement Strategies elements of the ID system are defined. These in Ensuring the Success of an ID system: Imple- include big-picture policy decisions, various menting ID systems is a challenging endeavor and core and ancillary identity functions, definition requires a variety of technological, program, and of business and operating model(s), transition change management skills, that may need to be strategy and institutional structure for manag- sourced from a number of qualified local and global ing the program. These are often done within a vendors. Often, ill-equipped institutional structures constitutionally approved legal framework that and skill/competency gaps in the local population are governs the operation of the program within a challenges faced by low- and middle-income coun- country, a resident’s charter that drives the goal tries in successfully implementing large and complex of people-centricity in the ID services offered by e-governance programs, like a foundational ID sys- the program, and the design principles for the tem. Poor procurement processes and weak vendor implementation of the ID system. contract management often leads to failed procure- • Procurement phase: Once the program strat- ment, implementation delays, and vendor and tech- egy for the ID system is defined by the ID nology lock-in. A World Bank multi-country study of authorities in the plan and design phase, the ID system costs has demonstrated that the impact next critical steps are development of procure- of procurement strategies could range anywhere ment strategy and request for proposals (RFP) between 25 percent to 100 percent of the total cost to select vendors. of the program.2 Hence, how well the procurement FIGURE 0.1  Phases of a Digital Identity System Phase of digital identity system Plan and Design Procurement Implementation Steady state Legal and regulatory framework Resident charter Design principles Governance 1 https://id4d.worldbank.org/global-dataset 2 http://id4d.worldbank.org/Cost-Model. Executive Summary  |  xi process is managed is a key determinant of the long- terms goals of the country, as well as suf- success of any ID system. ficiently elaborating the various business and technical requirements for an ID system. The World Bank published a Practitioner’s Guide3 to assist governments, development partners, • Provide a checklist to ascertain whether the ID authorities have accommodated all the neces- academics, researchers, and implementation sary considerations around the various design agencies in evaluation, design, implementation, components of an ID system. and management of a foundational ID system. This guide provides a 360-degree view of the planning • Provide specific guidance around various and design phase in greater detail, and practitioners design and procurement elements in a robust, are encouraged to refer to this material for more open, interoperable, technology neutral ID detailed guidance on high-level policy and design system. decisions. • Highlight the risks of vendor and technology lock-in and the possible mitigation measures. Need for a Procurement Guide and Checklist: On account of the complexity and the vastness of The procurement phase of an ID system imple- diverse procurement practices in digital ID systems mentation has two key stages – beginning with the across the world, this Procurement Guidance and development of a procurement strategy, and fol- Checklist for Digital Identification Systems has been lowed by the procurement process, which includes developed building on the lessons from different development of RFPs, bid evaluation and selection countries. It focuses on the procurement phase in of the vendor, and signing of the contract(s) with the greater depth and detail. This document has been selected vendors. designed to be equally useful for countries planning for an entirely new ID system (i.e. a greenfield ID Development of a Procurement Strategy: This system) as well as for countries that are planning to requires a detailed assessment of a country’s exist- modernize legacy ID systems (i.e. a brownfield ID ing ID system(s), current coverage of its popula- system). This document is aimed at assisting gov- tion and the target state to be achieved, its current ernments, multilateral institutions, and consultants human resource capabilities and institutional struc- in systematically assessing the procurement needs ture. Further, a study of the technology landscape and carrying out the procurement processes in a is needed to select the system architecture and structured manner. technologies that are suitable, as well as scanning domestic and international markets to identify poten- It is recommended that this document be read along tial bidders who have proven capability in execut- with the reference documents mentioned in this ing such large transformation programs. This stage report, and in particular, the Practitioner’s Guide4. could also involve extensive vendor consultations to gauge market interest. This should form the basis for The key objectives of this procurement guidance and ID authorities to design an RFP in accordance with checklist are to: its vision that has been developed as part of the plan and design phase. • Assist ID authorities and practitioners in outlin- ing a robust ID system procurement strategy. The procurement strategy should outline the effective • Provide guidance on key program decisions approach to bring the various solutions and capabili- and considerations for the development of ties together in a holistic fashion and also articulate RFP(s). the nature of engagement between the ID authorities • Enable ID authorities in developing effective and the various vendors. ID authorities should look RFP(s) which are aligned to the short- and to accommodate international best practices and global lessons in their procurement strategies. 3 https://id4d.worldbank.org/guide. Figure 0.2 highlights some of the good procurement 4 http://id4d.worldbank.org/guide. practices seen in global ID system implementations. | xii    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS FIGURE 0.2  Good Practices for Procurement of ID Systems Development of Specifying ‘right’ in-house capability service ‘level’ agreements Ownership of ‘critical Use of open system’ components standards ‘Architectural isolation’ Ensuring of technology solution interoperability Compliance to Open competitive ‘security and privacy’ bidding laws Vendor and Adoption of technology performance linked neutrality models Articulation of roles and Well defined terms responsibilities of licensing model Encourage Appropriateness Consultation ‘domestic participation’ of bill of materials with vendors FIGURE 0.3  Legal Terms and Conditions Legal terms and conditions Indemnity and Payment Payment Invoicing and Confidentiality limitation of Warranty schedule timelines settlements guidelines liability Data Dispute Data ownership Force majeure Contract resolution protection Tax and terms extension mechanisms requirements portability Change orders Intellectual Severability Non disclosure and scope property and waiver AMCs Audit agreement deviations rights (IPR) guidelines Sub- Transition and Contract Maintenance contracting Compliance reverse Insurance termination support and with laws transition consortiums Executive Summary  |   xiii A key challenge that needs to be tackled while devel- of the bid process, followed by the selection of the oping the procurement strategy is the potential for vendor(s) and awarding of contract(s). vendor lock-in. Therefore, while developing the pro- curement strategy for an ID system, ID authorities While general terms and conditions in the vendor should try to mitigate the risks of vendor and technol- contract would be based on the standard legal frame- ogy lock-in scenarios by using open technology stan- works for procurement, vendor contracts would also dards, globally accepted interoperability practices, include special conditions which could be key for and strong procurement processes that minimize the success of an ID system. The illustration above contractual constraints in the choice of technology ­ (figure 0.3) provides an overview of the various legal and supplier(s). considerations that should be addressed in vendor contract(s). Procurement Process: The development of RFP(s) will be based on the procurement strategy and By carefully designing a robust procurement strat- detailed business/technical specifications designed egy and systematically executing the procurement by the ID authorities (in the plan and design phase, ­ processes, ID authorities can lay the foundation for a as outlined earlier). The final stage is the conduct strong and sustainable ID system. | xiv    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS 1. ID SYSTEM LIFECYCLE As a foundation for the development of the ID pro- • Critical programmatic and architectural princi- curement checklist, extensive research has been ples that govern the ID system design undertaken which included: • A strong governance framework to ensure compliance to policies and standards • A study of procurement processes adopted for ID systems by various countries across the world • Consultations with key global experts and prac- titioners in this domain Legal Framework The four phases in the lifecycle of an ID system Defining an appropriate legal framework is the first implementation, are illustrated in figure 1.1. important step that governments should consider when building an ID system. It is an important program prior- Enabling Tenets of an ID System 1 ity for any ID system because this helps to build trust in the system. This legal framework should therefore It is recommended that the conceptual design of a provide for a transparent and cohesive set of policies digital ID system is preceded by clear articulation of and regulatory guidelines that govern the collection, enabling tenets upon which the system will be based. management, and use of an enrollee’s personal data These tenets include: by all authorized participants in the ID system. • A comprehensive legal framework that provides Such a legal framework enables a legally tenable the appropriate policy and regulatory basis for ID credential that will be recognized by public and the proposed ID system private sector service providers helping them to • An actionable resident charter that delineates provide services based on authentication of their the service level offered by an ID system to its ID credential. end users FIGURE 1.1  Lifecycle of a Digital Identity System Phases of digital identity system Plan and design Procurement Implement Steady state Program elements Procurement Vendor Monitoring Monitoring components procurement and and Ancillary compliance to evaluation Legal and regulatory framework identity Bidding Core identity Architectural Services Infra requirements function process functions governance Design principles Resident chapter Operating Audit and Governance Business model Institutional compliance model Transition structure strategy Innovation Technology design strategy Transition Application Biometrics ecosystem strategy Information Infrastructure security ecosystem This section briefly explains the key design prerequisites and elements for an ID system implementation, ­ followed by a detailed review of the “procurement phase” in subsequent sections. 1 World Bank. 2018. Principles on Identification for Sustain- able Development: Toward the Digital Age. Washington, DC: World Bank Group. http://documents.worldbank.org/curated​ /en/213581486378184357/Principles-on-identification-for​ -sustainable-development-toward-the-digital-age. ID System Lifecycle  |   1 Although the legal and regulatory framework may FIGURE 1.2  Architecture Principles vary from country to country, the laws that could enable the implementation and sustainability of an 1 Openness ID system are the following: and vendor neutrality • ID law • Civil registration law • • ICT laws Data protection law Security and privacy design 2 • Citizenship law • Cybersecurity law 3 Scalability A more detailed understanding of the legal framework associated with the implementation of ID systems and their implications for public services is provided in the G20 Digital Identity Onboarding report2 and the ID Interoperability 4 Enabling Environment Assessment (IDEEA) Guidance Note.3 Resident’s Charter 5 Manageability and reliability A “resident’s charter” from the ID authority repre- sents the commitment by the government towards providing seamless and accessible identity services to people in the country (similar to a minimum ser- A. Openness and vendor neutrality vice performance agreement). Such a charter out- Avoiding vendor lock-in should be a key require- lines directional guidelines for the ID authority to ment for large ID system implementations. This can ensure quality and time-bound service delivery, pro- be achieved by following open standards and tech- visions for grievance redress, and transparency and nology solutions that are less or not dependent on accountability in all processes dealing with resident proprietary components. Openness in the ID system data. A strong resident’s charter is a key component design is also enabled by vendor-neutral technology in successful ID system implementations. interfaces and open data formats. This is important for the following reasons: Architecture Principles of an ID System Based on the requirements outlined in a coun- • To ensure the long-term sustainability of the ID system. try’s legal framework and resident’s charter, the ID authority may prescribe overarching design princi- • To provide ID authorities with the flexibility to ples that will drive the implementation strategy of the adopt the best technology products available ID system, for example, as in the shared principles from different vendors. developed by the ID4D initiative.4 An overview of the • To ensure cost-effective services. architecture principles is presented in figure 1.2. B. Security and Privacy by Design 2 GPFI. 2018. G20 Digital Identity Onboarding. Washington, DC: World Bank Group. https://www.gpfi.org/sites/gpfi/files​ Safeguarding personal data in an ID system to pre- /documents/G20_Digital_Identity_Onboarding.pdf. vent unauthorized access and/or alterations of an 3 World Bank. 2018. ID Enabling Environment ­ Assessment (IDEEA) Guidance Note. Identification for ­ Development. individual’s data must be a foundational principle. Washington, DC: World Bank Group. http://documents​ This includes adopting internationally accepted .worldbank.org/curated/en/881991559312326936​ /ID-Enabling-Environment-Assessment-Guidance-Note. norms and best practices, as well as having the nec- 4 https://id4d.worldbank.org/principles. essary legislation for privacy and data protection. | 2    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS The security strategy for an ID system should broadly • The data collected to issue a UIN must be only comprise of: used for the identity verification and authenti- cation of residents and this data must not be • Defense in depth: The principle of “defense- shared to external entities without appropriate in-depth” ensures layered security mecha- legal authorization. nisms that would increase security of the ID system. If an attack causes one security • For public reporting purposes, there should be provisions only for sharing or displaying aggre- mechanism to fail, other mechanisms may gated data of an enrolled population still provide the necessary security to protect the system. • Using advanced encryption and anonymization mechanisms, to ensure security of the data col- • Secure by default: All personally identifiable infor- lected from individuals. mation (PII) should be encrypted both “at rest” as well as “in transit”. PII data must be secured at • Adopting features such as tokenization or all times, and there shall be no direct access to it pseudo anonymization.5 other than through well-designed services. C. Scalability • Run with least privileges: A system user should During the course of an ID program, the amount be provided with minimum rights and privileges, of data managed by the ID system increases over just enough to perform the intended function. time and hence adequate attention must be given to • All the hardware assets used in an ID system strengthen technology and processes on an ongo- must be secured throughout their lifecycle as ing basis. This can be achieved by the following they may contain sensitive data even after measures: being decommissioned. • Different parts of a dataset might need different • Ensuring the technology infrastructure is able security classification. to scale horizontally (for compute and storage requirements), that is, enable additional system Privacy pertaining to a resident’s PII data is a resources to be added without having to shut cross-cutting principle across all design elements down the core system components. of an ID system. The privacy of an individual’s • Loose coupling of the components through data should be considered as a fundamental right. APIs. Hence, ensuring the compliance with the prevailing data protection and privacy laws of the country is D. Interoperability critical to the success of an ID system. Privacy of Globally, ID systems are increasingly being designed residents is ensured by clearly defining what data using a platform-based approach, where the service is collected, the permissible uses of the data, and components are defined to be modular in nature. by ensuring that data is not shared with other enti- Embracing open interoperability principles is an ties without prior permission and consent of the essential requirement, to support seamless integra- user. The data privacy strategy should also accom- tion between the ID system and third-party systems modate the “right to be forgotten” function in the ID (of both public and private agencies) for delivering system design. Privacy of residents can be ensured public services to the end users. through several approaches, such as: • The ID system should follow a minimalistic E. Manageability and Reliability approach around the collection of demographic ID systems undergo many changes over time, and biometric data. It is advisable to only collect including legal, process, and technology-related data that is required to ensure unique identity of changes. Hence, manageability (that is, ease of residents and for issuing a unique identification number (UIN). 5 For more information, see World Bank. 2018. Privacy by • The UIN issued as an ID number should be Design: Current Practices in Estonia, India, and Austria. Washington, DC: World Bank. http://documents.worldbank.org/ completely random and with no built-in intelli- curated/en/546691543847931842/pdf/132633-PrivacyByDesign- gence to limit the profiling of residents. 02282019final.pdf. ID System Lifecycle  |   3 implementing changes) of an ID system is impor- • Ancillary identity functions, which includes tant. At the same time, it is important for the sys- important supporting services and function tem to handle failures resiliently and to require such as customer relationship management, minimum human intervention. The ID system must training, testing and certification, capacity be resilient against hardware and software failures building, and information, education and com- and avoid any single point of failure. Continuous munication (IEC) strategy. monitoring of service components within the ID • Other key elements, such as architectural system is necessary to ensure adequate integrity governance, institutional structure, busi- of data and uninterrupted availability of business ness model, operating model, and transition processes. strategy. Based on these considerations, a technology design Governance strategy may be developed at the end of this phase. ID authorities need to frame policies and administra- For more information on the plan and design phase, tive procedures pertaining to many key components see appendix A. and activities – such as the oversight of the differ- ent participating agencies involved, periodic review of the technology infrastructure, management of Phase II – Procurement human resources, timely management of issues or The plan and design phase defines the overall grievances from service providers and residents, architecture of the ID system and drives the next and budgeting and planning, among others – to key phase in the ID system lifecycle – the procure- ensure smooth running of the ID system. A strong ment phase. Transparent, open, and competitive governance model ensures that there is effective bidding are fundamental to ensuring good and performance monitoring and control of service deliv- ­ sustainable procurement practices. The procure- ery and quality. ment phase of an ID system encompasses two stages: Phase I – Plan and Design A. Development of Procurement Strategy This phase plays an essential role in drafting of ID authorities need to outline the procurement strat- the procurement strategy by ID authorities. Before egy for procuring services and infrastructure to build, commencing on the ID system design, it is recom- operate, and maintain an ID system. A procurement mended that ID authorities carry out preliminary strategy development involves: studies (for example, social surveys, underlying telecommunications environment studies, cyberse- • In-house capability assessment curity and privacy assessments, review of any leg- • Market analysis and vendor consultations acy ID systems, among others) to gauge the current landscape. This will aid in estimating the necessary • Risk assessment human resource efforts, costs and implementation • Evaluating the procurement options timelines. The design should ensure adherence to • Developing procurement considerations for IT the legal and regulatory framework and resident components. charter for the country. This phase forms the foun- dation for procurement of services and infrastruc- Table 1 highlights some global best practices to be ture by articulation of the program elements of the considered while designing procurement strategies ID system, such as: for ID systems. • Core identity functions, which includes enroll- Box 1.1 provides an example of lessons from the pro- ment, verification, authentication, and service curement process in the implementation of India’s ID ecosystem. system. | 4    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS TABLE 1.1  Best Procurement Practices Practice Impact 1. Develop in-house techni- If in-house technical expertise is not available to the ID authorities for executing the procurement cal expertise process, they could leverage international technical expertise for support in the technical design as well as the procurement phases. However, ID authorities should adequately plan to build their own capacity over a period, to avoid being unduly dependent on vendors and thus resulting in a vendor lock-in leading to a higher program cost. 2. Ownership of key technol- A procurement model should provide for government ownership over data and key technology ogy components components and should enable seamless transfer of system management and services to alternative providers. If the ownership does not rest with the government, it may result in risk of vendor and technology lock-in and data privacy issues. 3. ‘Architectural isolation’ For certain cases where proprietary technologies are unavoidable (e.g., biometrics) innovative of niche technology procurement strategies like multivendor arrangements and insistence on seamless plug and play solutions interfaces could be evaluated and adopted in the ID system procurement processes. 4. Open competitive bidding Emphasizing an open and competitive procurement process that gives no special advantage to any specific set of vendors. 5. Adoption of performance- Performance-linked contracts bring greater vendor accountability and enable efficient use of program linked models resources. ID systems will be able to leverage improvement in the solution over time. Provision of performance-linked procurement models in such complex ID systems is an efficient way of managing vendors. 6. Well-defined terms of The licensing model for the tools/infrastructure/software, etc, should be clearly specified whether it is licensing model perpetual, device based, annual subscription based, etc, as it may have a huge cost impact and may lead to a lock-in of the critical information. 7. Encourage domestic Provisions for opportunities for participation of domestic vendors will ensure that in-country capabilities participation are developed resulting in less reliance on external vendors as well as paring down the additional cost. 8. Clear articulation of roles Articulating roles and responsibilities of human resources ensures smooth running of the system. It will and responsibilities also enable better program governance. 9. Avoidance of vendor and Conscious effort to avoid vendor and technology lock-in can prevent multiple risks because of technology lock-in dependence on vendors, such as increased costs in the future and data portability. 10. Specifying the right ser- This is vital to ensure satisfactory levels of service on a continuous basis. vice level agreements 11. Appropriateness of bill of Bill of materials (BOM) should be accurate with clear specification of sizing and quantity. It will assist materials (BOM) vendors to meet commercial requirements and can prevent discrepancies among bids. 12. Ensure interoperability Having a clear vision of the need for interoperability and open-standard driven technology will provide and use of open standards ID authorities with enough flexibility to easily upgrade critical system components with lower vendor dependency. 13. Consultation with the Having consultative workshops with potential vendors provides governments with an opportunity to potential vendors gauge the market interest for the ID program, as well as apprise themselves of modern and emerging trends in ID system technologies. It also increases competitiveness and reduces the risk of technology lock-in. Feedback from vendors in other countries can assist governments in achieving their stated objectives. ID System Lifecycle  |   5 Box 1.1: Lessons from the Procurement Process of India’s ID System, Aadhaar India’s ID authority, the Unique Identification Authority of India (UIDAI), implemented a ­p artnership model with third party agencies to manage enrollment and data update ­ o perations. This approach helped in combining the infrastructural capacity of the government and the technical expertise of private agencies to build a system to ensure better service deliv- ery to residents. Adopting an outcome-based approach also helped in scaling the solution, as well as the ­ ability of the underlying technology to seamlessly handle UIDAI’s evolving requirements. UIDAI conducted several proof-of-concept exercises and field tests to determine the capability of vari- ­ ous solutions available in the market and benchmark against their own requirements. Adopting a unique biometric design strategy – with several automated biometric identification system (ABIS) vendors – also helped avoid vendor lock-in, and increased scalability of the system. This also ensured that the biometric vendors were constantly competing to improve their speed and accuracy. The use of three ABIS vendors (and thereby, three different proprietary algorithms) helped in estab- lishing vendor and technology neutrality. UIDAI also used a two-pronged technology design approach – open standards and open APIs – which helped them to promote competition among vendors, thereby enabling UIDAI to deploy the best-in-class solution for Aadhaar. India’s Aadhaar system relied on a competitive, standards-based (plug and play) procurement model. It emphasized standards that promoted transparency, accountability, scalability, and technical compli- ance. These, as well as real-time quality monitoring, allowed flexibility in the procurement process and drove competition among vendors, thereby limiting costs. Source: https://www.nipfp.org.in/media/medialibrary/2016/09/WP_2016_176.pdf. B. Procurement Process Preparation of an RFP to procure suitable vendors This stage includes preparation of the request for is the vital stage in the procurement phase; where proposals (RFP) and managing the bid process to the ID authority shall take necessary precautions select and onboard the vendor(s) for services and to avoid any pitfalls. An overview of many recom- infrastructure needs and awarding contract(s) to the mended provisions to be included in ID system RFPs selected bidder(s). is highlighted in figure 1.3. A more detailed view of the various components of the procurement process is provided in appendix A. | 6    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS FIGURE 1.3  The “Dos” of the Procurement Process Evaluation criteria „ Competition should be open and wide „ Evaluation criteria should be clear and measurable „ Simple bid formats for clear bid responses and easy evaluation Scope of work „ Outcomes clarity „ Design principles „ Program standards to be adopted „ Clear scope of work „ Service levels „ Well defined timelines „ Unambiguous roles and responsibilities „ Knowledge transfer „ Identified risks and their mitigation Provisions of contract „ Clarity on payment terms „ Intellectual property rights with the purchaser „ Data ownership, data residency with the government „ Change management clearly defined „ Dispute resolution Phase III – Implementation Phase IV – Steady State After the procurement of services and infrastructure After a successful deployment of the ID system, components, ID authorities need to implement the ID authorities needs to continuously monitor the ID system. This phase will cover the execution of performance of the system and the vendor, user planned development activities, roll out the ID sys- experience and the changes taking place in the tem, and integration with third-party service delivery ecosystem to ensure sustainability of the program. systems for providing services, and so on. This will drive refinements, upgrades, and inno- vations to ensure better performance and user During this phase, there should be continuous moni- experience. toring to ensure the comprehensiveness of the imple- mentation activities (as against the requirements This phase should also provide for: stated in the RFP(s)), as well as ensuring adherence to process and technical specifications, contractual A. Monitoring and Evaluation conditions, and implementation timelines. For more It is critical to have a consistent and standard- information, see appendix B. ized management and monitoring process, ID System Lifecycle  |   7 that serves as a strong control mechanism for ecosystem for residents. The adoption of such ID authorities and service providers, during an ID system ecosystem will benefit residents. ­ ervices to residents. the delivery of ID-based s ID authorities will have to generate reusable Once the services are planned, designed, and components and solutions which can be lever- supervised and mon- procured, they need to be ­ aged by public and private agencies. Multiple itored for: innovative strategies can be adopted by ID authorities, such as; • Ensuring zero disruption of services • Meeting service levels • Service catalogue – ID authorities should seek to continuously introduce new services, • Compliance to planned budgets as well as simultaneously enhance services • Operational efficiency levels provided for existing services, through • Fraud prevention technological innovations. • Calibration and technological refreshes. • Channels – ID authorities should provide new channels for improving convenience to Monitoring and evaluation processes include residents. a periodic review of enrollment processes, • Privacy and security – ID authorities should personnel and infrastructure to ensure quality, continuously strive to enhance security and efficiency, and effectiveness. ID authorities will privacy by implementing best practice. need to first define certain performance levels across various services and processes, which • Technology innovation – Based on the anal- ysis of user needs and services that deliver would then be measured against actual perfor- real benefits, this could be achieved by: mance. This would help in independent evalua- tions of the ID services. – Enhancing performance of systems – Eliminating vendor specific components A good monitoring framework will also clearly by developing in-house or leveraging outline the personnel who will carry out the open-source components to reduce evaluation, the frequency of evaluations, and cost of technology the necessary actions to be undertaken in case parameters are not met. the service levels/­ – Automation of routine activities – Using emerging technologies, such B.  Compliance Audits as artificial intelligence (AI) and machine learning (ML) to bring process This will ensure a comprehensive review of efficiencies the service providers’ adherence to guidelines. The audit reports ­ evaluate the strength and D. Transition strategy thoroughness of ­ compliance to specified pro- ID authorities have to make many important cesses, security policies, user access controls, decisions around the procurement or renewal and risk management procedures. of services and infrastructure components once the contract expires. Therefore, they should This phase of the ID system lifecycle also have a detailed transition strategy to migrate includes the following to help wider adap- the ID system components from one vendor to tion and continued sustainability beyond initial another. contract: Chapter 2 provides further detail on each of the Enabling Innovation C.  phases and the factors that influence the system ID systems can be the foundation for public design and procurement choices for ID authori- and private agencies to build a viable services ties. For more information, see appendix C. | 8    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS 2. A DETAILED VIEW OF THE PROCUREMENT PHASE This chapter elaborates the various activities under- include or exclude specific services or infrastructure taken in the procurement process once the plan components for outsourcing and plan for in-house and design” phase is c­ ompleted. ID authorities are elements. capacity development of critical ­ expected to take key decisions with respect to pro- curement of services and ­infrastructure. Market Analysis and Vendor Consultation A thorough market analysis exercise will allow ID Procurement Strategy authorities to understand the landscape of poten- tial bidders, how they operate as well as the vari- Prior to selection the vendors for implementing the ous products and services they ­offer. This would also ID system, the ID authority needs to formulate an give authorities an opportunity to seek input on the overall procurement ­strategy. This section details the proposed scope of work and proposed solution for key decisions and options for ID authorities in the the ID ­system. This feedback can be used to make procurement strategy, as well as the advantages and the necessary alterations in the scope of work and disadvantages of the different ­options.1 develop a more comprehensive RFP and make it bidders. Through this exercise, an more attractive to ­ Assessment of In-House capability ID authority can assess a timeline for the IT infra- structure to be delivered and commissioned accord- The ID authority’s in-house technical expertise, in ing to which key decisions could be ­taken. terms of both constraints and enablers, will signifi- ­ trategy. Therefore, ID cantly affect the procurement s The market analysis could be done to evaluate the authorities need to undertake a detailed assessment following: following. of the ­ • Assess the number of potential bidders who Capability in Managing the Procurement Process can successfully execute the complex project The key considerations while assessing the capacity and whether to allow foreign firms to participate and capability of the ID authority in terms of procure- in case of absence or scarcity of competent ment process are: local ­vendors. • Likely challenges in executing the project (for • Resources with experience and capability in bid example, implementation timelines, supply- process management including defining evalu- chain issues, payment issues, among ­others). ation criteria, scope of work and legal terms management. and conditions and contract ­ • solution. Fair price of the ­ • solution. Feasibility of the proposed ­ • Technical capability to detail technical and functional specifications for products and ser- vices of the ­ solution. Risk Assessment The aim of a risk assessment exercise in an ID pro- Capability for Development and Management of gram is to identify the risks involved in the execu- Various Solution Elements tion of the project, both during the procurement and ID authorities have to decide which of the services after onboarding the v­ endor. Table 2.1 elaborates the and infrastructure components are to be procured potential risks that could occur during the procure- versus which can be developed i ­n-house. ID authori- ment cycle, as well as the impact on the procurement ties should evaluate their in-house capabilities and process with possible ­ mitigations. Box 2.1 provides an example of how poor articulation 1 For more information on dos and don’ts in the procurement, in the planning and design of an ID system can lead please refer to the World Bank procurement ­guidelines. to challenges in the procurement ­phase. A Detailed View of the Procurement Phase  |   9 TABLE 2.1  Risks and Mitigation During the Procurement Cycle Risk Impact Possible Mitigations 1. Noncompetitive bidding - Genuine bidders do not participate - Increased procurement oversight process - Procurement delays -Open competitive bidding based on market analysis and - Increased prices and poor industry consultations value-for-money - Complaint handling mechanism - Reduced quality of services -Introduce or strengthen e-procurement systems - Reduced lifespan of assets -Ensure widest competition through global tendering 2. Procurement process Procurement processes are inefficient, inef- - Comprehensive public procurement law does not meet interna- fective, not transparent, or unfair leading to - Open competitive bidding tional standards increased prices, reduced quality, procure- - Enable use of e-procurement system ment delays and loss of funding allocation -Ensure widest competition by international advertising 3. Poor procurement plan- - Increased prices - Strengthen project preparation activities ning and inadequate - Purchase of unsuitable products or services -Hire specialized technical assistance for procurement information in terms of - Procurement delays -Appropriate quality specifications for the products technical specifications, - Reduced lifespan of products -Appropriate service level specifications for services ­ tc. contracting strategy, e - Reduced quality 4. Deficient contract - Contract failures -Contract management provisions are included in the RFP management - Increased prices -Assign contract managers with defined duties and - Reduced quality responsibilities - Inefficiency - Good project management unit (PMU) 5. Limited oversight of - Reduced competition -Effective governance mechanism with third-party review of procurement and - Increased prices procurement process fraudulent practices - Reduced quality -Measures to strengthen transparency - Better complaint handling mechanism 6. Variation in scope or Quality of work delivered by the bidder - -Improve specifications and cost estimates (hire external costing after contract decreases technical assistance in case of limited capacity) award Bidder does not focus on certain services - -Include as much background information as possible in or can deliver low-quality products in the the terms of reference, such as, but not limited to: overall latter phase of the project strategy, business objectives, strategies, detailed current state assessment, appropriate architecture diagrams (even for out-of-scope systems that would need to be interfaced with) -Insert comprehensive statement of work (sharing of responsibilities between main parties for the implementation, operation and maintenance of the systems) - Strong contract management 7. Abnormally low or Contract prices increases ­ - (e.g. change Strong prequalification criteria to carefully assess and - high bids requests, etc) weed out low-quality bidders who are trying to buy the ID authority loses the flexibility to - contract negotiate on certain conditions Design strong technical qualification criteria so that - deserving bidders can score good marks Final selection criteria should not solely depend on - financial proposal but a mix of technical and financial proposal to ensure value for money 8. Evaluation period takes - Procurement timeline increases Evaluation should be made objective, to the extent - too long - Bidders loses interest possible -Technology evolves rapidly, and technical Inappropriate bidders to be removed during prequalification - specifications can change significantly Technical and commercial forms should be informative - enough for easy scoring of the bidders | 10    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS Box 2.1: Poor Planning and Design Leads to Challenges in Procurement Phase A country in Africa tasked its national registration authority with the establishment and maintenance register. The mandate was to create, manage, maintain and operationalize of a national identification ­ register. Serious procurement problems delayed the project in 2010. the ­ In the country concerned, identity programs were run by different government a ­ gencies. Most interlinked. A commission was set up to create a national identity man- identity systems were not ­ agement system to enable secure, reliable and authentic verification of an individual’s identity anywhere in the country and facilitated service delivery in government and the private ­sector. The major challenges faced by this ID program include, but are not limited to, the following: • Enrollment posed a central challenge for identity platforms to achieve nationwide coverage of data collection about ­ citizens. Partnerships were one way by which the task of enrollment could have been ­ managed. But, the country had limited success in partnerships to build its national ID ­system. For example, a US$236 million contract was awarded to a foreign company in 2001 to enroll the population and issue ­ million cards. The program ran for five years, registering 52.6 ­ out of planned 60 million people and issuing 37.3 million ­ NIDs. However, the project was discontinued in 2006 because of allegations of impropriety over the contract ­ ­ award. Addressing the legacy of this failed project initially hampered the commission’s implementation of a new ID ­card. • Conducting biometric enrollment by each identity program lead to a substantial duplication of efforts, in terms of procuring similar devices and processes, issuing multiple identity credentials, maintaining multiple systems, and the residents having to provide the biometric and biographi- cal information multiple times to several government ­ agencies. An integrated identity program can offer significant cost savings and ­efficiency. The country faced an urgent need to scale up national identity, integrating identity systems, cutting fiscal costs, and achieving efficiency in service delivery and management by addressing challenges more rapidly dealing with identity ­ management. In light of these, the country’s vision for identifica- tion requires refinement in terms of sharpening the vision of identification with an emphasis on rapid scale-up, full integration and cost optimization, strengthening the policy and legal environment, mobi- lizing the resources and scaling up with the ­ speed. Vendor or Technology Lock-in technology lock-in can be mitigated by using open standards, interoperability in architecture, and strong Vendor lock-in is considered the biggest concern procurement processes that avoids unnecessary for the ID system implementation that should be conditions in the choice of technology and ­ supplier. addressed during the procurement ­ process. Vendor or technology lock-in situations arise from using pro- prietary standards, vendor-specific software and/or Figure 2.1 presents a detailed list of pitfalls which hardware and complexity of ID systems with respect can possibly cause vendor and technology lock-in to technology, human resources, contractual ­ terms. lock-in. and a mitigation approach to avoid the ­ These cause increased cost and reduced flexibility to accommodate changes over time because the ID However, there are certain software solutions for authority are locked-in to existing systems and are which alternative, mature open source/standards- unable to take advantage of innovation or choose based technologies are not available (or are still evolv- the most appropriate ­solution. The risk of vendor and ing or have significant risks associated with ­ them). A Detailed View of the Procurement Phase  |   11 FIGURE 2.1  Issue and Mitigation for Vendor and Technology Lock-In Issues Mitigation Knowledge transfer Systematic knowledge transfer Poor documentation Timely documentation IP ownership Ownership with government Vendor Lock-in Data storage with vendor Data residency 24 Exit management Standard transition and exit management Systems control Admin rights with government Vendor sta dependency In-house capacity building Source code control Escrow account Proprietary software Open software and open API solutions Proprietary data formats Open storage standards Technology Lock-in Proprietary hardware Commodity hardware Closed data exchange Open exchange formats Proprietary standards Open standards Non-standard devices Multi-sourceable devices Non-standard encryption Standard encryption ownership of keys Impact of vendor and technology lock-in Higher costs Poor commercial leverage Poor quality of service Negative brand impact Frequent disputes Limited innovation capacity Di culty in change Benefits of vendor technology neutrality Cost competitiveness Better innovations Good quality of service Flexibility to introduce new tech Easier change management | 12    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS In these scenarios, ID authorities are forced to use It covers all software-related responsibilities proprietary ­products. The ID authority should try of an integrated ID system implementation – to minimize the role of such products in their core including managing nationwide rollouts, over- architecture to the most extent possible or, at the seeing all the third-party software development least, these products could be deployed as distinct vendors, and ongoing implementation efforts modules with integration via common APIs (prefer- to maintain and scale the system, across the ably open in nature) reducing the effort required to duration of the contract. A high-level scope per- replace one product with ­ another. This approach taining to this component would include: allows the ID authority to replace them without much difficulty whenever possible and ­feasible. • Architecting, designing, developing, and applications. deploying the ID software ­ Box 2.2 illustrates the case of procurement of an ID • Ongoing maintenance and periodic upgrades system in which vendor and technology is locked ­in. applications. for the ID software ­ B. IT Infrastructure Services Procurement Options The scope of services to manage and monitor After conducting the market analysis, bidder con- the IT infrastructure include: sultations and internal assessments, ID authorities would then need to take several procurement deci- sions around various system ­ components. The fol- • Supply and deployment of IT infrastruc- ture components that are necessary for the lowing steps should be followed by ID authorities system. ID authorities may choose to either ID ­ system. during the procurement lifecycle of the ID ­ build their dedicated IT infrastructure, or man- age upgrades to their legacy IT infrastructure, Step 1: Define and Design each Procurement or engage third-party infrastructure service Component providers for software hosting ­ purposes. Procurement of Services • Manage ongoing operations and upgrade of A. Application Development and Maintenance infrastructure. their IT ­ Services • Manage the annual maintenance contracts These services include activities necessary (AMCs) of infrastructure components pro- to build, deploy, and maintain the ID system. market. cured from the ­ Box 2.2: Illustration of Procurement Resulting in Vendor and Technology Lock-In In an upper-middle income country every citizen must be registered and issued an identity card within 30 days of turning 16 years of age or acquiring national c ­ itizenship. The National Identity Card is the card. It is a barcoded paper laminated ­ prima facie proof of the citizen details stated on the ID ­ identity. They have a department that handles all the administrative functions, including card production, card distribution, enrollment, data storage and management, and card issuance and ­ distribution. Only sys- tem maintenance and support are contracted o ­ ut. The ID system is developed based on proprietary technology. The choice of a proprietary system has made it difficult to change vendors and prevents ­ the department from developing in-house capacity to manage its identity ­ infrastructure. Instead, it must rely on ongoing maintenance contracts with a foreign firm, at a price of US$3 million, which is over and above its yearly operational budget of US$5.6 ­ million. Another country similarly experienced vendor lock-in on the biometric templates stored on its ­ smartcards. As a result, third parties were required to license this technology in order to read these tem- plates, driving up the cost of developing an extensive point of sale (POS) network for ­ authentication. A Detailed View of the Procurement Phase  |   13 C. Biometric Services capabilities of the program ­ staff. This If the ID authority is using biometrics, the scope entails developing a robust training pro- of biometric services would include: gram (encompassing key services, such as training content, information portals • Deduplication ­services. for self-learning, and classroom-based planned training sessions) for content • Authentication ­services. ­dissemination. • services. Fraud management ­ H. Administrative Support Services • Regular updates to deduplication and authentication ­algorithms. Managing day-to-day administrative needs (such as, facility management, human resource D. Customer Relationship Management (CRM) management, finance management, technical Services support services, among others). A CRM solution would function as the one-stop node for managing information requests/com- I. Logistics Services plaints and issues from key program stakehold- The scope for logistics-based services could ers (residents and service providers). CRM include: services in ID systems should cover multilin- gual call-management technologies (such as • distribution. ID credential ­ Automatic Call Distribution (ACD), Interactive Voice Response System (IVRS), chatbots, and • Collection and transfer of beneficiary data records (for example, supporting docu- so on). ID authorities will need to scale-up CRM ments) between the enrollment centers and services as the program expands to more and regional/central ­offices. more residents. J. Card Production and Personalization E. Information Security Services Services The scope of work for such service providers The scope would be ID credential production could include services aimed at design and and personalization needs of the program. maintaining information security infrastructure, delivering information security services, active K. Information, Education and Communication threat identification and mitigation, and manag- (IEC) Services ing periodic security awareness programs. The scope would include effective design and dissemination of information pertaining to the F. Testing and Certification Services program to various users. Testing and certification agencies for ensuring that the IT infrastructure procured is compliant Procurement of Infrastructure Components with prescribed standards/guidelines, IT sys- tems and data are secure, as well as to assess • Physical establishments (for example, admin- the capabilities of personnel deployed in the istrative office facilities for the ID program program. headquarters, regional offices, enrollment ­centers). G. Training Services • system. IT infrastructure components for the ID ­­ To ensure the smooth execution of the program, Based on whether the data center model ID authorities need to ensure: adopted by a country is owned, collocated or cloud services; this procurement scope would • Periodic assessments of the existing staff in change ­accordingly. the ­program. • Devices for enrollment (for example, biomet- • Designing and delivering appropriate train- ric kits) and authentication (for example, POS ing, aimed at improving the operational ­machines). | 14    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS Step 2: Decide on the Number of RFPs for Vendor and financial evaluation, and obtaining multiple Procurement approvals, would be significantly less in case of Once the procurement strategy and the scope RFP. a single ­ of services are finalized, the ID authority should decide which services will be developed in-house • Disadvantages and the number of RFPs to be issued (for exam- • Inflexibility of the process: The ID authority may ple, one covering all services or multiple for indi- not be able to optimize multiple components vidual ­ services). This decision will be influenced as the whole solution is stitched together as a by the current ability of the legacy infrastructure, if comprehensive offer by the system integrator available, to meet the envisioned ID system ­ goals. ­ (SI). Further, having a single RFP could also A higher number of RFPs to procure different ser- result in delay in the approval from government, vices will result in an increase in the integration high. especially as the total bid value could be ­ risks and effort, which the ID authority will need to • Limited number of participants: Including all ser- ­manage. This could result in increases in cost and vices and infrastructure in one RFP increases ­ time-to-market. If purchasing a turnkey solution is the size and complexity of the c ­ ontract. This not the chosen option, the integration risks could be may limit the number of potential bidders (who minimized by use of international open standards have the size and scale to execute such large and mature technologies – the skills for which, may and complex contracts) participating in the bid- be available with multiple ­vendors. ding ­ process. This could exclude some smaller niche vendors who may have better capa- The different options have their advantages and dis- bilities and solutions for specific components below. advantages, as articulated in the sections ­ (for example, application development and ­maintenance). Single RFP Option • Higher dependency: In the case of a single RFP, the ID authority is dependent on a single vendor An ID authority can procure all services and infra- services. The ID authority may thus have for all ­ structure required for the program, under one single limited flexibility to replace the vendor or intro- ­ RFP. In this case, a single service provider may offer duce new vendors for specific ­ components. all the service components, or a lead bidder may bring in multiple service provider as a consortium Multiple RFP Option and/or as s ­ ubcontractors. This single vendor would The ID authority may opt to procure the various ser- own all responsibilities for delivering services out- vices separately or from a few logical ­ groups. In such contract. lined in its ­ cases, ID authorities need to decide on the services to be grouped together, balancing procurement effi- • Advantages ciency, complexity in coordination, in-house expertise, • Lesser management oversight: This option is above. preferred flexibility, and cost, as discussed ­ relatively easy to manage as it reduces admin- istrative overhead as well as ensures that the Step 3: Define the Procurement method accountability for meeting all contractual com- After finalizing the number of RFPs, an ID author- mitments (for example, service levels and ity needs to determine the procurement method and vendor. timelines), rest with a single ­ bidding procedures (for each RFP, if ­ necessary). • Shorter procurement timelines: ID authorities There are various procurement methods that could need to evaluate only a single RFP and poten- be adopted by ID authorities; such as open competi- tially save a lot of time for the contracting pro- tive bidding, limited competitive bidding, direct con- cess and onboarding of the ­ vendor. tracting, and so ­on. The most preferred and globally • Optimized effort and cost: The effort required to followed procurement method is an open competi- assess each bid component, for example, defin- tive bidding process, which gives the best value for ing scope of work, pre-bid meetings, technical ­money. A Detailed View of the Procurement Phase  |   15 Step 4: Define the Bidding Procedures by the ID a­uthorities. The following components The next step in the procurement lifecycle is to define could be considered in the EOI document: the bidding procedures that would govern the technical and financial submissions from potential ­ bidders. These • contract. Invitation to the first stage of the ­ procedures could either be a single- or two-stage • program. Introduction to the ­ ­ process, as explained ­ below. The bidding ­ procedures • services. Broad scope of ­ can typically include either of the following: • Prequalification (PQ)/eligibility criteria, ­including minimum and additional ­ criteria. • Single-stage process: The objective of a sin- gle-stage process is to prepare and issue an • templates. Bid submission forms and ­ RFP directly to all the bidders and choose the • prequalification. Compliance sheet for ­ right vendor (who fulfill all criteria and qualify) amongst t ­hem. It is recommended when the • solution. Request to bidders to suggest the ­ scope of work for the vendor(s) is well defined • Bidder’s experience in similar projects, span- and ID authorities have limited time for the pro- ning lessons, issues, and challenges faced, curement ­process. It is also useful in scenarios mitigation processes adopted, the eventual where there are a limited number of ­ bidders. solution proposed, client expectations and feedback, among ­others. • Two-stage process: The two-stage process entails ID authorities shortlisting a set of poten- • Bidder’s specific credentials and accomplish- tial bidders via an expression of interest (EOI) ments, for example, research studies pub- or a request for information (RFI) step, and limit- systems. lished, patents and assets in ID ­ ing the RFP to this shortlisted group of ­ bidders. • conditions. General terms and ­ In such a two-stage bid process, extensive details about the ID system’s technical specifi- This shortlisting process also helps in gauging the cations are provided in the ­ RFP. The two-stage project. general interest levels of bidders for the ­ process is relatively useful for large, complex programs with a varied scope of work (involv- Second Stage of a Two-Stage Process ing turnkey solutions, complex IT infrastructure components, and so ­ on). For such large proj- Only the shortlisted bidders from the EOI stage, will ects, it is recommended to conduct a prequali- stage. be qualified to participate in this second ­ fication round in the first stage to remove inappropriate bidders from the p ­ rocess. As the An RFP document can encompass the following ID system contains critical and private data, it is components: advisable to limit disclosure of sensitive details pertaining to the ID system architecture to this • Background ­information. shortlisted set of bidders ­alone. It is also com- • bidders. Instructions to ­ mon to have multiple bidder workshops to dis- • criteria. Prequalification (PQ)/eligibility ­ cuss clarifications around the scope of work or other contractual prerequisites with potential • Evaluation ­methodology. bidders. Such flexibilities are usually limited in ­ • performed. ­ Scope of services to be ­ single-stage ­bids. • Deliverables. • Implementation ­timelines. A more detailed view of each stage in this ‘two-stage’ below. bid procedure is outlined ­ • conditions. Payment schedule and ­ • Testing/quality assurance/acceptance testing ­mechanisms. First Stage of a Two-Stage Process The objective of this stage is to shortlist a potential • template. Commercial bid ­ set of bidders who have the requisite competency, • conditions. Legal terms and contract ­ capacity, and understanding of the solution required • agreement. Service level ­ | 16    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS • warranty. Annual maintenance contracts and ­ ID systems are mission critical in nature and, hence, ensuring uninterrupted services is a critical expecta- • Skills ­required. tion for ­authorities. Though open-source technologies • requirements. Resource deployment ­ offer solution autonomy for the authorities in the long • Exit ­criteria. term, having COTS products in the program can often • Deliverable approval ­ mechanism. give authorities a better service-continuity guarantee components. An ID system design could for critical IT ­ • mechanism. Change order ­ include a fair composition of both open-source and • mechanism. Overall project governance ­ COTS products in the ­ solution. The considerations in evaluating COTS products in ID systems are: A summary of key decisions to be taken in the two- stage procurement process is shown in table 2.2. • Level of technical support and shorter resolution timelines, as compared to the technical support provided by the open-source ­ community. Procurement Considerations for IT components The section below highlights the advantages and • solution. Time to delivery of ­ disadvantages of different procurement approaches, • Upfront cost, costs of ownership, service cost, when dealing with IT components (both services and and consumables ­ costs. ­infrastructure). • Open API and open standard based ­deployment. Procurement of Commercial Off-the-Shelf Solutions (COTS) versus Open Source Procurement of Niche Services The procurement of the commercial off-the-shelf Apart from COTS solutions, there are certain solu- (COTS) solutions is more suitable, when the open tions that are more complex or proprietary in nature source technology alternative is not mature, or adequate (for example, biometric solutions) that need to be authorities. technical support is not available for the ID ­ procured as ­ well. These solutions are particularly TABLE 2.2  Key Decisions in the Two-Stage Procurement Process Topic Key decisions Stage one of two- ® Extent of the scope of the work to be shared stage process ® Decide elements of capabilities for shortlisting ® Details on processes to submit the documents e.g., date of publication and submission, last date for queries ® The timeframe for the participant actions in this stage, ­ submission, ­etc. ® Appropriate prequalification criteria and supporting documents that are necessary for evidence, such as: ○ Sales turnover ○ Net worth ○ Human resources strength of the organization ○ Project experience (number, value and specifications of the projects) ® Consortiums and/or subcontracting for the subservices of the contract ® Timelines for the EOI evaluation and shortlisting Stage two of two- ® The detailed scope of work and service level expectation stage process ® Evaluation criteria and methodology ® Key milestones and timelines ® Provision for consultation workshop(s) with shortlisted bidders ® Timeline for the bidder actions A Detailed View of the Procurement Phase  |   17 complex when considering specific implementation Procurement Process needs in the ID system design, for example, deploy- ment, ongoing operations and maintenance, and ID authorities should define a robust bid management components. If not integration with other ID system ­ process to onboard the technically qualified bidder(s) managed carefully, these solutions can prove to be cost. The procurement process must: at optimal ­ a serious impediment for overall ID system service continuity. Some common challenges pertaining to ­ • Ensure that the ID authorities receive the the implementation of such niche solutions in the ID scoped service components (that is, IT infra- system, are: structure, software solutions and products, non-IT services) at the best possible prices • Duration of such contracts are relatively longer bidders. from the competing ­ than usual, because of difficulties in adequate replacement of the s ­ olution. The cost of such • Ensure that there is no preferential bias towards any specific vendor and encourages replacements, when needed, can be a concern ­competition. ­ uthorities. as well for ID a • Draw upon the lessons of experience of the • As the technology market is evolving rapidly, bidder(s) leading to a better outcome in the there is a high likelihood that technical speci- procurement ­lifecycle. fications of such solutions may be outdated, unavailable, or overpriced by the time the One of the most critical elements of the bidding pro- awarded. This is especially true in contract is ­ cess is preparation of a request for proposals (RFP) the case of elongated procurement phases, document that is based on the broader program strat- thereby delaying the onboarding of the solution egy envisioned by the ID ­ authorities. This document vendors on ­time. should clearly articulate the technical and financial • If technical specifications are poorly defined, evaluation criteria for the bid, a summary of the cur- the intended outcomes can deviate significantly rent infrastructure and services landscape, a detailed from the real priorities of the ID program and scope of services expected from suitable bidders, situations. potentially lead to vendor lock-in ­ and overall contract conditions that would govern the contract between the government and the selected As an alternative to this dependency on niche bidder(s). ID authorities must encourage a diverse ­ vendors, ID authorities may try to develop their ­ set of stakeholders to contribute in the RFP docu- own open source-based bespoke solutions that ment design (for example, industry experts, govern- gives them more ­ flexibility. In such cases, it is use- mental advisors) in order to make it more inclusive ful to consider outcome-based procurement mod- and unambiguous for the ­ bidders. If necessary, the els to ensure the solution meets the necessary ID authorities can set up specific technical commit- requirements, is periodically updated, and a plug- tees to strengthen the procurement process ­ design. and-play deployment to ensure no technology and Figure 2.2 provides an overview of key components vendor ­lock-in. of an RFP, in the vendor procurement ­ process. FIGURE 2.2  Key Components of a Request for Proposals Vendor procurement Instructions to bidders Scope of work Conditions of contract General Evaluation Functional Technical Master services agreement instructions Proposal forms requirements requirements criteria Non-disclosure agreement 1st stage Deliverables Payment schedule Pre-qualification Implementation schedule Service level agreements 2nd stage Human resources Special conditions Technical evaluation Commercial evaluation | 18    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS Instructions to Bidders The checklist in table 2.3 provides guidance to ID RFP. authorities when designing this section of the ­ The RFP document must provide detailed instruc- The table encapsulates the common questions that tions, on the following, to the bidders: need to be carefully considered and validated, to ensure that this RFP section is comprehensive and • Evaluation criteria clear enough for bidders to respond without any • Proposal forms ­concerns. TABLE 2.3  Instructions to Bidders Phase: Procurement Component: Vendor Procurement Area: RFP Instructions to Bidders # Checklist item Y/N/NA Remarks 1. Have the general instructions been clearly defined? 2. Has the project duration been clearly defined? 3. Are eligibility requirements clearly presented? 4. Have the conditions for disqualification of the bidder been clearly defined? ­a. Is noncompliance to formats and procedures a disqualification criterion? ­b. Will post-facto revision of bidder quote be considered as a criterion for disqualification? ­c. Is deviation from terms and conditions of contract a disqualification criterion? Is there an option for bidders to propose deviation from the scope? ­d. Is inability to provide necessary/required additional documents a ­disqualification criterion? ­e. Is providing incorrect information a disqualification criterion? ­f. Is attempting to influence evaluation through unfair practices a disqualification criterion? 5. Have the conditions for compliant and complete responses been clearly defined? 6. Is the right to terminate the process at any time, and not having any liability to provide any reason for the same, been clearly defined? 7. Have the steps for submission of proposals been defined ­ (e.g., registration, etc.)? preparation of bid, submission of bid, deadline to submit, ­ 8. Has the right to accept or reject any bid been defined? 9. Has the geographical coverage of the project been defined? 10. (e.g., consortium or joint Is association with other bidders allowed ­ ventures)? 11. Is partnering with a local firm a requirement? A Detailed View of the Procurement Phase  |   19 Evaluation Criteria Evaluation in First Stage ID authorities must clearly outline the evaluation The evaluation criteria adopted in the first stage can methodology for the selection of the ­ bidder(s). As be referred to as prequalification ­criteria. The objec- explained in the section on bidding procedures, the tive behind using prequalification criteria is to encour- evaluation methodology can entail a two-stage pro- age proposals from genuine contenders and solution cess, wherein prequalification criteria are applied ­ providers. The criteria should be set to encourage to shortlist bidders in the first stage, followed by more competition and qualitative bid ­ responses. The detailed technical and financial evaluation criteria in checklist in table 2.4 outlines key questions to be the second stage (see figure 2.3­ ). The first stage addressed by ID authorities when designing the 1st ensures bidder compliance against minimum orga- stage evaluation ­criteria. nizational and technical parameters that are neces- sary to execute the p ­ rocess. Evaluation in Second Stage Evaluation criteria adopted in the second stage encompasses the detailed technical and financial FIGURE 2.3  Evaluation and Qualification criteria of the ­RFP. ID authorities usually estab- Criteria lishes an independent evaluation committee to perform the evaluation of technical and financial Evaluation and qualification criteria bidders. The checklist in table 2.5 out- bids from all ­ lines key questions to be addressed by ID authori- Evaluation 1st stage Evaluation 2nd stage ties when designing the second-stage evaluation criteria. Pre-qualification Technical evaluation criteria criteria Technical Evaluation Criteria Commercial evaluation criteria A clearly defined set of technical objectives and requirements ensures that the most competent TABLE 2.4  Evaluation Criteria in the First Stage Phase: Procurement Component: Vendor Procurement Area: RFP Evaluation Criteria (1st Stage) # Checklist item Y/N/NA Remarks 1. Are the evaluation criteria practical and flexible enough to encourage ­interested bidders? 2. Does evaluation criteria assess the high-level technical fit of the bidder against the stated scope or work expectations? 3. Does the evaluation criteria assess the financial capability of the bidder to execute the project? 4. Does the evaluation criteria assess the technical competence of the bidder, quality, and proven capability of the solution being adjudicated? 5. Does the evaluation criteria exclude bidders that been blacklisted governments, multilateral institutions, or international companies by ­ depending on procurement strategy)? (­ | 20    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS TABLE 2.5  Evaluation Criteria in the Second Stage Phase: Procurement Component: Vendor Procurement Area: RFP Evaluation Criteria # Checklist item Y/N/NA Remarks 1. Is an independent evaluation committee required for conducting the technical and financial evaluation of bids received? 2. Is the evaluation committee well versed regarding the objective and the process of evaluation? 3. Has the evaluation model been decided? a. Is it a lowest price model? ­b. Is it a quality and cost-based selection assessment model? Has the weight (percentage) between technical and cost proposals agreed upon? ­c. Is it a quality-based selection process? TABLE 2.6  Technical Evaluation Criteria Phase: Procurement Component: Vendor Procurement Area: RFP Technical Evaluation Criteria (TEC) # Checklist item Y/N/NA Remarks 1. Has the objective of TEC been clearly defined? 2. Does the TEC have a link to the scope of work? 3. Has the most relevant scoring/weighting scheme been used to evaluate bids? 4. Are the scoring guidelines clearly defined? 5. Are TEC defined objectively? 6. Does the scoring criteria exclude any bidder due to specific or restrictive criteria? 7. Does the bidder have to demonstrate the applications or proof of concept to showcase the functionalities and technical capability of the solution? bidder offering the right quality service(s)/solution(s) bids that do not meet the requisite technical c ­ riteria. is selected for subsequent financial ­ evaluation. Bid In most government procurements, only bidders who responses against these technical evaluation criteria qualify against the technical evaluation criteria are is carried out by the ID authorities to arrive at a final selected for further evaluation against their financial bidder. ID authori- (technical) score for each qualified ­ bids. The checklist in table 2.6 outlines key questions ­ ties often specify a minimum score level to filter out to be addressed by ID authorities during this ­ step. A Detailed View of the Procurement Phase  |  21 TABLE 2.7  Commercial Evaluation Phase: Procurement Component: Vendor Procurement Area: RFP Commercial Evaluation / # Checklist item Y/N/NA Remarks 1. Is there provision to examine the bids for arithmetical errors and rectification? 2. Will a bidder’s failure to have the commercial bid signed by an authorized person, be treated as a ­ nonconformance to the financial bid criteria? 3. (i.e., a bid which limits the bidder’s responsibility to Will any conditional bid ­ perform an activity) be treated as nonconformance to the financial bid criteria? Financial Evaluation Criteria compare bids and thereby complete the evaluation satisfactorily. The following is a list of forms exercise ­ Once the technical scores are declared by the ID that may be provided through the RFP: authorities, the financial (or commercial) bids of each selected bidder is ­ evaluated. The checklist in 1. Covering letter table 2.7 outlines key questions to be addressed 2. Bidder’s general information step. by ID authorities during this ­ 3. Power of attorney/board resolution Proposal Forms 4. Declaration of subcontracted activities It is advisable for ID authorities to outline specific for- 5. Project summary mats and templates in which bidders are expected 6. Resumes of key personnel to submit their bid ­ responses. Providing a specific 7. Summary sheet of financial proposal proposal format makes it easier for the evaluators to 8. Detailed financial proposal FIGURE 2.4  Scope of Work Scope of Work Scope of work The scope of work section of the RFP should include the following components, Services Infrastructure as illustrated in figure 2.4. Application Physical Biometric services development The RFP’s scope of work that outlines the establishments Testing and services and infrastructure components Infrastructure services Enrolment devices certifications of the ID system, will be derived from Logistics services Training agencies Authentication devices the program strategy defined in the plan Support services and design ­ phase. Options for the design Customer relationship (tech and admin) IT infrastructure choices should be finalized after evaluat- Information security IEC services ing the advantages and disadvantages ­ roup. Once finalized, with the stakeholder g Card personalization Technology and services admin support these design choices will be translated into the functional and technical require- Functional requirements Technical requirements ments that will be included in the scope work. Defining a proper and structured of ­ Implementation Key resources and scope of work is essential for the bidder(s) Key deliverables schedule their sta ng to clearly understand the requirements to | 22    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS be performed under the ­contract. The scope of work The checklist in table 2.8 outlines key questions to can be further broken down into the following: be addressed by ID authorities, while designing this RFP. section of the ­ •  Key deliverables and milestones •  Implementation schedule • Key resources and staffing requirements TABLE 2.8  Scope of Work Phase: Procurement Component: Vendor Procurement Area: Scope of Work # Checklist item Y/N/NA Remarks 1. Has the scope of work (encapsulating all requisite functional and technical requirements) been clearly defined? 2. Have the key deliverables and milestones been defined? 3. Has the implementation schedule been defined? 4. Have the key resources and staffing requirements been defined? Conditions of Contract The RFP’s conditions of contract section set down sev- eral contractual conditions under which the selected bidder(s) will execute the ­services. The major compo- nents of this section are illustrated in figure 2.5. FIGURE 2.5  Conditions of Contract Condition of contract Master services Non-disclosure Payment Service level Special agreement agreement schedule agreements conditions Master Services Agreement such as payment terms, product warranties, intel- A master services agreement (MSA) is a contrac- lectual property ownership, and dispute resolution, tual document that specifies the performance objec- among ­ others. The goal of an MSA is to make the tives and outlines the responsibilities of the parties contractual process faster and transparent for both involved (that is, ID authorities as the purchaser and parties involved, as well as to facilitate and simplify the selected vendor(s) as the service p ­roviders). contract ­negotiation. This agreement dictates the terms of agreement between the ID authority and the selected ­ bidder(s). Table 2.9 outlines key questions to be addressed by It clearly articulates generic terms in the contract, RFP. ID authorities in this section of the ­ A Detailed View of the Procurement Phase  |   23 TABLE 2.9  Master Services Agreement Phase: Procurement Component: Vendor Procurement Area: Conditions of Contract Master Services Agreement # Checklist item Y/N/NA Remarks 1. Have the definitions and the interpretations for the MSA been clearly specified? ­a. Has the mechanism to resolve ambiguities (if any) within the agreements been set down clearly? 2. Has the scope of the project been well defined? 3. Have the terms and duration of the project been defined? 4.a Have the obligations of the ID implementing authority been defined in the MSA? 4.b Have the obligations of the bidder been defined in the MSA? 5. Are conditions pertaining to financial matters been specified in the MSA, e.g., payment terms, invoicing, tax, etc? ­ 6. Is there any form of performance guarantee mechanism to be used in case of default on part of the bidder? 7. Has the governing law(s) been defined? 8. Have the clauses for dispute resolution been specified? ­a. Has a workable business solution been ensured, before resorting to formal procedures, such as steps 1-4? ­b. Is the internal escalation process defined? ­c. Is the mediation process defined? ­d. Is the adjudication/expert determination process defined? ­e. Is the arbitration process defined? ­f. Have the time limits for resolution been defined? 9. Have the reasons and consequences of an event of default been defined (i.e., when there is any kind of failure to comply by the bidder)? ­ 10. Have the clauses for termination of contract and its effect been defined? 11. Have the high level acceptance criteria been defined for various deliverables? 12. Have assignment/novation clauses been included to address situations where the service provider(s) undergo mergers or acquisitions or in case of their bankruptcy? | 24    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS Non-Disclosure Agreement NDAs are entered upon between parties to protect A non-disclosure agreement (NDA) is a legal contract the rights for their proprietary information and sensi- between the ID authority and the selected bidder(s) tive business-related ­information. that specifies confidentiality of materials and ser- vices in the ­contract, knowledge or information that The checklist in table 2.10 outlines key questions to either party wishes to share/disclose/restrict with one be addressed by ID authorities, while designing this another, as part of doing business with each ­ other. RFP section. TABLE 2.10  Non-Disclosure Agreement Phase: Procurement Component: Vendor Procurement Area: Conditions of Contract Non-Disclosure Agreement # Checklist item Y/N/NA Remarks 1. Has the sensitive information of the program, been classified as confidential? 2. Has all the nonconfidential information of the program been defined? 3. Have the cases for access and restriction of confidential information been specified? 4. Is there a provision of security and prevention of unauthorized access of confidential information? 5. Has breach notification been defined in case confidential information of the program is advertently or inadvertently disclosed by the bidder(s), ­a. Are the measures to notify the data owner defined? ­b. Are the measures to rectify the issue defined? 6. Has there been consideration for a case wherein the bidder might be under a legal compulsion to disclose any confidential information? ­a. For such a case, is there a timeline within which the bidder shall inform the ID implementing authority of the same? A Detailed View of the Procurement Phase  |   25 Payment Schedule performed as part of the contract between the ID The payment schedule clearly defines the mecha- bidder(s). authority and the ­ nism of paying the bidder(s) for the successful deliv- ery of services and products during the p ­ roject. It The checklist in table 2.11 outlines key questions to includes the schedule and specific terms govern- be addressed by ID authorities when designing this ing payments to the bidder(s), for all the activities RFP. section of the ­ TABLE 2.11  Payment Schedule Phase: Procurement Component: Vendor Procurement Area: Conditions of Contract Payment Schedule # Checklist item Y/N/NA Remarks 1. Have the payment terms been clearly defined? ­a. Is the payment schedule aligned with deployment and go-live of software system and not based on activation of individual product licenses? ­b. Is the payment schedule post go-live aligned with provisioning of warranty support and annual maintenance activities? ­c. Is a significant portion of project payments to the vendors provided for post go-live phase? 2. Is there a linkage between the payment milestones and a deliverable or unambiguous payment schedule ­ (e.g., go-live)? 3. Has it been ensured that the payment value reflects the actual efforts of the contractor? 4. Are the payments linked to only one type of delivery – service/input or solution/outcome? 5. Have the payment dates and timelines been defined? 6. Has it been ensured that there are no penalties on payments that are not specified in the contract? 7. Has it been ensured that changes in government taxes are not imposed on the contractor by making payment adjustments? 8. Have the payment methodology and related calculations been well defined? 9. Have the key activities/milestones for payments been defined? 10. In case of a delay in payments, is the process defined? Is there adequate protection for service provider(s) in case payments are unduly withheld by the purchaser? 11. Is the process of raising invoices clearly defined in the RFP? | 26    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS Service Level Agreements expected of the ­b idder. It provides clarity in terms Service Level Agreements (SLAs) govern the of service ownership, roles and responsibilities, quality and timeliness of service delivery during and ­a ccountability. the implementation and operations and main- tenance phases of an ID ­ s ystem. SLAs out- The checklist in table 2.12 outlines key questions to line specific service level commitments (such be addressed by ID authorities when designing this as expected levels of service to be provided) RFP. section of the ­ TABLE 2.12  Service Level Agreements Phase: Procurement Component: Vendor Procurement Area: Conditions of Contract Service Level Agreements # Checklist item Y/N/NA Remarks 1. Have the service level classifications been defined? ­a. Have the target service levels (which are goals) been defined? ­b. Have the minimum service levels (which are expected to be achieved) been defined? ­c. Have the increased impact service levels (which are inferior levels impacting the business) been defined? ­d. Has the SLA measurement protocol been specified? 2. Has the effectiveness of the SLAs been defined? 3. Have the consequences of failure of SLAs been specified? 4. Are the SLAs for the following indicative list of activities been ensured? ­a. Project delivery milestones ­b. System performance ­c. System response time ­d. Performance and availability of human resources ­e. Recovery time objective (RTO) and recovery point objective (RPO) for ­ disaster recovery and business continuity planning 5. Have the calculations and sample illustrations of the contract SLAs been clearly defined? A Detailed View of the Procurement Phase  |  27 Special Conditions The checklist in table 2.13 outlines key questions to Apart from the above, there are some other special be addressed by ID authorities when designing this conditions that must also be considered while draft- RFP. section of the ­ contract. ing the conditions of ­ TABLE 2.13  Special Conditions Phase: Procurement Component: Vendor Procurement Area: Conditions of Contract Special Conditions # Checklist item Y/N/NA Remarks 1. Have the intellectual property rights (IPR) for existing and new assets been defined? ­a. Has it been decided who will own the IPR? ­b. Is there a provision to license items such as products, solution source codes, and materials according to the terms of the license agreement? ­c. Are the procedures for handing over the source code clearly defined, along with the appropriate technical documentation? 2. Has insurance cover been defined? ­a. Does the bidder own the insurance cover? ­b. Does the bidder maintain the insurance for public liabilities, product liabilities, and other types of insurance? 3. Does the source code belong in an escrow account to maintain the software? 4. Does the purchaser have ownership of annual maintenance contracts (AMCs), warranties and maintenance of the products and solutions? 5. Has the limitation of liability been defined? 6. Has the cap on liquated damages been defined? 7. Is data ownership defined? 8. Is data residency defined? 9. Is purchaser obligation defined? 10. Are bidders’ obligations defined? 11. In case additional services or infrastructure are required during the duration of the contract, does the change order (change request) clause mention the clauses of when it can be invoked and by whom? 12. As the IT infrastructure to be procured for the ID system is already a part of the national critical infrastructure, are security clearances well defined in the document? 13. Are knowledge transfer terms and conditions well defined in the document? | 28    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS APPENDIX A: PLAN AND DESIGN Implementing an ID system for a country requires a models as evidenced in many ID systems comprehensive planning phase that aligns the Gov- around the globe include; ernment’s envisioned strategic goals with a practical i. Self- financed models like ‘­ government implementation strategy for rolling out in the country. funded’ It is imperative that this planning effort is taken up in ii. Financed through a ‘PPP’ model such all sincerity prior to procurement, so that all poten- as BOT, BOOT, BOO etc. tial implementation risks are adequately addressed in the design and rollout of the ID system. Govern- iii. International funding support like ment priorities for the planning phase of an ID sys- UNDP funded ID system in Malawi, tem include: World Bank in Morocco iv. Self-sustaining financing models 1. Outlining the key design principles to be con- (charging the services provided) sidered and addressed 4. Defining the appropriate technology strategy 2. Defining and designing the various compo- of the program based on the objectives set out nents of the ID system, like enrollment & by a Government. Factors such as the existing data update, authentication, ID-linked ser- digital landscape of the country, availability of vice ecosystem and customer relationship the technical expertise of the human resources, management. modern industry technology trends, scalability 3. Defining the operating and business model, needs of the ID program as well as learnings based on the objectives as set out by the from many similar global ID systems, could Government. Specific considerations would also be important considerations in the even- include; tual procurement of the ID system technology a. Operating model – It refers to how the components. operations in the ID system are structured for different services. For example, which The “Plan & Design” phase can be further of the services will be developed in-house, segregated into two major considerations that ­ which will be outsourced, and which will be ­ ultimately impact decisions made by a ­Government executed in a partnership model. during an ID system procurement lifecycle. These include: b. Business model - Government may have to adopt appropriate models of program A. Program Elements financing to manage the budgets of the B. Technology Strategy ID program). They may also opt to design effective revenue strategies (e.g. service fees for core ID services, as well as deliv- FIGURE A.1 Key Considerations in the “Plan ery of ID linked public services to citizens) & Design” Phase of an ID System to ensure long-term sustainability of the ID program. Government will have to choose Plan and design an institutional arrangement that would be suitable and adaptable to the needs Program elements Technology strategy of the country. Some popular business Appendix A: Plan and Design  |   29 Program Elements B. Ancillary Identity functions a. Customer Relationship Management The various design choices and decisions adopted in services the ID system will go a long way in determining the suc- b. Training, testing and certification cess of the program. The ID authority should consult relevant stakeholders, to clearly prioritize the program c. IEC campaigns goals and the direction for the ID system going forward. C. Architectural governance D. Institutional structure An overview of the critical program considerations for an ID system is illustrated below: E. Operating Model F. Business model These program elements are broadly categorized G. Transition Strategy into the following: A more detailed view of each of the above consid- A. Core Identity functions erations is articulated in the subsequent section a. Enrollment and Update services below. b. Authentication services c. ID-linked services ecosystem Core Identity Functions The lifecycle of an ID system begins FIGURE A.2  Program Elements with the enrollment of eligible citizens and legal residents into the system, fol- Enrolment and update lowed by the ongoing use of ID-based Operating Core authentication services by viable part- model identity Authentication ners at point-of-service, and provision functions of various ID-based services aimed at Service ecosystem streamlining public and private service Ancillary Transition identity delivery for Citizens/Residents. strategy Program functions elements Training, testing and As illustrated above, the ‘core identity certification functions’ can be categorized into four Business Architectural distinct ID lifecycle sub-systems. The governance IEC campaigns model subsequent sections elaborate each sub- Institutional system in further detail. structure Customer relationship management Enrollment and Update Subsystem Enrollment Subsystem FIGURE A.3  Core Identity Functions Processes and systems adopted by a Government in the “enrollment” phase Core identify functions of an ID lifecycle have implications on the successful coverage of all eligible Enrollments and update Authentication Service ecosystem residents, as well as to ascertain the quality and accuracy of the data col- lected during the enrollment process. ID Enrollment Authentication authorities have to often make key deci- sions around various design choices Data update E-KYC in the ‘enrollment’ process – spanning technology, infrastructure and human Credential and issuance resource requirements. | 30    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS The enrollment sub-system should be designed in a • All components to be procured to be clearly way that ensures the following: articulated in the design itself. • Strong focus towards universal coverage of the The procurement decisions in an ID enrollment sub- eligible population. system are influenced by various design elements and infrastructural components and services, as • Processes are adequately designed to ensure illustrated below: the capture of high quality and accurate data. Topic Key Decisions General ® Age criteria ® Inclusion criteria List of valid PoI/ PoR/ PoA documents ®  UIN numbering scheme ®  Validity of Identity ®  Standard Operating Procedures for the enrollment process ®  Stakeholders Identifying the program stakeholders ®  Defining the roles and responsibilities of the stakeholders ®  Enrollment Strategy Number of centers ®  Number of Permanent and Temporary enrollment centers ®  Modes of enrollment- Offline/ Online ®  Percentage coverage year-on-year ®  Finalizing the enrollment kit constituents ®  Certifications of the enrollment kit for quality ®  Enrollment strategy for exception scenarios ®  Registration mechanisms for start-up and steady-state phases (e.g., by government staff, outsourced etc.) ®  Strategies to ensure last-mile coverage ®  Data Core Identification data ®  ⚬  Number of data attributes (Data minimization) ⚬  Mandatory and Optional fields ® Validation Data ® Metadata Data Quality guidelines ®  Data storage guidelines ®  Data Protection guidelines ®  ® Data transfer to ID authority Verification ® Data quality checks ® ID proofing rules and regulations ® Identity deduplication process design (including manual adjudication) Data Update sub-system identity is that the population can leverage it for better access of both public and private services. This section includes the data update guidelines ID authorities must ensure that the information necessary for ID system. One of the important stored in the ID system is accurate, relevant and aims of providing the eligible population a digital Appendix A: Plan and Design  |   31 up-to-date. The authorities need to provide a mech- are various design choices which will highlight the anism to all enrolled citizens and legal residents need to procure the necessary ­infrastructure and to update their data, on an ongoing basis. There services. Topic Key Decisions Data Update ® Modes of Data update (Offline/ Online) strategy ® Channels of Data update (self/ assisted) ® Types of services ® Minimum LOA for accessing data update services ® Data fields which can be updated ® Mandatory and Optional updates ® Business model for data update requests ® Location and number of service delivery centers ® Validation of documents for service delivery Stakeholders ® Identifying the stakeholders like ID Authority, Enrollment agency, operators, residents etc. ® Defining the roles and responsibilities of the stakeholders Credential and Issuance Ecosystem to carefully evaluate and consider various design elements that would result in the procurement of ­ This section of the procurement checklist highlights necessary infrastructural components and services the ID credential and issuance ecosystem of an ID like cards, printing devices etc. system. Citizens and legal residents that are being enrolled into an ID system, need to have a govern- Procurement decisions in a “credential and issuance” ment approved identity proof document to prove sub-system is influenced by various design elements their individual identities and avail various public and infrastructural components, as illustrated below: and private sector services, etc. ID authorities need Topic Key Decisions Credential and ® Credential medium (Physical/ Digital) Issuance strategy ® Credential Issuance (yes/no) by the ID authority ® Mode of issuance (offline/ online) ® Age groups to which credential will be issued ® Validity of the credential ® Procedure for revocation and reissuance of credential ® Logistics arrangement for issuance ® Business model for credential ® Credential design strategy    ⚬  Credential material    ⚬  Credential security    ⚬  Credential storage ® Data points on credential (Human readable and machine readable) including disclosure of personal identifier(s) ® ID authority to decide whether offline data of authentication will be stored on the credential Stakeholders ® Identifying the stakeholders like ID Authority, Logistics partner etc. ® Defining the roles and responsibilities of the stakeholders | 32    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS Authentication Subsystem • Knowledge based – something that an indi- The authentication processes designed in an ID sys- vidual demonstrates the knowledge of, such tem ensure that an individual is the same person that as an identifying information like a PIN they claim to be. This involves confirming the indi- • Inherent – something that some individual vidual’s identity by matching credentials ­provided by fingerprint claims that they have, like an iris or a ­ him/her, against one or more authentication ­ factors scan (e.g., a PIN, password, or fingerprint). The combina- Procurement decisions in an “authentication” sub- tion of authentication factors should include some or system is influenced by various design elements all the following: and infrastructural components, as illustrated below: • Possession based – something that an indi- vidual demonstrates that they have, such as a physical or virtual card or certificate Topic Key Decisions Authentication ® Authentication modes (Offline/ Online) ® Authentication ecosystem architecture (trusted, federated model) ® Authentication types (OTP based, Demographic authentication, Biometric authentication, etc.) ® Authentication services (Yes/no, e-KYC) ® Data points to display after successful authentication in different types of services ® Data guidelines for capturing, verification and storage etc. ® Scope and retention of authentication logs Stakeholders ® Identifying the stakeholders like ID Authority, authentication partners etc. ® Defining the roles and responsibilities of the stakeholders Service Ecosystem The roles and responsibilities of different entities like The services ecosystem enables the residents to government, residents, private firms, etc, are clear and avail various services using the unique identification. non-conflicting. Independent and neutral agencies are It has a wide range of services with diverse roles, empowered to monitor and supervise the processes. responsibilities and interests. These services can be There can be various establishments set up that pro- in the form of government benefit services, financial vide these services to the residents. Processes such and social inclusion, etc. as e-KYC or biometric authentication ensure that the financial assistance reaches to those who need it. Topic Key Decisions Service ecosystem ® Services that the ID authority will offer to Service Providers (including SLA) ® Minimum LOA expected by the SPs for the end users to avail their services Stakeholders ® Roles, responsibilities and allocation of liabilities between the ID authority and all ecosystem partners (trust framework) Ancillary Functions of Identity Systems These could include decisions pertaining to end-user trainings, testing and certification of devices and ­systems, In addition to the core identity functions in an ID and an IEC strategy to ensure the smooth functioning of lifecycle, ID authorities do often also have to make the ID program. More details about each of these func- further procurement decisions to ­ support these core tions are provided in the subsequent sections. functions, as illustrated below: ­ Appendix A: Plan and Design  |  33 FIGURE A.4  Ancillary Identity Functions contact data centers to address any griev- ances is necessary. Ancillary identity functions ID authorities often look to establish a Customer relationship Training, testing and IEC strategy multi-partner ecosystem involving internal management certification agencies, citizens/residents, and service provider(s), among others; during the imple- mentation of the ID system. As an important Customer Relationship Management program goal, ID authorities would need a system to A clear and streamlined administrative procedure is support the citizens/residents around information, que- required to address grievances, and remedy identity ries, issues, resolutions and grievances pertaining to theft or fraud. The enablement of user-friendly mech- the ID system. This could entail opening multiple user- anisms for individuals to view their data, see who has engagement channels like email, messaging, physical accessed their data, edit or update information, and centers, social media etc. with multi-lingual support. Topic Key Decisions Customer Relationship walk-ins, ® Methods for handling queries (Voice, email, web portal, social media, chatbots, letters, ­ Management self-help etc.) ® Number of languages in which the query handling services would be provided to be provided to residents ® Sizing requirements for the queries like no. of residents, enrollment/ day/ authentications/ day, working hours for the agents, no of agents, peak call volume, etc. ® List of services for which assistance would be provided ® ID authority to deploy grievance handling technologies including but not limited to Automatic Call Distributor (ACD), Interactive Voice Response System (IVRS) etc. Stakeholders divisions etc. ® Identifying the stakeholders like ID Authority, contact centers, user agencies, internal ­ ® Defining the roles and responsibilities of the stakeholders ® Plan for providing training to the agents and CRM staff Training, Testing and certification and capabilities is a key program requirement In any ID system, it is imperative that the Govern- as well. In such cases, ID authorities may need ment and ID authorities consider comprehensive to continuously hire and train new staff who lack end-user trainings for the users of the systems the adequate skills (i.e. technology and process- (like enrollment operators, authentication agen- based skills in an ID lifecycle), and to accept the cies, call center agents) as a critical program prior- chore of constantly retraining the existing staff as ity. This is especially true when countries embark well. This is more likely to happen when temporary upon the deployment of nationwide ID systems in staff are hired to manage critical ID functions in aggressive enrollment targets, which often results the program. Overall program costs pertaining to in a rapid scale-up of infrastructural components these training requirements is another key factor (e.g. enrollment centers, enrollment staff) in short that ID authorities are faced with, when designing timelines. This in turn puts a greater emphasis on ID systems. training a greater staff count to meet the program targets within these short timelines. Alternatively, Procurement decisions for these functions are influ- in the case of ID programs with longer enroll- enced by the following design elements and infra- ment timelines, the sustenance of staff capacity structural components, as illustrated below: | 34    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS Topic Key Decisions Training agency ® Training mode (Offline/ Online) ® Phases of training ® Layers of training to various stakeholders ® Delivery of training ® Number of batches and batch size ® Training duration ® Training deliverables to trainees ® Refresher training ® Availability of training content (anytime, anywhere) to the authorized users Content development ® Content development for training exercises regarding enrollment, authentication etc. agency ® Developing content for IEC campaigns etc. Testing and ® Spécifications for enrollment devices, authentication devices etc. Certification agency ® Certification to enrollment operators etc. Stakeholders ® Identifying the stakeholders like ID Authority, residents, different ministries etc. ® Defining the roles and responsibilities of the stakeholders IEC Strategy need for proactive public education and information ID systems need to have a sustained focus towards campaign, aimed at encouraging their participation public awareness and mass communication strat- in the country’s ID system. Campaigns for aware- egies aimed at diverse users and influencers for ness and education, advertisements and commer- adoption. This is a critical program priority that deter- cials about the enrollment process is an important mines the success of the ID system. For instance, tool for cognizance. The cost for such awareness these campaigns can be designed to address com- campaigns is typically at its peak during the enroll- mon questions from enrolees such as - Why is an ment phase of an ID system, and gradually keeps ID important for them? What benefits can they avail decreasing as the program enrollment targets are from the government using this ID? What are the being met. Government provisioned processes and channels through which they can manage updates to their Typical procurement decisions in an ID system’s IEC unique identity record, among others. The likeli- strategy are influenced by the following elements, as hood of unenthusiastic residents necessitates the illustrated below in the table: Topic Key Decisions Information, ® Resident engagement plan conveying the mandates and benefit of the ID program and creating a demand for the ID ­Education and system campaign ® Channels like social media, television, print media, radio etc. ® Coverage criteria like regional level, state level etc. ® Phases for IEC such as enrollment phase, service delivery phase etc. ® Target audience for the IEC phases ® Business model for the IEC program ® Content development for the campaigns including improvement through effective feedback mechanism Stakeholders ® Identifying the stakeholders like ID Authority, IEC partners, residents etc. ® Defining the roles and responsibilities of the stakeholders Appendix A: Plan and Design  |   35 ID authorities need to ensure the registration/enroll- Institutional Structure ment of every eligible citizen/legal resident in the The institutional structure defined for an ID system is country, so that a robust ecosystem of service deliv- a critical factor in its successful implementation. This ery around the ID could be built. Hence, authori- also has to include whether the ID agency is housed ties need to actively engage partners and residents within government department or as an independent through various channels like radio, posters, social legal entity. media etc. on an ongoing basis. The illustration below outlines a typical institutional structure associated with a Government-run ID sys- tem is illustrated below: FIGURE A.5  Institutional Structure Institutional structure Organization structure Types of o ces Departments Ministry Headquarters Finance and accounts Operations Training, testing Governing board Regional o ces Technology and certification Head of ID authority Technology centre Administration CRM and logistics Authentication Service delivery centres Human resource and application Information security Enrollment and update Legal services Procurement Number of human Roles and Organization resources responsibilities hierarchy FIGURE A.6  Governance Structure Architectural Governance Governance structure Architecture Governance shall play a key role in ensuring successful implementa- tion of the ID system. It is expected that Committees a strong governance structure shall assist Technical working Steering Project management Change approval the ID authorities and the service provid- group committee committee committee ers in fulfilling their roles and responsibili- ties in the program and ensure delivery of quality work products. This section describes the governance framework for Roles and Escalation Meeting an ID program. The broad level view of Members illustrative governance structure is illus- responsibilities matrix schedule trated in the diagram below: | 36    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS Operating model FIGURE A.7  Overview of Operating Model The operating model of an ID system Operating model adopted by a Government is another important factor that influences financial Types of model Policy and operational arrangements to be used implications Evaluation in the program. Operating model of the framework Build own operate Build lease ID system demonstrates how the opera- transfer (BOOT) transfer (BLT) Risks associated tions and services in the ID program are structured. An ID system is often capital Build operate Government transfer (BOT) owned cost-intensive and substantial costs are incurred in building and managing the technology infrastructure and services ecosystem. For a government (more so For more details, please refer “Reference cost for governments in Lower Middle-Income Countries model” and “Understanding Cost Drivers of Identifi- (LMIC) countries), the choice of program financing cation Systems”1 is critical to manage budget and to decide on the methods of building services (in-house/ in partner- • Revenue Model – Some of the success- ship etc.) The type of operating model is influenced ful ID systems around the globe have also by specific financing decisions, like reducing the designed strong revenue models in order to upfront capital costs (as in a PPP-led ID system), make their ID systems ‘fiscally sustainable’ or higher operational control (in a Government-run for the Government. Popularly seen revenue ID system, with its own staff). To balance over- strategies include availing fees for specific all program management and financing needs of services from enrolled citizens/residents and ID systems, countries follow different operating subscription-based fees from ID ecosystem models that address their program requirements partners in the public and private sector for adequately. specific ID-related services. Some of the them are: An ID system’s operating model is typically influ- – Self- financed models like ‘government enced by the following elements as illustrated below: funded’, etc. – Self-sustaining financing models Business Model (charging the services provided) Implementing an ID system in a country is a costly – Financed through a ‘PPP’ model such program which requires significant investments as BOT, BOOT, BOO etc. from the Government and other applicable program partners (e.g. private sector investment agencies in – International funding support like UNDP funded ID system in Malawi, World a PPP-based model). A critical requirement in the Bank in Morocco design of a “greenfield” ID system is the develop- ment of a sound “business model” for the ID authori- Related to the roles and responsibilities of the ties. This business model would typically involve the ID authority are the business models it adopts. following components: In many cases—particularly where ID authori- ties report to line ministries—ID systems will be • Cost Model - Costs are incurred across the financed out of the national budget. However, the various phases of the program, right from the digitization of ID systems has created the poten- ‘planning and design’ phase to “implementa- tial for new business models, including generating tion” phase as well as the ongoing “steady own-revenue by charging fees for identity-related state” phase of the ID system. services, as well as public-private-partnership Note: World Bank’s ID4D group has developed a models cost estimation model to assist countries in identi- fying the capital and operating expenditure incurred across the different phases of a greenfield ID system. 1 http://id4d.worldbank.org/Cost-Model Appendix A: Plan and Design  |  37 FIGURE A.8  Business Model Business model Cost model Revenue model Services Infrastructure Enrollment and data update fees Application development IT infrastructure Physical Demographic Biometric and maintenance services infrastructure update update Information security Technical Biometric services Credential fees costs infrastructure Human resource cost Helpdesk costs Devices Authentication and E-KYC services Training and capacity Logistics services building costs Public sector Private sector IEC costs Credential cost Miscellaneous services (advertising, co-branding) Note: For more details, please refer the documents This assessment would also have to be accom- on Public sector savings and revenue from ID sys- panied by an implementation roadmap that would tems2 and Private Sector Economic Impacts from ID address the prevailing gaps and challenges faced systems3. by the existing ID system. The transition process and activities might include, but are not limited to, Typical procurement decisions in an ID system’s the following: business model are influenced by the following ele- ments, as illustrated below: • Transition from existing system to new system • From existing vendor to new vendor Transition Strategy • From paper based to new digitized system This section intends to provide guidance to coun- • Upgrading the existing services and infrastructure tries modernizing their legacy ID systems. ID • Integration with Civil Registration System of the authorities in such countries, periodically priori- country tize efforts to upgrade existing system capabilities (spanning across processes, services, applica- tions and infrastructure), as well as to accommo- Technology strategy date new services and modern technologies in the ID system. To support these activities, ID authori- A strong technology backbone and a sound strat- ties need to undertake a detailed assessment of egy for implementing the same will be vital for their legacy ID system capabilities and articulate delivering the ID services to the residents and policies and programmatic upgrades to meet developing the identity ecosystem around it. As the their envisioned goals for a futuristic ID system. enrollments in the ID system and the scope of ser- vices delivered through the ID system increases over time, the number of people authenticating 2 http://pubdocs.worldbank.org/en/745871522848339938/PublicS themselves to use the services increasing expo- ectorSavingsandRevenueIDSystems-Web.pdf 3 http://pubdocs.worldbank.org/en/219201522848336907/Private nentially and this calls for a strong technical infra- SectorEconomicImpactsIDSystems-Web.pdf structure to support this. | 38    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS The major sections within the technology design if the ID authority plans to enroll resident with strategy includes: biometrics. With ever increasing database size in the country and given the criticality of this A. Application Sub-system: Important applications component, it is important to design a robust such as enrollment system, authentication system. system customer relationship management An ID system would need a technology refresh on etc. may be developed as per the latest emerg- an ongoing basis. The technology upgrade needs ing technologies. This section highlights the to be planned and emerging technologies should be important applications which could be devel- carefully evaluated and adopted to improve the ser- oped to support the ID system infrastructure, vices and lower the cost of operations. However, ID including: authorities should ensure the design and architec- 1) Core applications such as ­ enrollment, ID ture principles are compiled while doing the techno- authentication proofing, deduplication and ­ logical upgrade of the solution. systems; 2) Supporting applications such as busi- The ID system consists of technology components ness intelligence systems, resident- that require periodic upgrades to keep up with tech- focused mobile applications etc. nological advancements made over time. Adoption of emerging technologies in technological areas B. Technology infrastructure: This section highlights such as - network, server, storage, application, bio- the necessary technical infrastructure like servers, metric and operations – must be periodically priori- network, storage etc. to operate the ID system. tized during the phases of ID system. As the legacy C. Information security: With the increasing need technology infrastructure ages over time or reaches to protect resident data and privacy, a strong an “end of support” stage, ID authorities should plan information security architecture must be in and procure the appropriate technology available to place with necessary policies, security tools enhance the capabilities of the ID system depending and infrastructure to ensure this. on the business requirements of the ID authority. D. Biometric system design: Biometrics may play an important part in an ID system as it accu- Typical procurement decisions in an ID system’s rately detects possible duplicates and improves technology strategy are influenced by the following the accountability, efficiency of the ID system, design elements, as illustrated below in the table: Topic Key decisions Core Identity ® Enrollment/ data update client functions ® Enrollment backend application ® Issuance of Credential ® Authentication API depending on types of authentication decided ® Grievance redressal application and portals Ancillary functions ® Administrative applications ® Knowledge management system ® Mobile application for residents ® Identity and access management system ® Document management system ® Analytics and Business Intelligence Module ® Testing and deployment module ® Fraud Management system ® Portals- Partners and public ® Logistics services ® IT monitoring and management systems Appendix A: Plan and Design  |   39 IT Infrastructure The broad overview of the IT infrastructure ecosys- tem is illustrated in the following diagram: Topic Key decisions Design ® Compute architecture ® Storage architecture Network architecture (Local and Wide Area Networks) ® Backup and Disaster Recovery architecture Information security The broad overview of the information security is illustrated in the following diagram: Topic Key decisions Design ® Security for IT infrastructure such as database, storage, network, etc. ® Governance, risk and compliance framework including policy management, risk management, audits etc. ® Security operations infrastructure Software ® Monitoring and management tools ® Security tools Hardware ® Security Operations Infrastructure (SOC) infrastructure ® IT infrastructure for security Biometric system design ID authorities to enroll residents with their biomet- rics for building an ID database without duplicates. One of the characteristics of the ID system is enroll ID authorities need to design the biometrics system residents and avoid duplicates. To ensure this, it is to procure the required infrastructure and devices necessary that the resident’s identity information for the program. Multiple decisions like number of which is captured is verified in the ID database to modalities, data standards need to be made. The ensure no duplicates are entering the database. key decisions which need to be taken are included Additionally, biometrics enable easy authentica- in the table below: tion with high accuracy. Hence, it is beneficial for Topic Key decisions Design decisions ® Number of modalities ® Type of biometric modalities ® Deduplication and manual adjudication process design ® Biometric systems performance o Identification and authentication accuracy figures (FPIR and FNIR) o Throughput time for de-duplication and authentication, o Response time for de-duplication and authentication ® Database sizing (size of raw image and template for modalities) Biometric standards ® Data standards for different modalities ® Image acquisition standards ® Standards for quality control, compression, storage and templates ® Enrollment and authentication device standards | 40    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS For more information on the biometric technology, please refer “Technology landscape4” and “Catalog of ­Technical Standards5, ID4D Practitioners guide6” The summary of technology-related procurement for an ID system is: Service Topic Procurement (Services and Infrastructure) Enrollment Software ® Enrollment application ® API’s for biometric data capture and quality checks Hardware ® Enrollment kit including desktops, printer, cameras, etc. Physical Infrastructure ® Setup of permanent and mobile centers ® Procurement model of centers (Rent/ Lease/ Own) Human Resources ® Staffing of resources at the enrollment stations ® Training of the resources Logistics ® Collection and Storage of validation documents ® Data transfer to ID authority Data Update (Data Hardware ® Data update kit management) ® Device specifications Software ® Data update client ® Quality assurance and fraud management system ® Document management system (if needed) Physical infrastructure ® Service delivery centers Credential and issuance Software ® Credential personalization and tracking ® Logistics portal for partners ® Self-print portal Hardware ® Printing infrastructure like printers, desktops, etc. Services ® Logistics partner Authentication Software ® Authentication APIs ® Risk prevention and fraud management systems Hardware ® Authentication infrastructure like desktops etc. ® Biometric capture devices ® IT infrastructure for offline authentication Customer Relationship Software ® Customer Relationship Management application Management ® Citizen/Resident facing websites, mobile apps ® Contact Center Software (Automatic Call Distribution (ACD), Interactive Voice Response System (IVRS)) ® Chatbots and Social Media plug-ins Hardware ® Contact Center Infrastructure Physical infrastructure ® Contact centers for Customer Relationship Management (continued) 4 http://pubdocs.worldbank.org/en/199411519691370495/ID4DTechnologyLandscape.pdf 5 http://documents.worldbank.org/curated/en/707151536126464867/Catalog-of-Technical-Standards-for-Digital-Identification-Systems 6 http://documents.worldbank.org/curated/en/248371559325561562/pdf/ID4D-Practitioner-Guide-Draft-for-Consultation.pdf Appendix A: Plan and Design  |   41 Service Topic Procurement (Services and Infrastructure) Training, Testing & certifi- Software ® Training software if required cation agency and content ® Testing and certification software for candidates undergoing training development agencies Physical infrastructure ® Training facilities IT infrastructure ® Number and tier rating of data centers, including disaster recovery ® Ownership of data centers (e.g., owned, co-located, private cloud service providers) ® What type of software will be used (i.e., proprietary or open-source) | 42    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS APPENDIX B: IMPLEMENTATION This is the phase in which, the selected vendor(s) ensure compliance with requirements specified in commence the design, development and deploy- the RFP(s). ment activities in the ID system implementation. The major components in this implementation The table below outlines key decisions and consider- phase include periodic monitoring activities to ations to be addressed by ID authorities in this phase. Topic Key decisions Monitoring and ® Monitoring and Evaluation framework to be defined for the services procured including but not limited to Biometric Compliance to ­ services, Infrastructure services, Application development and maintenance, Logistics, CRM etc. requirements ® Process to ensure the conditions and scope of services defined in RFP    ⚬  Monitoring the RFP project deliverables    ⚬  Conformance to project timelines    ⚬  Adherence to process and technical specifications    ⚬  Monitor the Service level agreements    ⚬  Processes to ensure the BOM deliverables as per the plan defined in RFP    ⚬  Conformance to contractual conditions Appendix B: Implementation  |  43 APPENDIX C: STEADY STATE The “steady-state” phase of the ID system life- both parties. The main objective is to improve overall cycle, includes processes that have to be followed effectiveness of the ID system by institutionalizing by ID authorities, after a successful ID system an approach to monitor and evaluate the effective- ­ implementation (as envisioned in the ‘Plan and ness of services. It will also be used to learn how Design’ phase). The major components of the steady- the system is being used in real life compared to the state phase include: strategic expectations of the ID authority carried out in Phase – “Plan and Design”. The monitoring and a. Monitoring and evaluation evaluation process will involve a periodic evaluation b. Audit and compliance of enrollment processes, personnel and infrastruc- ture to ensure quality, efficiency and effectiveness. c. Innovation ID authorities need to define KPIs for d ­ifferent d. Transition (Vendor to the government and/or services and processes in the scope of work, which ­ vendor to another vendor) would be measured against the actual performance of the vendor(s). This would help in a compara- In the steady state, it is critical to have key moni- tive and independent evaluation of the services toring processes in place to oversee assets and provided by the vendor(s). Broadly put, a monitor- activity during this “steady state” phase (e.g. over- ing and evaluation framework will enlist who will all activity, quality of input data, performances monitor activities performed by the vendor(s) and including accuracy of biometric matching, dynam- outline the necessary actions to be taken in case ics in fraud patterns, grievances, etc.). Another the service levels are not met. Key considerations benefit of this activity is that it helps ID authori- for ID authorities when defining such a framework, ties to better manage the transition and innovation include the following: components. • The ID authority should clearly define the Once the contract period with the vendors comes complete end to end process, the frequency to an end, ID authorities have to find the best way of measurement, and how the data around to ensure smooth contract renewals, without any important program indicators would be service disruption. In this phase, an ID authority collected. can add new services, enhance already existing • The ID authority should generate peri- services and procure cutting-edge infrastructure odic reports for stakeholders implementing based on the needs and requirements of the ID the ID system as well as for the governing system. body for tracking the outcomes of the ID program. Monitoring and Evaluation • The ID authority should the define success cri- teria for the ID implementation, against which An effective and standardized monitoring and evalu- the progress will be measured. ation process will serve as a control mechanism for vendor(s) to deliver on the expected service levels, The table below outlines key decisions and consider- as outlined in the ‘service level agreement’ between ations to be addressed by ID authorities: Appendix C: Steady State  |   45 Topic Key decisions Monitoring and ® A ‘Monitoring and Evaluation’ framework to be defined for the services procured including but not limited to Biometric Evaluation services, Infrastructure services, Application development and maintenance, Logistics, CRM etc. ® Processes to check compliance with legal and regulatory framework ® Parameters and methodologies for assessing various services provided by the bidder including but not limited to:    ⚬  Throughput and response time    ⚬  Scalability    ⚬  Integration    ⚬  Interoperability    ⚬  Enrollment in a specific time period with average time for issuance    ⚬  Biometric systems performance    ⚬ Customer relationship management parameters like average response time, satisfaction matrix from the customers etc. ® Standards operating processes for monitoring and evaluation procedure ® Frequency for monitoring and evaluation reports Audit and Compliance of compliance preparations, security policies, user access controls and risk management procedures, Performing periodic compliance audits enable ID from time to time. authorities to ensure a comprehensive review of the ID system’s adherence to legal and regulatory guide- The table below outlines key decisions and consider- lines. Audit reports generated through such audits ations to be addressed by ID authorities. can demonstrate the strength and thoroughness Topic Key decisions Audit and Procedure to ensure compliance to all laws applicable to ID system Compliance ® ID authority to encourage and enforce compliance with data protection laws and privacy laws ® Procedure and timelines for audit and compliance procedures ® Provision to ensure audit efficacy of the enrollment process to enroll residents ® Service under the authentication function to be audited and check for compliance ® Service level agreement (SLA) for audit and compliance to be defined ® Provision to incorporate inputs from audit and compliance procedures Box C.1: Challenges faced in procurement for digital ID system by countries A national development agency from a country in the Latin American and Caribbean region, faced an allegation that their contractor received preference during the procurement process. This led to an audit on whether the procurement of the national identity card and passport system was properly conducted in accordance with the proper regulations. | 46    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS Innovation C. Increase services provided by the ID authority. D. Help minimize disruption in services. ID authorities should strive to continuously introduce various innovations in the ID system, based on newer An ID authority should look at the existing contracts technology trends in the market, learnings from the and post evaluation of the vendor(s). It may choose past challenges faced, and so forth. As an important to do the following: component in the steady state phase, the following considerations can be prioritized: 1. In-house development of services After the contract terminates for specific ser- A. Developing a roadmap for short term and vices, the ID authority has the option to develop long-term goals – where the ID authority could the services in-house. The following points clearly define its short term and long-term goals could be considered while taking the decision: for the ID system. a. Short-term goals for the ID system might a. The ID authority has developed the requisite include efforts to add new s­ervices and expertise for delivering the services. improving the current services for the b. The strategy is aligned with the architecture residents. principles of the ID system and provide more b. Long-term goals might include efforts to tran- independence to the ID authority. open-source, open- sition completely to an ­ 2. Re-distribution of services to the various standard, private cloud implementation or vendors developing an in-house biometric solution 3. Upgrade of the IT infrastructure necessary for for the ID system etc. providing quality of services: ID authorities should include all the goals in their a. Procurement and implementation of the simi- roadmap and continuously try to achieve them. lar proprietary systems B. ID authorities should continuously seek to In case the open source platforms are unable incorporate learnings from the challenges or to meet the business requirements, the ID roadblocks faced by them during the “procure- authority may have to continue with the pro- ment”, and the “implementation” phases of the prietary products. Following are the pros and ID system lifecycle, as well look to incorporate cons of adopting such an approach: learnings from other ID systems. i. Advantages: Best in class products can C. Services ecosystem - where ID authorities be sourced through competitive bidding could add more services and continuously to enable fitment of the solution vis-à-vis improve the services offered to the residents. the business requirements. Better tech- nical support can also be made available through the OEM partners. Transition ii. Disadvantages: ID authorities need to manage various transitions A. The products will be proprietary and during the ID system lifecycle. The termination of can lead to an over-dependence on contracts for vendor(s) might result in a need to refor- the OEM partner(s). Limitations of mulate the strategy for procurement of ongoing ser- the OEM partner(s) could also be a vices, addition of new services, or IT infrastructure. disadvantage. B. Customization, integration and migra- The purpose of a “transition” stage is to: tion efforts may be curtailed. A. Enable new vendors to transition and take over b. Transition to an open source system existing services from the incumbent vendors. Often, vendor lock-in inhibits an ID author- B. Enhance quality of services, optimize cost of ­ bility to adequately modernize a legacy ity’s a operations and improve information security. ID system over time. Having a clear vision Appendix C: Steady State  |   47 on the need for a primarily open-source/ from vendors becomes an important pro- open standard driven technology stack will curement consideration for authorities. allow authorities enough flexibility to easily i. Advantages will be; upgrade critical system components with A. No over-dependence on the OEM lower vendor dependency. The open source partner(s) solution should be evaluated on maturity of software and community, level of transpar- B. No product and technology lock-in ency, licensing type, guarantees in terms of C. Better control over the system and maintenance and other liabilities. Also, since product implementing an ID system often requires ii. Disadvantages: ID authorities would need considerable technical expertise, embed- to source more in-house technical capac- ding the right technical support requirements ity to implement the open source solution. | 48    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS APPENDIX D: KEY TERMS AND DEFINITIONS This glossary provides operational definitions of “true” owner of an identity or credential (authen- identity-related concepts as commonly used in the tication). In some cases, however, authenti- development sector. They are part of an effort by cation procedures go beyond establishing a the World Bank to standardize the language we use legitimate claim to an identity and also verify in ID4D publications and operational work, and we particular attributes. hope they will be useful to other development part- ners and practitioners as a point of departure. Biometric characteristic Attribute A biological (fingerprint, face, iris) or behavioral (gait, handwriting, signature, keystrokes) characteristic of A named quality or characteristic inherent in or an individual that can be used for biometric recogni- ascribed to someone or something. In identifica- tion (adapted from ISO/IEC 2382-37). tion systems, common personal identity attributes include name, age, sex, place of birth, address, ­ fingerprints, a photo, a signature, an identity number, Biometric identification date and place of registration, etc. [Source: Adapted The process of searching against a biometric enroll- from NIST (2013a)] ment database to find and return the biometric ref- erence identifier(s) attributable to a single individual Authentication (ISO/IEC 2382-37). The process of proving that a person is who they claim Usage: to be. Digital authentication generally involves a per- son electronically presenting one or more “ ­factors” • Biometric identification is often used to dedupli- or “authenticators” to “assert” their identity—that is, cate identity records during or after enrollment to prove that they are the same person to whom the (i.e., to perform a duplicate biometric enrollment identity or credential was originally issued. These check). factors can include something a person is (e.g., their fingerprints), knows (e.g., a password or PIN), has Biometric recognition (e.g., an ID card, token, or mobile SIM card), or does (e.g., their handwriting, keystrokes, or gestures). The automated recognition of individuals based on [Source: adapted from OWI (2017), NIST (2013a), their biological and behavioral characteristics. Biomet- World Bank 2016]. ric recognition encompasses both biometric identifica- tion and biometric verification (ISO/IEC 2382-37). Usage: • “Two-factor” authentication involves more than Biometric verification one of the factors described above (i.e., two The process of confirming a biometric claim through things among what the person is, knows, have, biometric comparison (ISO/IEC 2382-37). and/or does). • Although authentication and verification are Usage: related and often used interchangeably in the ID4D context, they can be distinguished by • Biometric verification is used during authenti- whether the process involves determining the cation procedures (i.e., a 1:1 match of a cap- veracity of particular attributes or credentials tured biometric template against one stored on (verification) or ensuring that a person is the a card or in a database. Appendix D: Key Terms and Definitions  |   49 Civil registration Digital identification (ID) system The continuous, permanent, compulsory and univer- An identification system that uses digital technology sal recording of the occurrence and characteristics of throughout the identity lifecycle, including for data vital events pertaining to the population, as provided capture, validation, storage, and transfer; credential through decree or regulation in accordance with the management; and identity verification and authenti- legal requirements of each country (UNDESA 2014). cation. [Source: adapted from World Bank 2016]. Credential Digital signature A document, object, or data structure that vouches An asymmetric key operation where the private key for the identity of a person through some method of is used to digitally sign data and the public key is trust and authentication. The common types of identity used to verify the signature. Digital signatures pro- credentials include—but are not limited to—ID cards, vide authenticity protection, integrity protection, and certificates, numbers, passwords, or SIM cards. A bio- non-repudiation, but not confidentiality protection. metric identifier can also be used as a credential [Source: NIST SP800-63-3: https://nvlpubs.nist.gov​ once it has been registered with the identity provider. /nistpubs/SpecialPublications/NIST.SP.800-63-3.pdf] [Source: adapted from World Bank (2016, 2018b)]. Usage: Electronic signature • The identity “credential” is preferred to iden- An electronic authentication technique that carries tity “document” in most contexts, as it is more the legal weight of—and substitutes for—a handwrit- encompassing, and many digital credentials ten signature. [Source: Adapted from UNCITRAL are not physical documents. Model Law on Electronic Signatures with Guide to Enactment 2001.] Deduplication Usage: In the context of identification systems, deduplication is a technique to detect duplicate identity records. Bio- • Note that “electronic signature” and “digital sig- metric data—including fingerprints and iris scans— nature” are NOT synonymous. Digital signa- is commonly used to perform a duplicate biometric tures are one technical implementation of an enrollment check to identify false or inconsistent iden- electronic signature using public-key cryptogra- tity claims and to establish uniqueness (adapted from phy. In addition, digital signatures are also used ISO/IEC 2382-37 and World Bank (2018b)]. for functions (e.g., authenticating devices) that do serve the same purpose as an electronic signature (which is specifically to substitute for Digital identity a handwritten signature). A set of electronically captured and stored attributes and/or credentials that uniquely identify a person. Foundational identification (ID) system [Source: adapted from World Bank (2018b), EC (2017), IDB (2013)]. An identification system primarily created to provide general identification and credentials to Usage: the population for public administration and a wide variety of public and private sector transac- • The term “digital identity” is commonly used tions, services, and derivative credentials. Com- when referring to a person’s digital identity, mon types of foundational ID systems include whereas the term “digital ID” when referring to civil registries, national IDs, universal resident a digital identity credential or system. ID systems, and population registers. [Sources: • A ‘digital identity’ is synonymous with “elec- adapted from World Bank (2018a, 2018b), Gelb & tronic identity” in most ID4D contexts. Clark (2013)]. | 50    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS Usage: (e.g., “national ID card” rather than “national ID”) in order to avoid ambiguity where appropriate. • Countries typically have multiple foundational ID systems that may not be entirely distinct. For Identification example, one country may have a population register linked to the civil registration system The process of establishing, determining, or rec- that is used both to generate statistics and as ognizing a person’s identity. [Source: adapted from the basis on which national ID cards are issued. World Bank (2018)]. • Foundational ID systems are also typically legal ID systems, with the primary purposes Usage: of establishing or recognizing legal status and issuing government-recognized credentials. • Use “identification/ID system” when referring to the specific processes or systems used for • The distinction between foundational and func- identification. tional ID systems is about the purpose for which they were created. For example, functional cre- • Use “identity document,” “ID,” or “credential” when referring to a “form of identification” dentials (e.g., driver’s licenses or social security numbers in the U.S.) that serve as the primary means of identification and authentication for a variety of purposes, should not be considered Identification (ID) system foundational ID systems. Some countries, how- The databases, processes, technology, credentials, ever, have built foundational ID systems based and legal frameworks associated with the capture, on functional systems (e.g., Bangladesh). management, and use of personal identity data for a general or specific purpose. [Source: adapted from World Bank (2017)]. Functional identification (ID) system Usage: An identification system created to manage the iden- tity lifecycle for a particular service or transaction, such as voting, tax administration, social programs • Use “identification/ID system” instead of “identity system,” including in all compound types of ID and transfers, financial services, and more. Func- systems (e.g., use “foundational identification/ tional identity credentials—such as voter IDs, health ID system” rather than “foundational identity and insurance records, tax ID numbers, ration cards, system”). driver’s licenses, etc.—may be commonly accepted as proof of identity for broader purposes outside of their original intent, particularly when there is no foun- Identity dational ID system. [Sources: adapted from World Bank (2018a, 2018b, 2016), Gelb & Clark (2013)]. A set of attributes that uniquely identify a person. [Source: World Bank (2017, 2018b)] ID Identity document (ID) 1. Identity document (see ‘Credential’). 2. See ‘Identification’. An identity credential. See also “ID”. Usage: Identity ecosystem • Use “identify” when referring to the verb (e.g., write “people have no way to identify themselves” rather The set of identification systems—including ­databases, than “people have no way to ID themselves”). credentials, laws, processes, protocols, etc.—and their • When referring to a specific credential, interconnections within a geographic area or particular add a description of that credential after ID sector. [Source: adapted from World Bank 2016]. Appendix D: Key Terms and Definitions  |   51 Identity lifecycle other credentials. In many countries, a primary func- tion of national ID systems has been to establish and The process of registering, issuing, using and man- provide recognition and proof of citizenship and/or aging personal identities, including enrollment of residency status. identity data; validation through identity proofing and deduplication; issuing credentials; verification and Usage: authentication for transactions; and updating and/or revoking identities and credentials. [Source: adapted • There is no commonly agreed-upon definition from World Bank (2016)]. of an NID system and countries have used this term to refer to a variety of types of ID sys- tems. For example, “national” may be inter- Identity proofing preted both as providing proof of nationality and/or in the sense that the system is nation- Establishes the uniqueness and validity of an individ- wide in scope. ual’s identity when they register in an ID system. Iden- tity proofing may rely upon various factors such as • Most so-called NID systems normally provide proof of legal identity identity documents, biographic information, biometric information, and knowledge of personally relevant • Use “national ID” or “NID” when referring to information or events, and may be done in-person or the credential (e.g., a card) and “national ID remotely. [Source: adapted from NIST (2015, 2017)]. system” or “NID system” when referring to the entire system, including databases, etc. Identity provider Public Key Infrastructure (PKI) The entity—e.g., a government agency or private firm—with primary responsibility for issuing and man- A set of policies, processes, server platforms, soft- aging identities and credentials throughout the identity ware, and workstations used for administering cer- lifecycle. [Source: adapted from World Bank (2016)]. tificates and public-private key pairs, including the ability to issue, maintain, and revoke public key cer- tificates. [Source: NIST SP800-63-3: https://nvlpubs. Interoperability nist.gov/nistpubs/SpecialPublications/NIST.SP.800- 63-3.pdf] The ability of different functional units—e.g., sys- tems, databases, devices, or applications—to com- municate, execute programs, or transfer data in a Population registers manner than requires the user to have little or no A database of every individual that has the right to knowledge of those functional units (adapted from reside in the country, including citizens and non- ISO/IEC 2382). citizens, children and adults. Population registers typically contain demographic data and life-event (Level of) identity assurance (LOA) information that is the basis of or exchanged with other identification systems and databases such as The ability to determine, with some level of certainty national ID systems, civil registers, and others. or assurance (LOA), that a claim to a particular iden- tity made by some person or entity can be trusted Proof of legal identity to actually be the claimant’s “true” identity. [Source: World Bank 2016]. Government-recognized credentials—such as birth certificates, identity cards, and unique identity National identification (ID) system numbers—that serve as proof of legal identity in ­ accordance with national law, irrespective of whether A foundational identification system that provides they also serve as proof of citizenship. [Pending national IDs (NIDs)—often a card—and potentially HLAC/UN definition] | 52    PROCUREMENT GUIDE AND CHECKLIST FOR DIGITAL IDENTIFICATION SYSTEMS Seeding Universal resident ID system One-to-one mapping of identity records in an existing A digital, foundational ID system that uniquely iden- database with those in another database (e.g., via tifies and provides government-recognized creden- a unique ID number). Seeding can be done in bulk tials to all residents of a country, including citizens with no action required by individual users (“inor- and non-citizens. ganic seeding”) or on a case-by-case bases as users interact with one of the systems (“organic seeding). Usage: [Source: adapted from IDB (2013)]. • NID systems may be universal resident ID systems to the extent that they are digital Social register and provide IDs to legal residents as well as citizens. A database that contains socioeconomic data on the population—at the individual and/or household level—for the purpose of unifying the targeting and Verification distribution of social programs, such as cash trans- fers and pensions. The process of verifying identity attributes determining the authenticity of credentials in order or ­ Unique ID number (UIN) to facilitate authorization for a particular service. [Source: adapted from World Bank (2018a)]. In the context of identification systems, a number that uniquely identifies a person—i.e., each person only Usage: has one UIN and no two people share the same UIN— for their lifetime. UINs are typically assigned after vali- • Although authentication and verification are dating a person’s identity and statistical uniqueness related functions and often used interchange- through a process such as biometric deduplication. ably, they can be distinguished by whether [Source: adapted from World Bank (2016)]. the process involves determining the verac- ity of attributes or credentials (verification) or Usage: ensuring that a person is who they claim to be (authentication) • In general, use “UIN” and not “UID” unless refer- During the identity proofing process, the term ‘veri- ring to a country-specific system (e.g., as in India) fication’ is typically used to refer to the process of • Many countries have UINs that are referred to verifying that the applicant is the true owner of the as national ID numbers or “NINs” claimed identity and evidence. Appendix D: Key Terms and Definitions  |   53 id4d.worldbank.org