idland-v1

--- effects: - [set, displayHeader, false] --- ![logo](./files/start-idland.png) A game designed to help practitioners learn about good practices for the next generation of ID systems. [[Play the game->0.4 disclaimer]] [[About the game->0.2 about]]

--- variables: flash: [] displayDebug: true displayHeader: true trust: 0 inclusion: 0 widgets: - type: meter listen: inclusion - type: meter listen: trust ---

--- icon: [IconSearcheye,2] --- In this social policy game, you take on the role of the head of an agency tasked with implementing a digital identification system in the fictional country of IDLand. [[Next->0.3 about 2]]

###ID Fact ![ID Fact: Sustainable Development Goal 16.9](./files/idfact-sdg169.png) Ensuring that everyone has access to identification is the explicit objective of Sustainable Development Goal (SDG) Target 16.9—to “provide legal identity for all, including birth registration” by 2030. [[We shall achieve this!->2.1 VISION START]]

#### Where to start? As the head of this initiative, you start by mapping out good practices to guide your efforts. ![principles on identification](./files/idfact-principles-id.jpg) A good place to start is the [10 Principles of Identification](https://id4d.worldbank.org/principles). The Principles point you to several areas of concern: - inclusion:universal accessibility - People-centric and service delivery-oriented design - Building trust by protecting privacy and rights [[Ok!->1.10 tutorial]]

--- icon: [BadgePbVision,3] --- In this track you will define the main goals of your ID system. It should take 5 to 10 minutes to complete. ####Ready to start scoring? [[Let's go for it->2.2]]

--- effects: - [set, displayHeader, true] --- ![prototype](./files/icon-plan.png) ### It is time for a change! Revamping the identification system seems like a good idea. Advisors are telling you that you will have to build it almost from scratch. [[Well...->2.3]]

--- icon: [IconQuestion,2,0,You would like to proceed by...] --- **A.** Developing the vision for the new ID system by holding consultations with stakeholders. **B.** Deciding on which digital technologies to use for the ID system by meeting with representatives from tech companies. [[Follow Advisor A->2.6A][{inclusion:10,trust:10}]] [[Follow Advisor B->2.6B][{trust:-10}]]

###Great choice! Engaging with diverse stakeholders is critical for developing a successful ID system. ID projects require a high level of political commitment, a “whole of government approach,” and close coordination with civil society and the private sector, to ensure that the system serves all well. [[I believe in an ID system that works for everyone!->2.9]]

Technology is relevant, but it is just one aspect of ID systems. Making use of the latest innovations can help maximize the system’s benefits, but only if the chosen technology reflects local needs and realities. Not to worry, though. We will circle back to relevant technologies later, OK? [[Consult with stakeholders first->2.9][{trust:10}]] [[With the best tech, the rest will fall into place->2.7 anti hype 1][{trust:-10}]]

--- icon: [BadgePbVision,3] --- #### Congratulations on successfully concluding stakeholder consultations! Let’s check if you have a clear vision for your ID system. [[Ok!->2.40 purpose]]

![brand new tech](./files/icon-blockchain.png) If commitment to a (new) technology or vendor comes before there is consensus on how, by whom, and for what purpose the ID system will be used, there is a high risk that it will not fit the country’s needs and represent poor value for money. [[Hmmm, I see...->2.8 anti hype 2]]

--- icon: [IconAttention,2] --- Poorly informed IT choices and related procurement or public-private partnerships may lead to vendor and technology lock-in, increasing the cost and reducing the adaptability of the system. The technology must be a means to an end. Be wary of the hype! [[Got it. Let’s hear from the stakeholders.->2.9][{trust:10}]]

What is the **main reason** you want to build a new ID system in IDLand? [[2.60 purpose-2]] [[2.50 purpose-1]] [[2.70 purpose-3]] [[2.80 purpose-4]]

####To provide access to services and rights [[Choose this->2.51][{inclusion:10,trust:10}]]

####To boost the digital transformation of the government and economy [[Choose this->2.61][{trust:10}]]

####To reduce fraud and corruption [[Choose this->2.71][{trust:10}]]

####I am not sure... IDLand’s neighbor just launched a new ID system and it is getting a lot of traction [[Choose this->2.81][{trust:-10}]]

A foundational ID system can improve service delivery across a number of sectors. For example, it can make it easier for people to open bank accounts and for banks to conduct customer due diligence. It can also help ensure that social assistance reaches its intended beneficiaries, minimizing leakages. [[Indeed!->2.54]]

ID systems can underpin the digital economy by providing on-demand, secure authentication of users, organizations, and devices to enable a variety of digital platforms and services (e.g. online tax filing, e-payments, commercial marketplaces). [[Indeed!->2.62]]

###That's nice. Strengthening identification and authentication methods can help prevent identity-related fraud and streamline service delivery by both public and private sectors. [[Indeed!->2.72]]

### Well... As the head of an ID agency, you need to have clear goals in mind. How will the ID system benefit people, the government, and the private sector? [[Ok, let's go back to confirm the goals->2.40 purpose]]

So, how will the ID system **improve access to services and rights**? [[2.55A]] [[2.55B]] [[2.55C]]

####Providing all IDLand citizens with an ID [[Choose this->2.56 A][{inclusion:0, trust:0}]]

####Providing an easy and convenient way for in-person and online authentication [[Choose this->2.56 B][{inclusion:10, trust:10}]]

####Making the use of fingerprints for authentication mandatory [[Choose this->2.56 C][{inclusion:-10, trust:-10}]]

--- icon: [IconIdea,2] --- Improving access to services and rights implies greater choice and convenience when it comes to proving one’s identity, and ensuring service providers have access to more accurate, trusted data. [[I will keep this in mind!->2.97]]

--- icon: [IconIdea,2] --- Your ID system can serve several purposes. But no one should be denied basic rights and services because they cannot access or use a specific ID. [[Got it->2.99][{inclusion:10, trust:10}]] [[Not clear yet->2.98][{inclusion:-10, trust:-10}]]

--- icon: [BadgeColorVision,3] --- ### You've got VISION badge This is the very first step to implement a good ID system. **You’re one step closer to the launch!** [[Alright!->2.100 vision newspaper]]

--- effects: - [set,displayHeader,true] --- ### Key takeaways [[2.103]] [[2.104]] [[2.105]]

--- icon: [IconQuestion,2] --- You can focus on digital transformation, but make sure that no one gets left behind. A recent survey indicates that 55% of adults in IDLand do not have a smartphone... **Will they still be able to obtain a new ID and use it to access services?** [[Yes->2.64]] [[Not yet->2.63][{inclusion:-10}]]

How would you like to use the ID system to **boost digital transformation**? [[2.65A]] [[2.65B]] [[2.65C]]

### You lost some inclusion points! You should take into account factors such as mobile coverage, digital infrastructure, and, of course, whether there are digital services available in order to not exclude part of your population. That's how you promote Digital ID for development. [[Got it->2.64][{inclusion:10}]]

#### Using biometrics for authentication for accessing all services [[Choose this->2.66 A][{inclusion:0, trust:0}]]

####Providing an easy and convenient way for in-person and remote online authentication. [[Choose this->2.66 B][{inclusion:10, trust:10}]]

####Creating a digital database that brings together all data about an individual from different sectors (e.g. health, education, tax). [[Choose this->2.66 C][{inclusion:-10, trust:-10}]]

In order to reduce identity-related fraud, it will be important to carefully consider the levels of assurance required for different transactions and services. **How about a re-cap on ‘Levels of Assurance’? ** [[No need, all clear.->2.74]] [[Yes, please.->2.73]]

That said, how would you use the ID system to **reduce fraud**? [[2.75A]] [[2.75B]] [[2.75C]]

![loa](./files/icon-loa.png) **Level of assurance (LoA)** is the ability to determine, with some level of certainty, that a claim made concerning a particular identity is true. This should be proportional to the likelihood and impact of identity-related fraud. [[Give me an example->2.73 example]]

####Link the ID system to the public payroll to remove ghost workers [[Choose this->2.76 A][{inclusion:0, trust:0}]]

####Link the ID system with the civil registry to notify other systems/programs about deceased individuals [[Choose this->2.76 B][{inclusion:10, trust:10}]]

#### Make online pre-registration and digital authentication mandatory for all public services [[Choose this->2.76 C][{inclusion:-10, trust:-10}]]

--- icon: [IconIdea,2] --- The ID system can be a valuable tool to combat fraud. But stringent requirements for obtaining an ID or complex and limited options for authenticating one’s identity to access a service or transaction can lead to exclusion and increase costs. **An important trade-off to keep in mind!** [[Got it!->2.97]]

--- icon: [IconNoteredux,2] --- The purpose of the game is to understand trade-offs when designing and implementing ID systems, including topics related to general principles, and applied decisions related to planning and managing ID systems. [[Let's start the game->0.4 disclaimer]]

![welcome](./files/idland-welcome.svg) Welcome to **IDLand**, a fictional country where you are the head of a government agency looking to implement an identification (ID) system. [[I understand and accept the mission!->1.2 idfact billion]]

###ID FACT Globally, 1 billion people lack official proof of identity. ![ID Fact: one billion people lack a legal proof of identity](./files/idfact-one-billion.jpg) [[That is a lot!->1.3 why id gap matter]]

--- effects: - [set, displayHeader, true] --- ### Your goal is to build a foundational ID system that fosters inclusion and trust. Your progress will appear on the health meters! Click to simulate how your decisions will be scored. [[Include more people->1.11A][{inclusion:10}]] [[Include fewer people->1.11B][{inclusion:-10}]]

--- effects: - [set,flash,[inclusion]] --- ###Look! If your choice fosters inclusion, you will earn some inclusion points. [[Try to include fewer people->1.12A][{inclusion:-10}]]

--- effects: - [set,flash,[inclusion]] --- ### Look at the health meters! If your choice might lead to people being excluded from the ID system or from accessing related services, you will lose a few inclusion points. [[Try to include more people->1.12B][{inclusion:10}]]

Conversely, you will lose a few inclusion points if your choice might lead to people being excluded from the ID system or from accessing related services. [[Next->1.13][{inclusion:-10}]]

Conversely, you will earn a few inclusion points if your choice fosters inclusion! [[Next->1.13][{inclusion:-10}]]

--- effects: - [set, displayHeader, false] - [set,flash,[]] icon: [IconIdea,2] --- **The same logic you saw for inclusion also applies to trust.** Decisions that enhance trust in transactions as a result of more accurate, secure, and easily verifiable identities and those that increase public confidence in the ID system more broadly will earn you trust points. Those that have the opposite effect, will lower your score. [[Next->1.14]]

--- icon: [BadgePbSecurity,2] --- Now that you've learned how to score, let’s get you on the path toward a strong (fictional) foundational ID system. *(Also, don’t forget: this is all a game and the scoring is not an exact science.)* [[Next->1.15 mandate]]

--- icon: [IconIdea,2] --- Like other countries, IDland wants to build a "foundational" ID system that provides official or "legal" proof of identity for its people. It wants this system to make use of digital technologies so people can use the ID to securely prove who they are. [[I see->1.9 PRINCIPLES OF ID]]

### Congratulations! Your mandate as the head of IDLand's ID program is about to start. Your citizens want an easy and convenient way to prove who they are when accessing services. [[Ready to serve!->2.0 idfact sdg]] [[But I just got appointed!->1.17]]

--- icon: [BadgePbHands,2] --- Now that your vision for the ID system is clear, it is time to turn to the planning and design process. There is no one-size-fits-all solution, but global guiding frameworks of good practices, such as the **[Principles on Identification for Sustainable Development](https://documents.worldbank.org/en/publication/documents-reports/documentdetail/213581486378184357/)**, can help you navigate this process. [[Got it!->3.2 assessment]]

--- icon: [IconClock,2] --- This track will take about 5-10 minutes to complete and focus on certain design and planning decisions related to inclusion, design, and governance. Before we get started, let’s review the Principles! [[I'm ready->3.2 pillar 1]]

--- icon: [IconIdea,2,0,"PILLAR 1: INCLUSION"] --- > **1.** Ensure universal access for individuals, free from discrimination. > **2.** Remove barriers to access and use. [[Show me pillar 2->3.3 pillar 2]]

--- effects: - [set, displayHeader, true] --- ### INCLUSION #### IDLand is all about inclusion! As the Head of the ID program, you will need to understand barriers that people may face in accessing to ID system. The next challenge is to quickly assess - 3 questions - whether you can identify legal or procedural barriers to inclusive identification. [[Test me!->3.9 Q1]]

--- icon: [IconQuestion,2,0,INCLUSION (1 of 3)] --- #### “Only IDLand nationals are eligible to obtain an ID.” Is this a barrier to inclusion? [[Yes->3.10 Y][{inclusion:10}]] [[No->3.10 N][{inclusion:-10}]]

### Good! #### You earned inclusion points! Everyone needs to be able to prove who they are – not just nationals! For this reason, SDG target 16.9 call upon states to provide legal identity **for all**, including birth registration. This includes refugees, asylum seekers, and stateless persons. [[Next question->3.11 Q2]]

### Oh no.. #### You lost inclusion points! Everyone needs to be able to prove who they are – not just nationals! For this reason, SDG target 16.9 call upon states to provide legal identity **for all**, including birth registration. This includes refugees, asylum seekers, and stateless persons. [[Next question->3.11 Q2]]

--- icon: [IconQuestion,2,0,INCLUSION (2 of 3)] --- #### “Documentary requirements for ID registration are more strictly enforced if the applicant is a member of a certain minority ethnic group or someone who lives close to the border” Is this a barrier to inclusion? [[Yes->3.12 Y][{inclusion:10}]] [[No->3.12 N][{inclusion:-10}]]

### Oh no.. #### You lost inclusion points! ID systems should be free from discrimination, both in terms of who has access to them and how they are used. This requires you and other stakeholders in IDLand to identify and mitigate legal, procedural, and social barriers to enroll in and use your ID system. [[Next question->3.13 Q3]]

### Good! #### You earned inclusion points! ID systems should be free from discrimination, both in terms of who has access to them and how they are used. This requires you and other stakeholders in IDLand to identify and mitigate legal, procedural, and social barriers to enroll in and use your ID system. [[Next question->3.13 Q3]]

--- icon: [IconQuestion,2,0,INCLUSION (3 of 3)] --- ####“A birth certificate is required to enroll in the ID system” Is this a barrier to inclusion? [[Yes->3.14 Y][{inclusion:10}]] [[No->3.14 N][{inclusion:-10}]]

### Good! #### You earned a few inclusion points! Having to provide a birth certificate could be a barrier to accessing IDs in countries like IDLand, where many people have not had their birth registered, may not have a copy of their birth certificate, or cannot afford one. [[Let's move on to design!->3.22 DESIGN]]

### Actually, no. #### You lost a few inclusion points! Having to provide a birth certificate could be a barrier to accessing IDs in countries like IDLand, where many people have not had their birth registered, may not have a copy of their birth certificate, or cannot afford one. [[Let's move on to design!->3.22 DESIGN]]

### GOVERNANCE Good governance helps build trust by enabling the ID system to operate with accountability and protect people’s data and rights. Let me ask you three quick questions to see whether you can identify which of the following issues are considered to be part of good ID governance. [[Test me!->3.16 Q1]]

--- icon: [IconQuestion,2,0,GOVERNANCE (1 of 3)] --- ####“Having independent oversight over how the ID system processes data” Is this part of good ID governance? [[Yes->3.17 Y][{trust:10}]] [[No->3.17 N][{trust:-10}]]

### Good! #### You earned a few trust points! Independent regulatory bodies are critical to ensure that all stakeholders appropriately use ID systems for their intended purposes, monitor and respond to potential data breaches, and receive complaints or concerns regarding the processing of personal data. [[Next question->3.18 Q2]]

### Oh no! #### You lost a few trust points! Independent regulatory bodies are critical to ensure that all stakeholders appropriately use ID systems for their intended purposes, monitor and respond to potential data breaches, and receive complaints or concerns regarding the processing of personal data. [[Next question->3.18 Q2]]

--- icon: [IconQuestion,2,0,GOVERNANCE (3 of 3)] --- ####“The ID agency’s Board has representatives from different segments of the public and private sectors and civil society.” Is this part of good ID governance? [[Yes->3.21 Y][{trust:10}]] [[No->3.21 N][{trust:-10}]]

### Good! Giving stakeholders from a wide range of sectors a say is important to ensure that the ID system is responsive to people’s and relying parties’ needs and to foster trust. [[I knew it!->3.99 pre-badge]]

### Oh, no! Giving stakeholders from a wide range of sectors a say is important to ensure that the ID system is responsive to people’s and relying parties’ needs and to foster trust. [[Understood!->3.99 pre-badge]]

--- icon: [IconQuestion,2,0,GOVERNANCE (2 of 3)] --- #### "People's data can be shared across governmental entities without consent or limitation" Is this part of good ID Governance? [[Yes->3.19 Y1][{trust:-10}]] [[No->3.19 N][{trust:10}]]

### Oh, no! #### You've got fewer trust points! The sharing of people’s data should always have a legal basis and be limited to specified purposes. [[Next question->3.20 Q3]]

### Good! #### You got a few trust points! The sharing of people’s data should always have a legal basis and be limited to specified purposes. [[Next question->3.20 Q3]]

### DESIGN Which of the following **should NOT** be a key element of your ID design process? [[3.23 A]] [[3.23 B]] [[3.23 C]] [[3.23 D]]

####Outcome-based approach [[Choose this->3.24 A][{trust:-10}]]

####Public engagement [[Choose this->3.24 B][{trust:-10}]]

####Technology-first design [[Choose this->3.24 C][{trust:10}]]

####Privacy by-design [[Choose this->3.24 D][{trust:-10}]]

--- icon: [BadgeColorHands,3] --- ### You've got INCLUSION, DESIGN & GOVERNANCE badge You are on the path to defining the guiding policy framework to ensure that you ID system is inclusive, trusted, and useful. [[Alright!->3.100 newspaper]]

--- icon: [IconQuestion,2,0] effects: - [set, displayHeader, true] --- Strong data protection is key to build and maintain trust! Watch your score! With that in mind... #### Is there a Data Protection Legislation or Regulation in place in IDLand? [[Yes->4.3 YES 1][{trust:10}]] [[No->4.4 NO 1][{trust:-10}]] [[I don't know->4.2 IDK][{trust:-10}]]

To successfully implement the ID system, being aware of the applicable data protection regime will be critical. This can make or break the ID agenda. Conducting an [ID Enabling Environment Assessment](https://id4d.worldbank.org/legal-assessment) can help provide answers. [[Back to question->4.1 Data Protection Regulation]]

Great! Many countries have adopted general data protection laws that apply not only to their ID systems, but also to other government or private-sector activities that involve the processing of personal data. [[Got it->4.7 CHECK PRINCIPLES?]]

Well, ID systems should be underpinned by legal frameworks that protect personal data and safeguard people’s rights. [[I see...->4.4.1 NO 2]]

--- icon: [BadgePbLegal,2] --- Even though establishing a data protection framework might not be within your mandate, launching a new ID system may catalyze discussion on data protection that would not happen otherwise. **How would you like to proceed?** [[Convene relevant stakeholders->4.4.2 NO 3 GOOD][{trust:10}]] [[Keep silent on this matter->4.4.2 NO 3 ALERT][{trust:-10}]]

Through your discussions, you agree that adopting a data protection law should be a priority for IDLand. You also learn that many neighboring countries have already adopted such legislation. [[What? Is this a trend?->4.4.3 NO 4]]

This is a risky path to take... adequate legal safeguards for data protection are critical for promoting trust in an ID system, even if their establishment is not the ID Authority’s sole responsibility. [[Move forward->4.4.3 NO 4]]

### ID FACT ![figure](./files/idfact-60-legislation.png) ####About 2/3 of countries globally have put in place data protection legislation. Source: UNCTAD, 02/04/2020 [[Good to know.->4.7 CHECK PRINCIPLES?]]

![icon](./files/logo-gdpr.png) The EU’s General Data Protection Regulation is one, well-known example of comprehensive data protection regulation. It has emerged as an important benchmark in this area. Other models include Convention 108+ and the SADC Model Law on Data Protection 2013. [[Got it!->4.7 CHECK PRINCIPLES?]]

--- icon: [IconInfo,2] --- Would you like to check some of the guiding principles that many data protection frameworks have in common? [[Yes!->4.10 PRINCIPLES][{trust:10}]] [[No, thank you->4.8 ARE YOU SURE][{trust:-10}]]

### KEY PRINCIPLES FOR DATA PROTECTION Feel free to navigate on the principles and move foward whenever you want. Check below a non-exhaustive list. [[Lawfulness and transparency->4.11 PRINCIPLE 1]] [[Purpose and Storage limitation->4.12 PRINCIPLE 2]] [[Data minimization->4.13 PRINCIPLE 3]] [[Accountability->4.14 PRINCIPLE 4]] [[Accuracy->4.15 PRINCIPLE 5]] [[Security and Resilience->4.16 PRINCIPLE 6]] [[Move on->4.20]]

The ID Authority will process the personal data for millions of people. Abiding by certain widely-recognized data protection principles will help keep people’s information safe. **Are you aware of these principles?** [[I'm aware, test me!->4.9 TEST][{trust:10}]] [[Let's check the principles->4.10 PRINCIPLES][{trust:10}]]

### Lawfulness & Transparency Personal data must be processed lawfully, and in a fair and transparent manner. This includes having a valid legal basis in law for data processing and being clear with people about who will use their data, why, and how. [[Thank you, back to list->4.10 PRINCIPLES]]

### Purpose and Storage limitation Personal data should only be collected for explicit, specified, and legitimate purposes, and not processed in a way that is incompatible with that, nor be kept longer than necessary for these purposes. [[Thank you, back to list->4.10 PRINCIPLES]]

### Data minimization Personal data must be limited to only what is necessary for a given purpose. *(You will learn more on the next badge)* [[Thank you, back to list->4.10 PRINCIPLES]]

### Accountability Those who process personal data must be accountable for demonstrating compliance with their obligations under data protection laws, and facilitate the protection of the data subjects’ rights in their personal information. [[Thank you, back to list->4.10 PRINCIPLES]]

### Accuracy Personal data that is processed should be accurate, and complete, and measures should be taken to ensure it is up to date. [[Thank you, back to list->4.10 PRINCIPLES]]

### Security and Resilience Appropriate measures must be taken to ensure the security of data and systems, and to protect personal data from loss, unauthorized access, destruction, use, modification or disclosure. [[Thank you, back to list->4.10 PRINCIPLES]]

--- icon: [IconIdea,2] --- ####Laws and regulations on data protection should include enforcement provisions. Enforcement mechanisms ensure that data protection legislation/regulation is implemented and provide consequences for non-compliance with it. [[Got it!->4.21 enforcement mechanism MULTIPLE]]

Which of the following options is a type of enforcement mechanism that could be part of IDLand’s data protection legislation / regulation? [[4.22 A]] [[4.22 B]] [[4.22 C]] [[4.22 D]]

### CHALLENGE The cards below show some of the key data protection principles. But there is an odd one out. **Can you tell which one?** [[4.9 A]] [[4.9 C]] [[4.9 D]] [[4.9 E]]

####Accountability [[Choose this->4.9A ALERT][{trust:-10}]]

####Unlimited processing of data [[Choose this->4.9 CORRECT][{trust:10}]]

####Accuracy [[Choose this->4.9 D ALERT][{trust:-10}]]

####Lawful basis [[Choose this->4.9 E ALERT][{trust:-10, inclusion:-10}]]

###Oh, no... ####You are losing trust. Personal data must be processed lawfully, and in a fair and transparent manner. One of the better-known legal bases for processing personal data is consent. Let’s do a refresher on good practices. [[Agreed, thank you!->4.10 PRINCIPLES]]

### Well picked! #### You have earned trust points! Limiting the processing of personal data, both in terms of quantity and time, is a good practice. Check out more key principles to keep in mind when designing your ID system. [[Move forward->4.10 PRINCIPLES]]

####Right to lodge a complaint and to an effective judicial remedy. [[Choose this->4.23 GOOD][{trust:10}]]

#### Right to post on social media about bad experiences with the ID authority [[Choose this->4.23 ALERT][{trust:-10}]]

####Liabilities and sanctions for breaches. [[Choose this->4.23 GOOD][{trust:10}]]

####Establishment of national supervisory authorities. [[Choose this->4.23 GOOD][{trust:10}]]

###That's right! Enforcement mechanisms may vary from grievance redress mechanisms to the imposition of sanctions for data protection breaches. [[Thank you!->4.24 who will ensure enforcement]]

### Not quite... While people should be free to vent frustrations and these posts may get traction, posting on social media, on its own, is unlikely to work as an effective enforcement mechanism. [[Try again!->4.21 enforcement mechanism MULTIPLE]]

--- icon: [IconJustice,2] --- ####Now, who is going to ensure this enforcement? The supervisory authority might be a single government official or a body with several members. [[Tell me more!->4.25 independent body]] [[Move on->4.26 authority MULTIPLE]]

Does IDLand have a specific authority for ensuring compliance with data protection legislation/regulation? [[4.27 IDPA]] [[4.27 MOJ]] [[4.27 NODPR]]

--- icon: [IconJustice,2] --- Data protection legislation/regulation should include oversight by an independent body, ideally one with appropriate powers and financial independence. This body will, inter alia, ensure the lawful processing of identity data by the ID system. [[I see!->4.26 authority MULTIPLE]]

####Yes, an Independent Data Protection Authority [[Choose this->4.28 IDPA][{trust:10}]]

####Yes, the Ministry of Justice [[Choose this->4.28 MOJ]]

####Not yet. [[Choose this->4.28 NODPR][{trust:-10}]]

###That's great! This can also enhance trust in the ID Agency! A Data Protection Authority may handle public complaints and may have the power to oblige the ID system to rectify, delete or destroy inaccurate or illegally processed data. [[Indeed!->4.100 BADGE]]

--- icon: [BadgeColorEncryption,3] --- ### You've got ### LEGAL AND INSTITUTIONAL SAFEGUARDS badge A data protection framework is crucial for the success of the ID system. It helps build trust, and trust is essential to promote the use of the system. [[I will keep the people’s data safe!->4.100 NEWSPAPER]]

###Ok... In certain contexts, independent bodies would be better placed than ministries to enforce data protection legislation and to hold both government and the private sector accountable. Nevertheless, in IDLand the Ministry of Justice has this role. **Would you like to arrange a meeting?** [[Yes, consult->4.29 MOJ GOOD][{trust:10}]] [[No, thank you->4.29 MOJ ALERT][{trust:-10}]]

###Very good! In the absence of a Data Protection Authority, working with the Ministry of Justice earned you a few trust points, as their support will help the ID Agency comply with relevantlaws related to data protection. [[Great!->4.100 BADGE]]

###Well... ####You lost a few trust points there. Even if there is no independent Data Protection Authority, it is always good to consult with the relevant supervisory entity, in this the case of Ministry of Justice. This will ensure that data processed under the ID system is aligned with relevant safeguards. [[I see...->4.100 BADGE]]

###This is risky! A dedicated data protection authority will help handle grievances and complaints and monitor compliance with relevant laws and regulations. [[What can I do?->4.28 (2) NODPR]]

--- icon: [IconIdea,2] --- Although establishing a data protection authority may fall outside of your mandate, raising your voice to advocate for stronger data protection safeguards can help advance this agenda. [[Count me in!->4.100 BADGE]]

Although biometric authentication can provide a high degree of assurance, it can leave some people excluded and is not always justified. It is always a good idea to provide alternatives. [[Got it!->2.67]]

### Great! You earned inclusion and trust points by considering multiple options, including for people and services without digital access. [[Got it!->2.67]]

### You lost some inclusion and trust points! At first glance, it may seem practical to put all information in one place, but this can create significant privacy risks. And if people are concerned, they are less likely to register. [[Got it!->2.67]]

--- icon: [IconIdea,2] --- Successfully using the ID system for digital transformation requires more than just deploying new technologies. Make sure your ID solutions are well-suited to local needs and constraints and keep in mind how they may affect inclusion and trust! [[I will, thank you!->2.97]]

### That’s a good start, but... What about, non citizens, such as migrants, refugees, and asylum seekers? You should not exclude them. [[Got it->2.57]]

###Great! You earned a few inclusion points by making authentication easier while not forgetting those without technology and Internet access. [[Thank you->2.57]]

### You lost inclusion and trust points! What about those who cannot provide fingerprint biometrics? Imagine being deprived of food or healthcare due to a broken fingerprint scanner? [[That would be a disaster!->2.57]]

### That's fine. This could generate significant savings for the public purse. But be careful, you need to ensure that eligible public sector workers are not excluded because they cannot obtain an ID! [[Got it!->2.77]]

###Great approach! ####You earned inclusion and trust points! Close links between the ID system and the civil registry will help keep records up-to-date and minimize fraud and leakages in service delivery. [[Got it!->2.77]]

###You lost inclusion and trust points **This policy risks excluding IDLand residents without Internet connectivity from accessing services.** Making access to social programs or financial services conditional on a particular credential or authentication channel risks further marginalizing people who do not have access to a particular technology or credential. [[Got it!->2.77]]

--- icon: [BadgePbVision,3] --- ### Great! Having a vision for your ID system and understanding the needs and concerns of current and future users will help ensure that it meets the needs of IDLand and its people. [[I do have vision!->2.100 badge vision][{inclusion:10,trust:10}]]

Imagine people struggling to access a cash transfer or food because they do not have a mobile phone or because the cost of obtaining the required ID equals multiple days’ income. [[Wow, I will bear inclusion in mind.->2.99][{inclusion:10, trust:10}]]

--- icon: [IconQuestion,2] --- Earlier ID initiatives in IDLand were only able to reach a small share of the population. Rural women and the 'FarID' minority have struggled in particular to obtain IDs. Your advisors note that many people may face barriers to accessing the new ID system as well. #### What do you do? [[Conduct an exclusion risk assessment->2.4A GOOD][{inclusion:10}]] [[Let’s focus on building the system->2.4B BAD][{inclusion:-10}]]

### Good! You should pay particular attention to groups that are at *higher risk of exclusion*, such as remote and rural residents, the forcibly displaced, ethnic and linguistic minorities, people with disabilities, marginalized women and girls, and those with low connectivity or technical literacy. [[I am all about inclusion!->2.5]]

### Risky start! You should pay particular attention to groups that are at higher risk of exclusion, such as remote and rural residents, the forcibly displaced, ethnic and linguistic minorities, people with disabilities, marginalized women and girls, and those with low connectivity or technical literacy. [[Good point! I will address this->2.5][{inclusion:10}]]

![prototype](./files/figure-stages.svg) ### How do you want to start? [[Let's start from the begining->1.0 tutorial]] [[Let me chose a track to play->0.6 Doors System]]

--- effects: - [set, displayHeader, false] --- Choose where to jump to: [[0.5.0 How to play]] [[0.5.1 Vision]] [[0.5.2 Inclusion Governance Design]] [[0.5.3 Protection]] [[0.5.4 Data Minimization]] [[0.5.5 Security]]

--- sliderText: black sliderBg: white sliderBorder: none icon: [BadgePbVision,1.5] --- Developing a clear vision for the ID system – what objectives it will serve and how – should be among your first steps. [[Continue->3.0 IGD]] [[Let me choose next stage->0.6 Doors System]]

--- sliderText: black sliderBg: white sliderBorder: none icon: [BadgePbVision,1.5] --- There are several legitimate goals for your ID system, but each has its specificities and risks. [[Continue->3.0 IGD]] [[Let me choose next stage->0.6 Doors System]]

--- sliderText: black sliderBg: white sliderBorder: none icon: [BadgePbVision,1.5] --- It is your vision that should guide your decisions. Don’t be distracted by political pressures or offers by vendors. [[Continue->3.0 IGD]] [[Let me choose next stage->0.6 Doors System]]

--- effects: - [set,displayHeader,true] --- ### Key takeaways [[3.101]] [[3.102]] [[3.103]]

--- sliderText: black sliderBg: white sliderBorder: none icon: [BadgePbHands,1.5] --- ID system should be accessible to all - not just citizens –, free from discrimination, and minimize barriers in policy, in practice, and by design. [[Continue->4.0 DATA PROTECTION]] [[Let me choose next stage->0.6 Doors System]]

--- sliderText: black sliderBg: white sliderBorder: none icon: [BadgePbHands,1.5] --- Good design puts people first and is guided by a clear view of desired outcomes. Use in service delivery, privacy, and value-for-money are all important aspects to consider. [[Continue->4.0 DATA PROTECTION]] [[Let me choose next stage->0.6 Doors System]]

--- icon: [BadgePbEncryption,2] --- ID systems process personal data, which should be safeguarded carefully through multiple means. Strong legal frameworks and institutions represent one essential layer of protection. This track will take about 6-12 minutes to complete. [[Got it!->4.1 Data Protection Regulation]]

--- icon: [BadgePbLegal,2] --- In addition to legal and institutional frameworks, technology choices and process design should also be guided by privacy and security considerations from the start. This is called, **“privacy- and security-by-design”**. [[Next->5.1]]

--- icon: [BadgePbSecurity,2] --- ### DATA SECURITY To protect IDLand’s ID system and the data it holds, you need to think comprehensively about securing processes and operations, technologies, and physical facilities. This includes continuously keeping an eye on security controls and updating them when needed. [[Next->6.1]]

--- icon: [BadgeColorVision,2,0,,1] --- ###Vision :stopwatch: 5~10 min [[Play this track->2.0 idfact sdg]] [[Back->0.5 before start]]

--- icon: [BadgeColorHands,2,0,"",1] --- ###Inclusion, Design & Governance :stopwatch: 5~10 min [[Play this track->3.0 IGD]] [[Back->0.5 before start]]

--- icon: [BadgeColorEncryption,2,0,,1] --- ###Legal and Institutional Safeguards :stopwatch: 6~12 min [[Play this track->4.0 DATA PROTECTION]] [[Back->0.5 before start]]

--- icon: [BadgeColorData,2,0,,1] --- ###Data Protection by Design :stopwatch: 6~12 min [[Play this track->5.0 DATAMIN]] [[Back->0.5 before start]]

--- icon: [BadgeColorSecurity,2,0,,1] --- ###Security :stopwatch: 4~8 min [[Play this track->6.0 SECURITY]] [[Back->0.5 before start]]

--- icon: [IconHands,2] --- ####Congratulations! You mastered the basics of good ID system design! However, there is much more! For a deeper dive, you can take a look at the [ID4D Practitioners’ Guide](https://id4d.worldbank.org/guide). Or, continue with the game to learn more about additional ID safeguards and enablers for a good ID system. [[Continue the IDLand journey!->3.100 BADGE LF]]

--- effects: - [set,displayHeader,true] --- ### Key takeaways [[4.101]] [[4.102]] [[4.103]] [[4.104]]

--- sliderText: black sliderBg: white sliderBorder: none icon: [BadgePbEncryption,1.5] --- Before moving to the implementation of a new ID system, it is important to understand the legal environment status quo. [[Continue->5.0 DATAMIN]] [[Let me choose next stage->0.6 Doors System]]

--- sliderText: black sliderBg: white sliderBorder: none icon: [BadgePbEncryption,1.5] --- While data protection is not exclusively an ID-related matter, it is very important for the ID agenda. [[Continue->5.0 DATAMIN]] [[Let me choose next stage->0.6 Doors System]]

--- sliderText: black sliderBg: white sliderBorder: none icon: [BadgePbEncryption,1.5] --- The ID Authority should be aware of and comply with relevant data protection legislation and regulations and promote alignment with international practices and guidelines. [[Continue->5.0 DATAMIN]] [[Let me choose next stage->0.6 Doors System]]

--- icon: [IconClock,2] --- In this track, you will be asked to make design choices to build data protection and security into how your ID system works. Completing this track will take you about 6-12 minutes. [[Next->5.2]]

--- icon: [BadgePbEncryption,2] --- When it comes to ensuring data protection and security in your ID system, it is critical to think carefully and act proactively to mitigate the risks – especially because those risks are always evolving. [[I am intrigued. Tell me more->5.3]] [[Let’s make some decisions->5.6]]

--- icon: [IconInfo,2] --- It can be hard to retrofit privacy- and security-by-design. It is better to **prevent** threats rather than have to **react** to them. Cybersecurity and data protection impact assessments can help identify those risks and mitigation strategies. Work closely with your data protection authority, if one exists. [[Next->5.6]]

--- icon: [BadgePbData,2] --- You only need to protect what you have. And you do not have to protect what you don’t. Therefore, let's start with personal data collection. ####Are you ready? [[Let's go->5.7 idnews]]

### ID NEWS ![forbes-darknet](./files/idfact-forbes-darknet.jpg) #### Uh-oh! Across the world, government and company databases are leaking personal data because of hackers and security vulnerabilities! People are conscious about protecting their personal data. They may hesitate enrolling in the ID system if they think IDLand cannot secure it. [[Got it!->5.9]] [[Tell me more->5.8]]

--- icon: [IconIdea,2] --- A leak of personal data can have significant and permanent consequences, such as identity fraud and discrimination. The more sensitive the data (such as ethnicity, religion or biometrics), the higher the risk. [[Move on->5.9]]

--- icon: [BadgePbData,2] --- The principle of data minimization means limiting data collected to only what is required to fulfill the ID system’s purpose. You will be asked to decide what data to collect from a list, ok? > *Tip: Ask yourself if you really need that attribute, and why.* [[More tips->5.10]] [[Let's go->5.12]]

--- icon: [IconIdea,2] --- #### Every attribute must have a clear purpose and be allowed by law. Some sensitive data may be needed, such as biometrics to establish uniqueness when there is no alternative. [[Next tip->5.11]]

--- icon: [IconIdea,2] --- #### Foundational ID systems should focus on establishing a person’s identity and authentication. Data related to eligibility for certain services or programs (e.g., income, disability status, professional qualifications, etc.) would typically be collected and validated through sectoral systems. With modern data governance practices, data does not need to be replicated across systems. [[All clear!->5.12]]

--- icon: [IconNote,2] --- #### Every attribute needs to be carefully considered. You might think blood type on an ID card will help in an emergency. Ask your Ministry of Health if a paramedic would trust it. > Spoiler: They likely won’t. A paramedic will do a test for blood type before doing a transfusion, even in emergencies. [[Understood->5.12 quiz 1]]

--- icon: [IconIdea,2,0,"Keep in mind "] --- ... whether the data you consider collecting: - are hard to validate during registration; - can lead to discrimination; - change frequently and will require additional effort to enable regular updates. #### Are you ready to consider more options? [[Yes, I'm ready->5.14 quiz 2]]

--- quiz: - [Y,E-mail] - [Y,Irises] - [R,Sexual Orientation] - [R,Religion] - [Y,Place of birth] - [Y,Address] - [R,Ethnic origin ] quizR: [0,{inclusion:-10, trust:-10}] quizY: [0,{}] quizG: [0,{inclusion:10, trust:10}] --- #### What about collecting any of the following data attributes? You can click more than one. [[Next->5.14 results]]

--- icon: [IconIdea,2] --- #### Some personal data is more sensitive than others. In all cases, personal data should be protected and secure. [[True->5.16 GOOD][{inclusion:10,trust:10}]] [[False->5.16 ALERT][{inclusion:-10,trust:-10}]]

--- quiz: - [R,Race] - [Y,Marrital status] - [Y,Gender] - [R,Genetics data] - [G,Current last name] quizR: [0,{inclusion:-10, trust:-10}] quizY: [0,{}] quizG: [0,{inclusion:10, trust:10}] --- #### Which of the following data do you also want to collect? You may click more than one option. [[Next->5.18]]

###Oh, no! It is important to keep in mind that ALL personal data must be protected. For instance, address or place of birth may seem like it is not sensitive in some contexts, but can actually be misused. [[Got it!->5.20]]

--- icon: [IconIdea,2] --- Please, keep clear of collecting data such as religion, sexual orientation... ####These are very risky! [[Will do->5.19 quiz 4]]

--- quiz: - [R,Ethnic origin] - [Y,Nationality] - [G,Date of birth] - [Y,Fingerprints] - [R,Religion] quizR: [0,{inclusion:-10, trust:-10}] quizY: [0,{}] quizG: [0,{inclusion:10, trust:10}] --- #### Let's choose more data fields! Do you plan to collect the following data ? You can click more than one option. [[Next->5.20]]

--- icon: [IconAttention,2] --- #### It’s always tempting to collect more data. Remember: Data minimization means only collecting what an ID system absolutely needs to fulfil its purpose. [[I got it->5.21]]

--- icon: [IconIdea,2,0,Keep in mind] --- ... that more data collected for the ID system also increases: - the time and cost of registration - data inaccuracy over time - data protection and security risks [[Got it!->5.23]]

--- icon: [IconNote,2] --- We will send you the report with the risks associated with each data field so you can make a good decision according to your scenario, ok? #### One quick thing: **You should consider data disposal and use in the future.** [[Ok->5.23]] [[Thank you!->5.23]]

--- icon: [IconTalk,1.5,0,Let's talk!] --- The Ministry of Social Affairs wants to implement a cash transfer program. [[Let's arrange a meeting->5.24]]

--- icon: [IconQuestion,2] --- To target the cash transfers, the Ministry of Social Affairs needs **information on people’s income, employment and disability status**. They do not know where to get the information from and are asking if you want to add these attributes to your ID system. #### What do you say? [[Yes, I will help them->5.25 ALERT][{inclusion:-10, trust:-10}]] [[That's not a good idea->5.25 GOOD][{inclusion:10, trust:10}]]

### Hold on! #### Remember data minimization? The focus of the foundational ID system is to prove a person’s identity, not to verify eligibility for specific programs. At the same time, reassure the Ministry of Social Affairs that IDLand’s foundational ID system will be able to help with verifying the identities and authenticating beneficiaries. [[Got it->5.99]]

--- icon: [BadgePbData,2] --- ### Keep in mind! Only collect what you absolutely need. And you only need to protect what you collect. [[Got it!->5.100 DATAMIN BADGE][{inclusion:10,trust:10}]]

--- icon: [BadgeColorData,3] --- ###You've got the DATA PROTECTION BY DESIGN badge Minimizing data collection and sharing is a privacy-by-design good practice. [[Alright!->5.100 NEWSPAPER]]

--- effects: - [set,displayHeader,true] --- ### Key takeaways [[5.101]] [[5.102]] [[5.103]] [[5.104]]

--- sliderText: black sliderBg: white sliderBorder: none icon: [BadgePbData,1.5] --- Data to be collected needs to be chosen carefully, as minimally needed to fulfill the purpose of the ID system. [[Continue->6.0 SECURITY]] [[Let me choose next stage->0.6 Doors System]]

--- sliderText: black sliderBg: white sliderBorder: none icon: [BadgePbData,1.5] --- Storing a large amount of personal data – spanning health, education, employment, etc. - in a single ID system can be very risky. [[Continue->6.0 SECURITY]] [[Let me choose next stage->0.6 Doors System]]

--- sliderText: black sliderBg: white sliderBorder: none icon: [BadgePbData,1.5] --- What data is ‘sensitive’ will also depend on context. The purpose and potential risk of collecting each data field, however common, should be reviewed. [[Continue->6.0 SECURITY]] [[Let me choose next stage->0.6 Doors System]]

--- icon: [IconClock,2] --- In this track you will learn about making IDLand’s system more secure by examining different options for operations/processes, physical infrastructure, technology and people. It will take you about 4-8 minutes to go through this track. [[Next->6.5]]

--- effects: - [set, displayHeader, true] --- First, let’s think through what you can do from the operations perspective to secure your system. [[6.7A]] [[6.7B]] [[6.7C]] [[6.7D]]

--- icon: [IconInfo,1.5,0,ID systems need to be properly secured] --- You will now be asked to review security measures across different categories, including: - Operational controls - Physical security - Technology controls [[Let's go!->6.6 challenge]]

####Provide on-boarding and on-going security training for the staff [[Choose this->6.8A][{inclusion:10, trust:10}]]

#### Develop clear operational security policies [[Choose this->6.8B][{inclusion:10, trust:10}]]

####Establish close working relationships with the Cyber Security Authority in IDLand [[Choose this->6.8C][{inclusion:10, trust:10}]]

#### Review and update your internal user accounts every two months [[Choose this->6.8D][{inclusion:-10, trust:-10}]]

###That's very important! ####This choice earned you a few trust points. One of the major reasons for data breaches is human error. [[Ok->6.9 GOOD]]

###Good Job! You should have clear guidelines for securing your ID system, and disseminate them to all people involved in managing and operating it. [[Ok->6.9 GOOD]]

### Good idea! You should work with competent authorities to identify and manage domestic and international cybersecurity threats. [[That sounds great!->6.11]]

###Oh! A senior staff who retired a little over a month ago still has access to a database and logs show that he has continued to view certain sensitive information in the system even after his employment has ended. [[Oh no! What should I do?->6.9 ALERT]]

--- icon: [IconNote,1.5,0, You should...] --- - Regularly monitor the security controls and check if any vulnerabilities have developed due to changes implemented in the system. - This includes third-party assessments and regular vulnerability testing. - This is key to understand where and how your system can be breached and to proactively address it [[Ok->6.11]]

--- icon: [IconIdea,2] --- #### In any event, you need to make sure that your staff is aware and capable of ensuring the effectiveness of such measures. Providing ongoing training is a must, particularly on how you dispose of your data. [[I will do that->6.11]]

--- icon: [IconQuestion,2] --- #### What about your physical infrastructure? You should consider specific security measures, not only for the ID Agency’s headquarters, but all other information assets including registration facilities. [[Let's see->6.20 new]]

--- icon: [IconNote,1.5,0, You should...] --- - make sure that only authorized and current staff have access. - update the information and revoke access in real time, if possible. [[I will do it as soon as possible!->6.11]]

Choose one of the following options that would promote physical security in your system. [[6.21A]] [[6.21B]] [[6.21C]] [[6.21D]]

#### Keep data storage racks in a single, locked room [[Choose this->6.22A][{inclusion:-10, trust:-10}]]

#### Control who enters the ID data storage facility and what can and cannot be brought in and out [[Choose this->6.22B][{inclusion:10, trust:10}]]

####Store the servers with ID data in a closed, refrigerated room with a back up generator [[Choose this->6.22C][{inclusion:10, trust:10}]]

#### Ensure there is a disaster recovery plan and infrastructure in place for it [[Choose this->6.22D][{inclusion:10, trust:10}]]

### Wow! #### Your ID system suffered a data breach! A staff accessed a database to get general administrative information on the ID Agency, and ended up involuntarily sharing very sensitive data. [[Oh no! What should I do?->6.23A]]

### Fair enough! This is an appropriate measure to ensure an ongoing and secure operation of your system. [[Alright!->6.24]]

### Great! Anyone entering must have very specific access and duty. You must define this protocol! [[I will do it!->6.24]]

### Great! Building a disaster recovery infrastructure will prevent the loss of personal and sensitive data. [[Alright!->6.24]]

#### You should segregate your storage racks according to different types of data with different levels of access required. [[I will do that!->6.24]]

--- icon: [IconIdea,2] --- #### Do not forget CCTV and Alarms! Now you have secure facilities, let's take a look at a few technologies! [[Yes!->6.25]]

Tell me, which of the following technologies and design measures would you like to use to secure your ID system's data? [[6.26A]] [[6.26B]] [[6.26C]]

#### Use end-to-end encryption and digital signatures to ensure security and integrity of data [[Choose this->6.27A][{inclusion:10, trust:10}]]

#### Use tamper-proof logs [[Choose this->6.27B][{inclusion:10, trust:10}]]

#### Store devices in backpacks during transportation [[Choose this->6.27C][{inclusion:-10, trust:-10}]]

### Good job! Encryption ensures confidentiality of sensitive and personal data and digital signatures ensure the integrity of data. Any change in data will make the signature invalid. The purpose of security controls is to ensure the triad of confidentiality, integrity and availability. [[What a beautiful triad!->6.28 GOOD]]

### Good job! Using logs that cannot be changed or interfered with will help identify vulnerabilities and malicious behavior and mitigate the risk of misuse. [[I knew it!->6.28 GOOD]]

### Oh, no! Your staff suffered an accident when transporting hard drives from a remote registration office to headquarters. Fortunately, they suffered only minor injuries. However, the hard drives in the backpack got damaged. [[What a headache!->6.28 ALERT]]

--- icon: [IconIdea,2] --- As you have seen, there are several physical and operational security controls and technologies that can be applied to protect your system and your data. **You must choose appropriately on a case by case basis.** [[Next->6.30 new]]

--- icon: [IconIdea,2] --- If you must transfer data physically (on hard drives), make sure it is secure and safe, e.g., in locked and shock- and water-proof containers. And make sure that the data is encrypted. This way, if it falls into the wrong hands, it will be meaningless without the decryption key. [[I see...->6.30 new]]

###Finally... Just because you perceived that only authorized individuals can get access to and modify data, we would like to know how you would ensure this access and control to both your digital channels and physical facilities. [[Ok->6.30]]

What measures will you implement to ensure safe and controlled access to ID data? [[6.31A]] [[6.31B]] [[6.31C]] [[6.31D]]

#### Set strict password policies that force staff to change their passwords monthly [[Choose this->6.32A][{inclusion:-10,trust:-10}]]

#### Use of biometrics to gain entry or access [[Choose this->6.32B][{inclusion:-10,trust:-10}]]

#### Provide special cards to authorized staff [[Choose this->6.32C][{inclusion:-10,trust:-10}]]

#### Establish a multi-factor authentication scheme [[Choose this->6.32D][{inclusion:10,trust:10}]]

### Oh! It may seem like a good idea; however, in practice this leads to increased vulnerability. You should set strict password policies, but their length is what matters the most. [[I will put this into account->6.33 ALERT]]

### Oh! Biometrics are good to determine uniqueness and enable secure authentication schemes. However, you should consider alternative approaches for those who cannot have their fingerprints read or alternatives in the event of scanner defects. [[I will take this into account->6.33 ALERT]]

### Oh! This would be the easiest way to determine who has access and who does not. However, situations where someone uses another person's card or even falsifies one are very common. [[I will take this into account->6.33 ALERT]]

### Great! Secure authentication requires a multi-factor approach. This includes knowledge factors (e.g. passwords), inherent factors (e.g. a fingerprint) and possession factors (e.g. cards). [[Alright!->6.99]]

--- icon: [IconIdea,2] --- ### Access and Control are really important. You may consider using a combination of measures to promote security. For example, requesting fingerprints authentication, and passwords at the same time. [[Understood->6.99][{inclusion:10,trust:10}]]

--- icon: [BadgePbSecurity,2] --- In addition to all security measures introduced in the ID context, one should consider the cyber and information security across the country more broadly. This is because the ID system interfaces with many other systems, and they also need to be secure. [[Oh! Security has so many layers!->6.100 SECURITY BADGE][{inclusion:10,trust:10}]]

--- icon: [BadgeColorSecurity,3] --- ###You've got SECURITY With your guidance, IDLand’s ID system has become more resilient to internal and external threats. But there is no time to rest - be sure to continuously monitor risks and emerging good practices going forward and adapt your security measure as needed! [[Alright!->6.100 newspaper]]

--- effects: - [set,displayHeader,true] --- ### Key takeaways [[6.101]] [[6.102]] [[6.103]]

--- sliderText: black sliderBg: white sliderBorder: none icon: [BadgePbSecurity,1.5] --- End-to-end security of data must proactively be ensured (i.e., throughout the entire data lifecycle). [[Let me choose next stage->0.6 Doors System]] [[I've played all stages->10 CONGRATS]]

--- sliderText: black sliderBg: white sliderBorder: none icon: [BadgePbSecurity,1.5] --- Despite all security measures introduced in the context of identification, one should consider the entire security ecosystem in the country as frequently ID data breaches happen when ID data is processed by other agencies. [[Let me choose next stage->0.6 Doors System]] [[I've played all stages->10 CONGRATS]]

--- sliderText: black sliderBg: white sliderBorder: none icon: [BadgePbSecurity,1.5] --- There are many layers of security – think simultaneously about people, process, technology, and infrastructure. [[Let me choose next stage->0.6 Doors System]] [[I've played all stages->10 CONGRATS]]

--- effects: - [set,displayHeader,true] --- ### Congratulations! ![badges](./files/idland-badges.svg) Thank you for playing ID Land. [[Back to main menu->0.1 START]]

--- icon: [BadgeColorGame,2,0,,1] --- ###How to play :stopwatch: 3~6 min [[Play this track->1.0 tutorial]] [[Back->0.5 before start]]

--- icon: [IconNote,2] --- #### Before we start, let’s make sure we are on the same page! The government of IDland wants to build a new ID system that will provide people with general-purpose identification. [[What kind of ID system is this?!->1.8 definition]]

### Why does the global ID gap matter? Inclusive and trusted—i.e., “good”—ID systems are crucial tools for achieving sustainable development. Identification is an enabler or contributor to many development targets, such as financial and economic inclusion, social protection, gender equality, and child protection. [[Ok!->1.7 definition]]

###Fair enough! Thankfully there are a wealth of resources to get you started. The ID4D Practitioners’ Guide, provides an overview of key concepts, decisions, and good practice technical options for designing an entirely new ID system or improving an old one. **[Click here to open the Guide](https://id4d.worldbank.org/guide)** [[Let’s keep playing->2.0 idfact sdg]]

If you’re looking for more in-depth guidance on specialized topics, such as ID system procurement, cost estimates, privacy by design features, ID technologies, the ‘Knowledge’ and ‘Tools’ section of the [ID4D website](https://id4d.worldbank.org/) offer additional resources. [[Let's start->2.0 idfact sdg]]

For example, a $3 mobile money transaction will require less assurance about the identity of the transacting parties than selling a piece of land or house. [[Thank you!->2.74]]

#### IDLand government lays out vision for new ID system! [[Great!->2.100 vision achievements]]

### Well... Adopting an outcome-based approach to your system design process IS important to ensure that it meets IDLand’s vision and goals. [[Try again!->3.22 DESIGN]]

### Well... People are the heart of ID systems. Public engagement – including consultative processes to understand people’s needs, concerns, and expectations about identification – should be at the heart of the design process. [[Try again!->3.22 DESIGN]]

### Great! The desire to use a given technology should not drive your design choices! Let you vision guide you and make sure that your design is people-centric and privacy-conscious. [[Let's move on to governance->3.15 GOVERNANCE]]

###Well... Maintaining people’s privacy is a fundamental concern for ID systems. Adopting a privacy-by-design approach will be important to build a secure and trusted system. [[Try again!->3.22 DESIGN]]

##### IDLand receives positive press for its commitment to building ID system that is inclusive, well-governed, and designed in line with shared Principles and good practices. [[Great!->3.100 LF achievements]]

#### ID Land Government is taking steps to build a stronger Data Protection Framework! Read more in the following pages. [[Great!->4.100 ACHIEVEMENTS]]

--- effects: - [set, displayHeader, true] quiz: - [G,First name] - [G,Date of birth] - [Y,Parent's name (for children)] - [Y,Driving license number] quizR: [0,{}] quizY: [0,{}] quizG: [0,{inclusion:10, trust:10}] --- #### Should your ID system collect any of the following data attributes? You may click more than one option before moving on! [[Next->5.12 results]]

#### ID Land Government is committed to only collect and retain citizens' personal data which is necessary. [[Alright!->5.100 DATAMIN ACHIEVEMENTS]]

--- icon: [IconQuestion,2,0,"Quiz Feedback"] --- > **Parent's name**: Beware! Sometimes there is only one parent available (or even none), so having parent information should not necessarily be required, to avoid exclusion. > **Driving license number**: Why do you need it? If you need it to cross-check data for identity proofing, then could it be stored only temporarily? [[Next->5.13]]

--- icon: [IconQuestion,2,0,"Quiz Feedback"] --- > **Address, E-mail**: Although helpful to contact people or for sending one-time-passwords, note that these can change. This information could also make it easier to surveil people offline and online. Weigh pros and cons carefully. > **Place of birth**: How will this be verified? Some people may not have a birth certificate. Could there be a risk of discrimination? > **Irises**: How will they be used? What are the pre-requisites for this use? > **Sexual orientation, Religion, Ethnic Origin**: These raise discrimination risks. They would also be very tricky to validate. [[Next->5.15]]

--- icon: [IconAttention,2,0,"Terrible news!"] --- IDLand’s capital experienced an earthquake and the data storage room in the ID Authority’s HQ suffered major damage. **Was there a disaster recovery solution in place? ** [[Yes! You can never be too careful->6.21 Y]] [[No! The HQ was believed to be very safe->6.21 N]]

###That’s reassuring! Although the HQ will take some time to rebuild, due to a disaster recovery solution unaffected by the earthquake, the data is safe. The ID system can now be used to get social assistance quickly and efficiently to those affected by the disaster. [[Great! Let’s review other system security measures->6.25]]

### Oh no! Without back-ups, the data is now lost. It will take months until the system is operational again and millions will need to re-register. Ensuring back-ups and disaster recovery solutions in the case of power outages, riots, or natural disasters is critical. [[Lesson learned! Let’s review other system security measures->6.25]]

Finally, we need to reduce the risk of unauthorized persons gaining access to the system. **How will your staff access physical facilities or log-in virtually?** [[6.31 A]] [[6.31 B]] [[6.31 C]] [[6.31 D]]

#### following biometric authentication [[Choose this->6.32 partial]]

#### after entering PIN that changes frequently [[Choose this->6.32 partial]]

#### with a special access card and a physical token for virtual access [[Choose this->6.32 partial]]

#### a combination of the previous three strategies [[Choose this->6.32 correct]]

###This is a good start! But keep in mind – multiple authentication factors are more secure than one. It is recommended that access to sensitive data (whether physically or virtually) require a minimum of two-factor authentication, while also restricting access by roles to the minimum necessary. [[Will keep that in mind!->6.99]]

### Good job! Multiple authentication factors are more secure than one. It is recommended that access to sensitive data (whether physically or virtually) require a minimum of two-factor authentication, while also restricting access by roles to the minimum necessary. [[Will keep that in mind!->6.99]]

#### IDLand’s ID system has become more resilient to internal and external threats. Citizens can feel safer from now on. [[Next->6.100 SECURITY ACHIEVEMENTS]]

--- sliderText: black sliderBg: white sliderBorder: none icon: [BadgePbData,1.5] --- Consider the accuracy of data as well. How can people update their information? If the data is very difficult to validate, will it still be useful? [[Continue->6.0 SECURITY]] [[Let me choose next stage->0.6 Doors System]]

### Good! It is important to keep in mind that ALL personal data must be protected. For instance, address or place of birth may seem like it is not sensitive in some contexts, but can actually be misused. [[Indeed!->5.20]]

### Good! The focus of the foundational ID system is to prove a person’s identity, not to verify eligibility for specific programs. At the same time, reassure the Ministry of Social Affairs that IDLand’s foundational ID system will be able to help with verifying the identities and authenticating beneficiaries. [[Got it->5.99]]

--- sliderText: black sliderBg: white sliderBorder: none icon: [BadgePbEncryption,1.5] --- Data protection authorities are key stakeholders to consult during the desing of the ID system. [[Continue->5.0 DATAMIN]] [[Let me choose next stage->0.6 Doors System]]

![logo](./files/start-idland.png) ID Land © is an on-line game (the “Game”) developed by the World Bank’s Identification for Development (ID4D) initiative and ITS Rio. The Game is based on evolving international good practice, as understood by ID4D. It reflects experiences in a range of countries from different regions, with different legal systems, and at different stages of economic development. It also takes into account existing literature, international experience, norms and principles (including the Principles on Identification, available at: [http://id4d.worldbank.org/principles](http://id4d.worldbank.org/principles)). The Game only covers a limited set of considerations related to ID system design and implementation. There is no guarantee that addressing all the issues raised in the Game will result in successful ID system in a country—that will depend on many factors that must be considered, and which may be different from country to country. There may be issues affecting the design, establishment of operation of an ID system that are not addressed in the Game, or that are addressed in the context of certain assumptions, facts and circumstances that do not apply equally to every situation. The Game is not intended as a basis for ID policy, system or institutional design or for enabling legislation and does not constitute legal advice. [[I'm aware->0.5 before start]]

--- icon: [IconIdea,2,0,"PILLAR 2: DESIGN"] --- > **3.** Establish a trusted—unique, secure, and accurate—identity. > **4.** Create a responsive and interoperable platform. > **5.** Use open standards and prevent vendor and technology lock-in. > **6.** Protect privacy and agency through system design. > **7.** Plan for financial and operational sustainability [[Last but not least, show me pillar 3->3.4 pillar 3]]

--- icon: [IconIdea,2,0,"PILLAR 3: GOVERNANCE"] --- > **8.** Protect personal data, maintain cyber security, and safeguard people’s rights through a comprehensive legal and regulatory framework. > **9.** Establish clear institutional mandates and accountability. > **10.** Enforce legal and trust frameworks through independent oversight and adjudication of grievances. [[Good refresh, I'm ready!->3.7 INCLUSION]]

--- sliderText: black sliderBg: white sliderBorder: none icon: [BadgePbHands,1.5] --- Robust legal and institutional foundations and inclusive governance arrangements are critical for trust and long-term success. [[Continue->4.0 DATA PROTECTION]] [[Let me choose next stage->0.6 Doors System]]

###Not quite... ####You are losing trust. Accountability is an important data protection principle. Those who process personal data must be accountable and comply with relevant laws and regulations. Let’s do a refresher on good practices. [[Agreed, thank you!->4.10 PRINCIPLES]]

### Not quite... #### You are losing trust. The personal data processed should be accurate and complete. Measures should be taken to ensure it is up to date. Let’s do a refresher on good practices. [[Agreed, thank you!->4.10 PRINCIPLES]]