pith. sign in

arxiv: 2310.01006 · v1 · submitted 2023-10-02 · 💻 cs.SE · cs.CR· cs.CY

Comparative Analysis of Technical and Legal Frameworks of Various National Digial Identity Solutions

Montassar Naghmouchi , Maryline Laurent , Claire Levallois-Barth , Nesrine Kaaniche This is my paper

Pith reviewed 2026-05-24 06:20 UTC · model grok-4.3

classification 💻 cs.SE cs.CRcs.CY
keywords digital identityblockchainself-sovereign identitylegal frameworksstate sovereigntynational systemscomparative analysis
0
0 comments X

The pith

Blockchain-based self-sovereign identity systems are the most suitable for national digital identity solutions.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

This position paper compares the technical architectures and legal frameworks of national digital identity systems across several countries. It identifies the diversity in technologies used and stresses the importance of legal structures for data protection. Key challenges include maintaining state sovereignty and finding the right mix of public and private sector involvement. The authors argue that self-sovereign identity systems built on blockchain technology address these issues most effectively.

Core claim

The paper concludes that self-sovereign identity management systems based on Blockchain technology are the most suitable for national digital identity systems, as they best support state sovereignty over the system and strike an optimal balance between private sector and public sector needs.

What carries the argument

self-sovereign identity management systems based on Blockchain technology, which enable user control of digital identities while supporting governmental oversight.

If this is right

  • Policy makers gain guidance on designing legal frameworks that protect personal data in digital identity systems.
  • Software developers receive insights into the technical diversity and potential of different architectures.
  • Users learn about challenges in implementation and the role of sovereignty in protecting their data.
  • National systems can be evaluated based on how well they ensure state control independent of private providers.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Countries adopting centralized identity systems may face greater risks of external control if sovereignty metrics are not explicitly measured.
  • Further work could quantify sovereignty by tracking who can alter access rules or data flows in each architecture.
  • Integration with existing public services might require new legal standards for blockchain-based systems.

Load-bearing premise

Blockchain-based self-sovereign identity systems provide better state sovereignty and public-private balance than other architectures.

What would settle it

A comparative study that measures sovereignty through specific metrics like control over identity data access and finds a non-blockchain system scoring higher.

Figures

Figures reproduced from arXiv: 2310.01006 by Claire Levallois-Barth, Maryline Laurent, Montassar Naghmouchi, Nesrine Kaaniche.

Figure 1
Figure 1. Figure 1: UK Verify general architecture and matching flow [10] [PITH_FULL_IMAGE:figures/full_fig_p006_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: Aadhaar - user enrollment and authentication process ; The CIDR is a crucial component [13] [PITH_FULL_IMAGE:figures/full_fig_p008_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Layers enabling e-governance and the digital transformation in Estonia [19] [PITH_FULL_IMAGE:figures/full_fig_p009_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: SSI over eIDAS bridge to have recognizable VC across the EU ; VCs are linked to DIDs stored on the EBSI [PITH_FULL_IMAGE:figures/full_fig_p010_4.png] view at source ↗
Figure 5
Figure 5. Figure 5: High level architecture of ESSIF standards, and requirements for wallet applications, rather than providing one, because other actors, from both public and private, are supposed to provide their own wallet solutions to users. These entities are called “wallet providers” and will be certified by a conformity assessment body and under the supervision of a supervisory body. Wallets can be both online and offl… view at source ↗
read the original abstract

National digital identity systems have become a key requirement for easy access to online public services, specially during Covid-19. While many countries have adopted a national digital identity system, many are still in the process of establishing one. Through a comparative analysis of the technological and legal dimensions of a few selected national digital identity solutions currently being used in different countries, we highlight the diversity of technologies and architectures and the key role of the legal framework of a given digital identity solution. We also present several key issues related to the implementation of these solutions, how to ensure the State sovereignty over them, and how to strike the right balance between private sector and public sector needs. This position paper aims to help policy makers, software developers and concerned users understand the challenges of designing, implementing and using a national digital identity management system and establishing a legal framework for digital identity management, including personal data protection measures. The authors of this paper have a favorable position for self-sovereign identity management systems that are based on Blockchain technology, and we believe they are the most suitable for national digital identity systems.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 2 minor

Summary. The manuscript conducts a comparative analysis of the technical architectures and legal frameworks of selected national digital identity systems, discusses challenges of state sovereignty and public-private sector balance, and concludes by advocating blockchain-based self-sovereign identity (SSI) solutions as most suitable for national deployments.

Significance. A substantiated comparative study of digital identity frameworks could assist policymakers in balancing sovereignty, privacy, and usability; the paper's explicit position on blockchain SSI, however, is not derived from quantitative metrics or scored comparisons, limiting its utility beyond a statement of author preference.

major comments (2)
  1. [Abstract] Abstract: the assertion that blockchain-based SSI systems 'are the most suitable for national digital identity systems' is presented as the authors' position without defined evaluation criteria, quantitative scores on sovereignty or public-private balance, or an explicit mapping from the case comparisons to superiority on those dimensions.
  2. [Comparative analysis sections] The comparative analysis sections: the reported case studies identify issues of sovereignty and public-private balance but do not supply measurable indicators or cross-system scoring that would allow the reader to verify why blockchain SSI outperforms the examined alternatives on the stated criteria.
minor comments (2)
  1. [Title] Title contains the typo 'Digial' (should be 'Digital').
  2. [Abstract] Abstract: 'specially during Covid-19' should read 'especially during the COVID-19 pandemic' for precision and consistency.

Simulated Author's Rebuttal

2 responses · 0 unresolved

Thank you for the constructive feedback. The manuscript is explicitly framed as a position paper offering qualitative comparative analysis of national digital identity systems, with conclusions drawn from observed challenges in sovereignty and public-private balance rather than quantitative evaluation. We will revise to better distinguish the nature of our claims while preserving the paper's intent.

read point-by-point responses

  1. Referee: [Abstract] Abstract: the assertion that blockchain-based SSI systems 'are the most suitable for national digital identity systems' is presented as the authors' position without defined evaluation criteria, quantitative scores on sovereignty or public-private balance, or an explicit mapping from the case comparisons to superiority on those dimensions.

    Authors: We acknowledge the abstract presents the authors' position without quantitative criteria or explicit scoring. As this is a position paper, the claim reflects reasoned judgment from the qualitative case studies on sovereignty and balance issues. We will revise the abstract to explicitly note that the positioning of blockchain-based SSI follows from the identified challenges in the compared systems, without implying a scored or quantitative superiority. revision: yes

  2. Referee: [Comparative analysis sections] The comparative analysis sections: the reported case studies identify issues of sovereignty and public-private balance but do not supply measurable indicators or cross-system scoring that would allow the reader to verify why blockchain SSI outperforms the examined alternatives on the stated criteria.

    Authors: The analysis is qualitative and identifies concrete issues (such as centralized control affecting sovereignty in certain national systems) without introducing measurable indicators or scoring, consistent with the position-paper format. We will add explicit mapping in the discussion section linking each identified challenge to how decentralized SSI architectures address it, to strengthen the connection between cases and recommendation without fabricating quantitative metrics. revision: partial

Circularity Check

0 steps flagged

No significant circularity; central claim is explicit author position without derivation or reduction.

full rationale

The paper performs a comparative analysis of technical and legal aspects of national digital identity systems and states its position on blockchain-based SSI directly as author belief. No equations, fitted parameters, derivations, or self-citation chains exist. The claim does not reduce to any input by construction under any of the enumerated patterns; it is presented as a stated preference rather than a derived result. This is a normal non-finding for a position paper without formal modeling.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

The paper is a position and comparative review; it draws on existing national systems and legal concepts without introducing new fitted parameters, ad-hoc axioms, or invented technical entities.

pith-pipeline@v0.9.0 · 5733 in / 1026 out tokens · 18589 ms · 2026-05-24T06:20:16.181840+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

52 extracted references · 52 canonical work pages

  1. [1]

    Wängqvist and A

    M. Wängqvist and A. Frisén. Who am I Online? Understanding the Meaning of Online Contexts for Identity Development 2016 ; Adolescent Research Review 1:139–151, https://doi.org/10.1007/s40894-016-002 5-0

    work page doi:10.1007/s40894-016-002 2016

  2. [2]

    P. A. Grassi et al. (2017) NIST SP 800-63 Digital Identity Guidelines, vol 1, https://doi.org/10.6028/NIST .SP.800-63-3

    work page doi:10.6028/nist 2017

  3. [3]

    A user centric identity metasystem

    K. Cameron et al. (2008) "A user centric identity metasystem", https://www.identityblog.com/?p=1048 (February 2023, last accessed)

    work page 2008

  4. [4]

    Announcement that FranceConnect reached 30M users, Numerique.gouv (7 octobre 2021) https://www.nume rique.gouv.fr/actualites/30-millions-utilisateurs-conquis-par-franceconnect/ (February 2023, last accessed)

    work page 2021

  5. [5]

    UK National Audit Office, Report by the Comptroller and Auditor General, Investigation into Verify, 5 March 2019, Part 1.9, User sign-ups

    work page 2019

  6. [6]

    New identity suppliers to join GOV .UK Verify [Janet Hughes]. GOV .UK Verify official blog (25 March 2015), https://identityassurance.blog.gov.uk/2015/03/25/procurement-2-new-identity-supplie rs-to-join-gov-uk-verify/ (March 2023, last accessed)

    work page 2015

  7. [7]

    Open Identity Exchange (OIX) website, https://openidentityexchange.org/member (March 2023, last accessed)

    work page 2023

  8. [8]

    Computer Weekly (14 Feb 2017),https://www.computerweekly .com/news/450412927/HMRC-rejects-Govuk-Verify (February 2023, last accessed)

    HMRC rejects Gov.uk Verif [Lis Evenstad]. Computer Weekly (14 Feb 2017),https://www.computerweekly .com/news/450412927/HMRC-rejects-Govuk-Verify (February 2023, last accessed)

    work page arXiv 2017

  9. [9]

    Lack of trust for banks causes NHS rethink over government online identity scheme [Mark Ballard]. Computer Weekly (09 Oct 2015), https://www.computerweekly.com/news/4500255222/Lack-of-trust-for-b anks-causes-NHS-rethink-over-Verify-online-identity-scheme (February 2023, last accessed)

    work page arXiv 2015

  10. [10]

    Official documentation of UK Verify,https://alphagov.github.io/rp-onboarding-tech-docs/page s/arch/hub.html (February 2023, last accessed)

    work page 2023

  11. [11]

    in/en/my-aadhaar/about-your-aadhaar/aadhaar-generation.html (February 2023, last accessed) 27 A PREPRINT - OCTOBER 3, 2023

    Aadhaar documentation, The generation of Aadhaar numbers, Biometric De-duplication, https://uidai.gov. in/en/my-aadhaar/about-your-aadhaar/aadhaar-generation.html (February 2023, last accessed) 27 A PREPRINT - OCTOBER 3, 2023

    work page 2023

  12. [12]

    India Times (25 Apr 2022), https://government.economictimes.indiatimes.com/news/digital-india/cag-pulls-up-uid ai-over-duplication-of-aadhaar-cards-and-privacy-issues/91064926?redirect=1 (February 2023, last accessed)

    work page arXiv 2022

  13. [13]

    Privacy International, Aadhaar case-study (19 Nov 2021), https://privacyinternational.org/case-stu dy/4698/id-systems-analysed-aadhaar (February 2023, last accessed)

    work page 2021

  14. [14]

    Computer Weekly (19 Aug 2022), https: //www.computerweekly.com/news/252524009/Inside-Singapores-national-digital-identit y-journey (February 2023, last accessed)

    Inside Singapore’s national digital identity journey [Aaron Tan]. Computer Weekly (19 Aug 2022), https: //www.computerweekly.com/news/252524009/Inside-Singapores-national-digital-identit y-journey (February 2023, last accessed)

    work page arXiv 2022

  15. [15]

    https://github.com/singpass (February 2023, last accessed)

    Singpass source code on Github. https://github.com/singpass (February 2023, last accessed)

    work page 2023

  16. [16]

    Official e-Estonia website, https://e-estonia.com/solutions/cyber-security/ksi-Blockchain/ (March 2023, last accessed)

    work page 2023

  17. [17]

    BBC News (27 Apr 2017), https://www.bbc

    How a cyber-attack transformed Estonia [Damien McGuiness]. BBC News (27 Apr 2017), https://www.bbc. com/news/39655415 (February 2023, last accessed)

    work page arXiv 2017

  18. [18]

    Postimees (6 Sep 2018), https://news.postimees.e e/6383968/cyber-lollygagging-cost-the-state-millions (February 2023, last accessed)

    Cyber-lollygagging cost the state millions [Aivar Pau]. Postimees (6 Sep 2018), https://news.postimees.e e/6383968/cyber-lollygagging-cost-the-state-millions (February 2023, last accessed)

    work page arXiv 2018

  19. [19]

    Framework of e-government technical infrastructure . Case of Estonia

    A. Kütt and J. Priisalu (2014), "Framework of e-government technical infrastructure . Case of Estonia"

    work page 2014

  20. [20]

    Evernym SSI use-cases: Verity credential exchange platform https://www.evernym.com/verity/ and IATA TravelPass https://www.evernym.com/travelpass/ (February 2023, last accessed)

    work page 2023

  21. [21]

    European Commission, SSI eIDAS bridge, https://joinup.ec.europa.eu/collection/ssi-eidas-bri dge/about(February 2023, last accessed)

    work page 2023

  22. [22]

    https://digital-strategy.ec.europa.eu/en/library/european-digital-identity-wallet-a rchitecture-and-reference-framework (June 2023, last accessed)

    The Common Union Toolbox for a Coordinated Approach Towards a European Digital Identity Framework, The European Digital Identity Wallet Architecture and Reference Framework, version 1.0.0 of January 2023. https://digital-strategy.ec.europa.eu/en/library/european-digital-identity-wallet-a rchitecture-and-reference-framework (June 2023, last accessed)

    work page 2023

  23. [23]

    https://ec.europa.eu/digital-building-blocks/wikis/displa y/EBSIDOC/EBSI+DID+Method (June 2023, last accessed)

    The EBSI DID method specification. https://ec.europa.eu/digital-building-blocks/wikis/displa y/EBSIDOC/EBSI+DID+Method (June 2023, last accessed)

    work page 2023

  24. [24]

    https://ec.europa.eu/fut urium/en/system/files/ged/eidas_supported_ssi_may_2019_0.pdf (June 2023, last accessed)

    eIDAS supported Self-Sovereign Identity, a document by the European Council. https://ec.europa.eu/fut urium/en/system/files/ged/eidas_supported_ssi_may_2019_0.pdf (June 2023, last accessed)

    work page 2023

  25. [25]

    ITNews (17 Dec 2021), https://www.itnews.com.au/news/service-nsw-gets-funding-to-begin-work-on-digital-i d-wallet-574185 (February 2023, last accessed)

    Service NSW gets funding to begin work on digital ID wallet [Justin Hendry]. ITNews (17 Dec 2021), https://www.itnews.com.au/news/service-nsw-gets-funding-to-begin-work-on-digital-i d-wallet-574185 (February 2023, last accessed)

    work page 2021

  26. [26]

    British Columbia Digital Government, Project: Verifiable Credentials for people,https://digital.gov.bc .ca/digital-trust/projects-and-initiatives/credentials-for-people/ (February 2023, last accessed)

    work page 2023

  27. [27]

    European Commission, resources for the eIDAS node version 2.6, https://ec.europa.eu/digital-build ing-blocks/wikis/display/DIGITAL/eIDAS-Node+version+2.6 (February 2023, last accessed)

    work page 2023

  28. [28]

    36, 2019

    Davide Ceccanti et al., Evaluation study of the Regulation no.910/2014 (eIDAS Regulation) SMART 2019/0046 Final Report, EUROPEAN COMMISSION, pp. 36, 2019. doi:10.2759/850876

    work page doi:10.2759/850876 2014

  29. [29]

    Council of the EU Press release 6 December 2022. https://www.consilium.europa.eu/en/press/press -releases/2022/12/06/european-digital-identity-eid-council-adopts-its-position-on-a -new-regulation-for-a-digital-wallet-at-eu-level/ (June 2023, last accessed)

    work page 2022

  30. [30]

    FranceConnect

    Arrêté du 8 novembre 2018 relatif au téléservice dénommé "FranceConnect" créé par la direction interministérielle du numérique et du système d’information et de communication de l’Etat, NOR : PRMJ1819224A. Journal officiel électronique authentifié n° 0264 du 15/11/2018

    work page 2018

  31. [31]

    Nemec et al

    M. Nemec et al. The Return of Copper-Smith’s Attack: Practical Factorization of Widely Used RSA Moduli. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS ’17), Association for Computing Machinery, New York, NY , USA, pp. 1631–1648,https://doi.org/10.1145/31 33956.3133969

    work page doi:10.1145/31 2017

  32. [32]

    28 A PREPRINT - OCTOBER 3, 2023

    BSI-DSZ-CC-0782-V2-2015 report by the Federal Office for Information Security for Infineon Security Controller M7892 B11 with optional RSA2048/4096 v1.02.013, EC v1.02.013, SHA-2 v1.01 and Toolbox v1.02.013 libraries and with specific IC dedicated software (firmware). 28 A PREPRINT - OCTOBER 3, 2023

    work page 2015

  33. [33]

    The Hindu (27 Mar 2017) https://www.thehindu.com /news/national/aadhaar-cannot-be-mandatory-for-welfare-schemes-supreme-court/article 61798285.ece (February 2023, last accessed)

    Supreme Court counters push for Aadhaar [editorial]. The Hindu (27 Mar 2017) https://www.thehindu.com /news/national/aadhaar-cannot-be-mandatory-for-welfare-schemes-supreme-court/article 61798285.ece (February 2023, last accessed)

    work page 2017

  34. [34]

    Yasir and K.D

    India Withdraws a Proposed Law on Data Protection [S. Yasir and K.D. Singh]. The New York Times (4 Aug

    work page

  35. [35]

    https://www.nytimes.com/2022/08/04/business/india-data-privacy.html (February 2023, last accessed)

    work page 2022

  36. [36]

    Aadhaar Act, Article 30

    work page

  37. [37]

    A list of eIDAS pre-notified and notified eID schemes,https://ec.europa.eu/digital-building-block s/wikis/display/EIDCOMMUNITY/Overview+of+pre-notified+and+notified+eID+schemes+under +eIDAS (March 2023, last accessed)

    work page 2023

  38. [38]

    UNCTAD, Data Protection and Privacy Legislation Wordlwide, (2021),https://unctad.org/page/data-p rotection-and-privacy-legislation-worldwide (February 2023, last accessed)

    work page 2021

  39. [39]

    ISBN 9780190088583

    Anu Bradford, The Brussels Effect: How the European Union Rules the World, Oxford University Press (2020). ISBN 9780190088583

    work page 2020

  40. [40]

    GDPR Third Countries, https://gdpr-info.eu/issues/third-countries/ (February 2023, last accessed)

    work page 2023

  41. [41]

    The General Data Protection Regulation

    Special Eurobarometer 487 – Wave EB91.2 – Kantar, “The General Data Protection Regulation” Report, June 2019, pages 3-4, ’doi:10.2838/579882

    work page doi:10.2838/579882 2019

  42. [42]

    2) Bill, As Introduced to the UK Parliament https://bills.parl iament.uk/bills/3430 (May 2023, last accessed)

    Data Protection and Digital Information (No. 2) Bill, As Introduced to the UK Parliament https://bills.parl iament.uk/bills/3430 (May 2023, last accessed)

    work page 2023

  43. [43]

    OneTrust DataGuidance (May 2022), https://www.da taguidance.com/notes/singapore-data-protection-overview (February 2023, last accessed)

    Singapore - Data Protection Overview [Chong Kin Lim]. OneTrust DataGuidance (May 2022), https://www.da taguidance.com/notes/singapore-data-protection-overview (February 2023, last accessed)

    work page 2022

  44. [44]

    New York Times - WireCutter blog (6 Sep 2021), https://www.nytimes.com/wirecutter/blog/state-of-privacy-laws-in-us/ (February 2023, last accessed)

    The State of Consumer Data Privacy Laws in the US [Thorin Klosowski]. New York Times - WireCutter blog (6 Sep 2021), https://www.nytimes.com/wirecutter/blog/state-of-privacy-laws-in-us/ (February 2023, last accessed)

    work page 2021

  45. [45]

    European Data Protection Board representatives per country, https://edpb.europa.eu/about-edpb/abou t-edpb/members (February 2023, last accessed)

    work page 2023

  46. [46]

    Comparitech (11 Jul 2022), https://www.comparitech.com/vpn-privacy/the-worlds-most-surveilled-cities/ (February 2023, last accessed)

    Surveillance camera statistics: which cities have the most CCTV cameras? [Paul Bischoff]. Comparitech (11 Jul 2022), https://www.comparitech.com/vpn-privacy/the-worlds-most-surveilled-cities/ (February 2023, last accessed)

    work page 2022

  47. [47]

    ESSIF Lab, https://essif-lab.eu/ (February 2023, last accessed)

    work page 2023

  48. [48]

    science/hal-04128762

    Claire Levallois-Barth, Calling for the recognition of a right to multiple digital identities (2020) https://hal. science/hal-04128762

    work page 2020

  49. [49]

    European Council, Press Release (6 Dec 2022), European digital identity (eID): Council makes headway towards EU digital wallet, a paradigm shift for digital identity in Europe, https://www.consilium.europa.eu/en/p ress/press-releases/2022/12/06/european-digital-identity-eid-council-adopts-its-pos ition-on-a-new-regulation-for-a-digital-wallet-at-eu-level/...

    work page 2022

  50. [50]

    enisa.europa.eu/publications/remote-identity-proofing-attacks-countermeasures (February 2023, last accessed)

    ENISA (Jan 2022), REMOTE IDENTITY PROOFING: ATTACKS & COUNTERMEASURES ,https://www. enisa.europa.eu/publications/remote-identity-proofing-attacks-countermeasures (February 2023, last accessed)

    work page 2022

  51. [51]

    Seon (12 May 2022), https: //seon.io/resources/cost-of-kyc/ (February 2023, last accessed)

    Cost of KYC: How Much It Is and How to Reduce It [Bence Jendruszak]. Seon (12 May 2022), https: //seon.io/resources/cost-of-kyc/ (February 2023, last accessed)

    work page 2022

  52. [52]

    Seon (6 Jul 2022), https://seon.io/resource s/kyc-banking/ (February 2023, last accessed) 29

    Banking KYC: What Is It and How to Cut Costs [PJ Rohall]. Seon (6 Jul 2022), https://seon.io/resource s/kyc-banking/ (February 2023, last accessed) 29

    work page 2022