eIDAS2, ID Wallets, Travel credentials
Combined Session
Wednesday, May 07, 2025 12:05—13:05
Location: A 05-06
Wednesday, May 07, 2025 12:05—13:05
Location: A 05-06
Digital identities are the linchpin of all modern digital services. Particularly in applications with high protection requirements, the question of "Who operates the application?" is a key issue that is often the subject of time-consuming and costly discussions.
There are many private-sector solutions for identification, but many citizens already carry one solution in their wallets: the (electronic) ID card. However, its use is still very limited due to the technical challenges involved in connection and verification.
L21s has helped a healthcare provider to integrate the electronic ID card verification in their product. During the project, a number of technical solutions were evaluated. L21s has decided to take these learnings and release them in an open source manner, by building a plugin for the best-known open source identity provider Keycloak for eletronic ID card identification.
After the session, attendees will understand:
- Reasons for the relatively low level of adoption of electronic id cards for private sector digital processes
- Technical limitations and challenges of the id card verification process
- How to leverage open source software to build their own identification processes based on the electronic ID card
In today’s rapidly evolving digital landscape, the travel industry is increasingly dependent on digital technologies ranging from online booking systems to mobile apps and biometric authentication to deliver seamless, efficient, and personalized experiences. However, with this digital transformation comes a growing responsibility to protect the vast amounts of sensitive data generated by travellers. Cybersecurity is no longer just a technical concern but a critical component of trust and safety in the travel ecosystem.
The talk, "Wired for Safety: How Cybersecurity is Protecting the Digital Travel Ecosystem," explores the intersection of cybersecurity and the digital travel experience. It will provide an overview of the modern travel ecosystem, highlighting the shift from traditional paper-based systems to digital identities, e-passports, biometric screening, and mobile travel credentials. With these innovations, however, come new challenges—ranging from data breaches and identity theft to sophisticated cyberattacks targeting airlines, travel agencies, and infrastructure.
We will delve into the key cybersecurity risks that affect travellers and industry stakeholders alike, such as phishing attacks, ransomware, and data vulnerabilities. The session will also explore how travel companies are leveraging advanced technologies like encryption, multi-factor authentication, and AI-driven threat detection to secure digital travel credentials and ensure the integrity of traveler data across global networks.
Whether you're a traveler, a cybersecurity professional, or a business operating in the travel industry, this talk will offer practical insights on how to navigate the digital travel ecosystem safely and securely. Attendees will leave with a deeper understanding of how cybersecurity measures are protecting personal data, preserving trust in digital systems, and ensuring safe journeys in a connected world.
The talk is in correspondence to published book chapter and research paper(Scopus indexed) " Navigating the Digital Skies: Good Governance and Cyber Security in Tourism, Aviation, and Hospitality Sectors".
The European Union (EU) Digital Identity Wallet (DIW) intends to give citizens control over personal data sharing. The DIW users will have full and sole control over their data. The EU intends to address the risk to citizens’ privacy in cases where data from and about users is gathered and exchanged by online service providers. However, it is unclear how users of the EU DIW can decide what data to share and how to prevent sharing too much data with online service providers. In order to reduce this risk, we need to understand it first. Drawing on expert interviews, this paper presents a novel analysis of the risk of over sharing through the EU DIW. It defines the risk and what aspects influence the risk from literature, documentation and expert interviews. Over-sharing data occurs when users share more data than strictly required for the service or product acquired online and multiple aspects influence this risk, specifically the user capabilities and orientation, the loss of context awareness, the quality of the data and the ease of sharing.
