Good morning. Thanks for coming this last day on the event, by the way, a great event this year again. So I'm going to, okay, first some background who I am, I'm the CTO and founder of the company dig. So we deliver already for the last 15 years, next month, even 16 years reusable digital identities. We are an identity provider that is notified under E one and we delivering reusable identities on level substantial and on level high. Besides that, we are also notified under our DI scheme, the trust services scheme for qualified signatures.
So we deliver a complete product identity and qualified signatures in one. With our technology, we already onboarded 25 million plus users, and not only in the Netherlands, we are based in the Netherlands, but we do that on, on a global scale. We have a lot of corporate customers as well, and that can be mom and dad companies, still big internationals like Uli, packet, enterprise, Unilever, but also the four major banks in, in the Netherlands that using our technology.
So we learned a lot and in, especially during covid, we learned a lot about fraud.
We onboarded at that time around 2000 new users per hour on level high and substantial. And we saw massive fraud coming up there. So also with the decentralized way, we need to be careful what to do with fraud and really we need to cooperate together with that to to, to prevent fraud there. I think the Open ID shared signals project, we wrote a white paper I think 10 years ago, and there's now an open ID, standard shared signals. I encourage our competitors to look into that and work together to, to prevent fraud. There.
I wanted to discuss hybrid bullets because I don't believe in a full decentralized identity world. It looks nice, but I think we are not there yet. All the relying parties need to, to do a lot on their side. So there will be a stage, there will be a couple of years before that's really implemented on, on both sides because we have two side world. On the identity side, everything needs to be decentralized, but also on the relying part, it needs to be done a lot. So that's why I want to encourage people, my competitors as well, to look to hybrid wallets.
Otherwise, we are creating the next silo. We already have a lot of identity silos and this is then a next silo that we are creating.
So to, to talk about my approach, how I think the world will look like. We need first to look how is EI one now distributed in, in, in Europe, especially in Europe, we have a couple of countries that are really government led deliver ERDI, they are notified on the I one. So the government itself is doing the provisioning. You can see it's the countries where Napoleon was based on code.
Napoleon, because there is a good registry, there is a good ledger and Napoleon Ledger still, France is not on the map, but all the other countries works like this. So if you look in the Netherlands, for example, DID, we've built that for the, for the government in the past, really successful 80% coverage from, from the end users. So all citizens are logging in with DJD into government services. I think there's around 1100 services connected to this, this, to this framework.
So it's a kind of federation, but then for the, on the side of the relying party, so municipalities are connected, all the big ministries, the departments are connected. But also the pension thing, A big problem with DID is that it's only consists the social security number. So you don't get credentials, you don't get any attributes. It's only the, the, the social security number. And for the private market, it's not allowed to store these social security numbers because we, we can't store them in a database.
So we, we solve that by polymorph encryption, but it's, it's very hard.
Second big, big part here is the, the, the government led federations. So you see SPRD in, in Italy, very successful France Connect in France, that's only substantial, not not the united high. And in the Netherlands we have e eken e recognition, that's a framework. It's a business framework. So it's employee to government, but also employee to insurance industry in employee banks. So you can log in by banks for, for insurance, but also it's around thousand services that are connected to this framework.
And this is one of the biggest really employee identity frameworks, very successful. Then we have a third category, a business led. So that also an ERD high you see there in, in the Nordics and Smart ID and in the uk it's, they had in the past KA UK verified that was a federation with identity providers, but they decided to pull the plug. So they throw away around 20 million built identities and building everything again now by the, by the government.
But there is also a business framework, DITF, digital identity and attribute trust framework where you can use it for right to work, right to end disclosure borrowing services. And there are different identity providers connected to that.
And the fourth one is, is really business led federation. And there you see it's me in Belgium and all these, and in the Nordics as well, bank D. And you see that it's pure telecom and banking sector that running these businesses. So that's also a very, yeah, I think pretty successful.
So in total you have around 300 million citizens, Eids already up and running in IIS and different kind of levels of products. So you really have full apps, mobile apps, but you have also identity cards and combination of it.
So it's, it's really a, a different world.
How do we get from code Napoleon then to verifiable credentials and that will be not in one. So that's where I, I really encourage people to with in these frameworks to create an, an hybrid wallet. So to understand that, I think you have seen enough presentations of this, so I can do a little bit quicker. You have account based identities. So really username, password, they are still there. Federated. So like digital, you can create one account and you can use it in multiple frameworks or multiple relying parties. It's based on, on government data.
And then you have other, you have social frameworks. So the, the Facebook, the LinkedIn, the Google and E are caning, for example, in the Netherlands, but they are much more, and they all related on trusted. So sources au authoritative sources both for, for the citizen part companies, house, chamber of commerce registrations and the big shift, if decentralizes, of course they going to the beginning from, they are the issuer side and the holders in, in the middle.
So we really have a shift in control here, what's completely different.
So it's, it's pretty hard to, to make a combined product with both technologies in it. So you can use it in, in both ways, but it is possible. So going back to to EI one to this map, 300 million citizen identities. If you look to really to the, the players that has already apps in there, we have already close to a hundred million citizens that could have a wallet. It's an app.
If you make that app, both federated as decentralized, we can have a kickstart really kick jumpstart in the decentralized world because the people are really, are, are using it on a daily basis, weekly basis, monthly basis. The apps already. And they give you both technologies in the same app. Then we really can speed it up and the relying parties on their side, they can have their own pace.
We work with a lot of governments and, and, and finance institutions. It needs to be on the roadmap.
No, at least one year before, before they can build something new into, into their frameworks. So for them it's also they have more time to to go to the decentralized world as well. And there is a good coverage. If you look to the, the Baltic states, it's, it's around close to 60% in the countries that people has private s in in, in France and, and Italy it's around 60%. And in the Nordics it's, it's close to to 80%. There's really big coverage if you look to the, to the other parties.
For example, in in er canning in the Netherlands we have 700,000 companies registered and we have 1 million business identities already there. So it's really the different from some companies need only one identity, but other ones have 4,000 identities in the big corporate.
So there, there's really a good, good chance to speed, speed this up. So what we need to build is a new swish army knife for identity. And that app needs to be, have also SAML for example, because there are still a lot of SAML only in the Netherlands it's yeah, close to 2,100 relying parties that has a SAML connection.
So that app needs to work on that brain open ID connect is of course a no-brainer. So a lot of other, especially in the private sector is open. Id connect and we see more and more also government moving a shift to open ID connect or a flavor of that different open Id connect maybe with the protocol on top of it.
There's, there's a lot to do there. And don't forget signing, so Cloud Signal Consortium has an API and API 2.0 is also in the A RF for the, the reference wallet for the new decentralized wallet for cloud signing.
We do cloud signing already for 15 years now. And adoption is, is still low for qualified signing in the cloud, but I still have the hope that that will change. But then we need to, to put that in place and especially the big signing platforms need to put it in place. Adobe has adopted it completely, this protocol.
DocuSign not really, and one span also, not really they're moving to it, but I encourage them to speed up because then we make really can make a difference. We can make also cloud signing because QES is mandatory in the new European wallet. But then we need this protocol also on the other side where we are going to use it. Then the platforms need to, to adopt it. And of course open ID for VP, that's, that's the fourth pillar.
So this, this Swish Army knife really needs to, can handle all these protocols and it's possible we build that already.
But this is only the protocols. You have also different frameworks because EI, this is a framework, but if you go to the uk, the DITF, it's based on GPT 44 or 45. The Good practice guide talking about GPT 44, I haven't heard in any presentation, maybe I missed it, something about authentication. When you have the wallet, how do you do the authentication?
How do you still know that this user is really this user and the user that's signing, that's created this credential, this app, in the beginning we using technology like a face comparison, live this detection and, and, and defect detection. But how do we know that after a month it's still the same user that has this token in his hand. So it is really important that the authentication layer is, is really embedded into these, these wallets and, and the most wallets that I've seen, it's not implemented there yet.
So it's not only in technology but also e this, but also GPG 44 45 to the, to the the US. NIST 863, that's word, but we GPG 45, the only banned SMS for a very good reason. So it's also Cross Sector Australia, TD. So we really need to create a community not only on technology but also in different frameworks, different legislation to make this success. What we've seen in the past with the GSM networks for example, that's now on a global level, very successful and I think we can do it as well, take a couple of years.
But it's, it's possible if you're going to use it in the, in your workforce for the employee side, then don't forget to implement skim. We've seen a lot because we're working with big corporates, the onboarding, that's okay, you can handle that. They can do that on our sales service portal or for competitors on the sales service portal.
But offboarding, they always forget and your employees have an authorization to do things on your behalf by the government or by insurance industry. And when they're offboarding, they forgot to, to revoke these authorizations.
So we've successfully implemented IM 2.0 so that if the offboarding is done in your HR system, the authorizations are really directly revoked. And we also need to do that with decentralized identities. If you have a decentralized authorization, we need to revoke this authorization immediately on the trust layer, which trusts layer you also will use, so this is our Swiss Army knife with all the protocols and we operating both in, in in TDF, the GPT 45 in the uk.
EI is one and, and Sunni I does two, but also completely connected to skim successfully on, on different platforms like Microsoft Entra one identity and, and and SailPoint and the others, but also the, the cloud signing infrastructure. It's, it's, it's available already for 16 years. And we see with the technology, especially the more technology comes in the phone, the product's getting better and better.
And yeah, that's my message for today to the competition, please. I think followers or, or maybe already there, but then we can make it happen that we also have a decentralized ecosystem sooner than we could have thought.
That's it.
Thank you very much, Marcel. There was some good calls to actions there to, to this audience. Obviously the, the security has been a topic very much in, in our minds this week and related to our identity. So we have a question here.
What are the specific security features that the hybrid wallet employs to ensure robust security across various digital environments?
Yes. How we solved it, we, we only accept phones that has a secure element in it and the majority has only the, the, the very cheap Chinese phones don't have it, but the rest, the majority has the secure and cloud for secure element and the real identity, how we solved it is in, in our platform is in HSM hardware security models. So we really have a robust security layer built ourselves between the secure element and, and our backend.
Great.
Thank you very much everyone. Brand of applause. One more fell there.
