Most governments offer a variety of services to their citizens. It is costly and redundant to have each service provider maintain a separate list of authenticated users and their passwords.

Single sign-on is an authentication scheme that can be integrated into multiple applications to allows a user to access services. It enables an user to log in with a single ID to any of several related, yet independent, software systems.

Having a digital ID-based SSO will drastically simplify the service delivery while reducing the dependence on 3rd party SSO providers. End users can identify themselves in order to avail of online services and also share their profile information.

ID-based SSO can be connected to any ID that provides a mechanism to authenticate the users.

How does this work?

1. The user visits the service provider and chooses to login with ID-based SSO option

2. The user has to authenticate their identity via any of the provided modes.

3. Upon authentication, the user’s explicit consent is sought to share profile data fields.

4. The service provider can authenticate a user’s identity against data stored on any identity system via SSO.

Any ID-based SSO should provide multiple modes of user authentication including OTP-based, biometrics or even wallet-linked authentication.

Benefits of SSO:

1. By providing as a secure, efficient log-in mechanism, ID-based SSO increases the ease of doing business for individuals and businesses, Along with increasing digital economic activity, this also presents a potential revenue stream for the governemnt.

2. This can be used for consented data sharing of ID profile fields or for eKYC needs of different applications. An application’s authentication request can also ask for details needed for profile setup or eKYC compliance, which can be shared upon explicitly receiving user consent.

References:

1. https://docs.mosip.io/1.2.0/integrations/e-signet