Docaposte, the digital subsidiary of La Poste, has orchestrated the deployment of a strong authentication solution built around Thales technologies to secure Identité Numérique, La Poste’s digital ID service. These 100% French security components were key to qualification by ANSSI of the solution’s mobile application on 20th January 2020.
Coordinated by Docaposte, the technical design of the authentication process enabled teams from Docaposte and Thales, drawing on Gemalto expertise, to provide the technological components required for La Poste's Identité Numérique mobile app. The security of Identité Numérique is based on a unique combination of an identifier, a mobile app and a personal authentication code. This strong authentication procedure relies on two distinct methods of verification — the user's unique identifier and the secret code — to confirm connection to the Identité Numérique mobile app.
Working together, Docaposte and Thales incorporated the Gemalto two-factor mobile authentication solution, which has obtained Level 1 ANSSI security certification (CSPN), into the overall authentication process. Docaposte also hosts Identité Numérique on Thales authentication servers located in France in dedicated environments complying with Trust Service Provider (TSP) requirements and including the associated cryptographic Hardware Security Modules. All these solutions and services are operated and supervised by Docaposte's security operation and cyberdefence centre (COSC).
To meet the regulatory and security requirements of remote authentication, Docaposte adopted Thales technology to provide La Poste with the essential security components of the Identité Numérique application. Compliant with the requirements of basic level qualification, the security of the Identité Numérique solution is now recognised by ANSSI as "substantial".
Combined with the other components developed by La Poste, basic level qualification of the mobile application is an endorsement of the robust design of La Poste's Identité Numérique solution. The service guarantees a proven level of security and substantially reduces the risk of unauthorised use, alteration or identity theft. This qualification provides users with the assurance of choosing a solution that is underwritten by the State and includes a verified level of security and trust.
"At Docaposte, we are particularly proud to provide our technological assets to La Poste. Identité Numérique is a trusted solution that simplifies French people's everyday lives. ANSSI qualification opens up opportunities for a whole range of additional uses of the service."
Olivier Vallet, Chief Executive Officer, Docaposte
"Thales is a major player in secure digital identity and trust technologies with wide recognition for its strong authentication solutions. We are delighted to contribute to this service, the first of its kind on the French market, by providing our expertise and working with Docaposte and ANSSI. We wish La Poste's Identité Numérique every success."
Philippe Vallée, Executive Vice President, Digital Identity & Security, Thales
* The European eIDAS regulation
Adopted on 23 July 2014, eIDAS (Electronic Identification, Authentication and Trust Services) is an EU regulation intended to increase trust in electronic transactions in the European Union's internal market. It primarily concerns public-sector organisations and trust service providers established within the European Union, and provides a European framework for electronic identification and trust services to promote the emergence of the Digital Single Market.