Transactions with government, either in the physical world or the digital world, can have uncertainty about the outcome and the level of risk, both for the citizen and the public service. Dealing...Show moreTransactions with government, either in the physical world or the digital world, can have uncertainty about the outcome and the level of risk, both for the citizen and the public service. Dealing with this uncertainty can be explained with the construct of trust, which is defined as a positive effect on the expected outcome and the acceptance of risk of a transaction in a certain context. Within the context of a transaction with government over the Internet (eGovernment), it shows that identity verification of the citizen can be a cumbersome problem, as no face-to-face verification is readily available. The use of biometric technology might solve this problem, and it is found that for people to trust this technology, and willing to use it, the trust factors of usability, security, privacy and reputation are the main constructs to implement. Within the European Union (EU), biometric identity verification is possible with the European ID-card, and with the design of an electronic identification (eID) solution with mobile biometrics it enables EU citizens to use the biometric data of the ID-card in identity verification over the Internet. The proposed solution is subject to a policy analysis, to investigate whether it is compliant to EU policies and if the found trust factors can be implemented to deliver a trustful eID solution. The analysis shows that the proposed solution is highly compliant and also ensures various trust aspects of biometric technology, mainly usability, security and privacy. The trust aspect of reputation is found to be more likely an aspect of the organisation implementing the whole solution and for eID solutions in particular, the eIDAS Regulation is built upon the construct of reputation. The question arises whether in this way the eIDAS Regulation enhances trust in eID solutions in an effective way. In the analysis of the GDPR the question is raised whether the storage and usage of the biometric data is compliant and in which way could explicit user consent bypass the objections of processing these data. Another complicating factor that is found is that all implementation is done at the Member State level, which makes that the research should be iterated for each Member State. Despite these problems, the findings of this research can be used to enhance the discussion about the implementation of biometric identity verification in the digital world. The constructs of usability, security, privacy and reputation can be used as guidance to deliver a trustworthy eID solution with mobile biometrics and with it ensure trust in transactions with eGovernment.Show less
