Skip to main content

This page has been translated using TexTra by NICT. Please note that the translation may not be completely accurate.
If you find any mistranslations, we appreciate your feedback on the "Request form for improving the automatic translation ".

Next Personal Number Card Task Force (1st)

Overview

  • Date and time: Thursday, September 7, 2023, from 13:00 to 15:00

  • Location: Online Meeting

  • Agenda:

  1. Opening
  2. Proceedings
    1. Next Personal Number Card Task Force
    2. Considerations concerning the specifications for the next Individual Number Card
    3. Exchange of opinions
  3. Adjournment

Materials

Minutes, etc.

Date

Thursday, September 7, 2023, from 13:00 to 15:00

Location

Online

Attendees

Chairman

Satoru Tezuka, Professor, Faculty of Environment and Information Science, Keio

Members

Experts (honorific titles omitted, in the order of the Japanese syllabary)

Tetsutaro Uehara Professor, Faculty of Information Science and Engineering, Ritsumeikan University
Takashi Obi Associate Professor, Institute of Science and Technology Creation, Tokyo Institute of Technology
Tsunehisa Shishido, Professor, Faculty of Law

Local governments

Masafumi Hori Manager of the contact center service Division, Yokohama City Citizens' Bureau, Individual Number Card, Issue Promotion
Naoya Sakata, Section Head of Digital Strategy Department, Planning and Coordination Bureau, Kobe City (Attending on behalf of
Yasunori Sato, Senior Manager, Miyakonojo City Digital Management Division

Relevant ministries and agencies, etc.

Koichi Tachikawa Director-General of the Traffic Bureau of the National
Keisuke Murakami, Director-General of Digital Agency For the public Group
Ken Yamano Director-General of Local Administration Bureau Ministry of Internal Affairs and Communications
Nobuko Fukuhara, Director of the Residence Management Support Department, Immigration Services Agency (Attendance by proxy)
Toshihide Ando Director-General of the Consular Affairs
Hisayuki Oyanagi, Director of the digitalization and Business Reform Office, National Tax Agency (attending on behalf of the
Tomomi Nichihara, Deputy Director-General of the Information and Communications Policy Bureau of Ministry of Health, Labor and Welfare (attending on behalf of the Emperor)
Yasuharu Sugawara Vice President, local governments Information Systems Institute

Overview

(1) Next Personal Identification Number Card Task Force

  • The "Next Personal Number Card Task Force" is hosted by Digital Agency and is held based on the outline of the meeting in Material 1. The members are as described in the Attachment of Material 1.
  • With regard to the technical aspect, the "Technical Review Working Group" shall be separately established.
  • Digital Agency will manage the plenary session, and Digital Agency For the public Group and Digital Agency Digital social common function Group will jointly conduct the general affairs.
  • Professor Satoru Tezuka of the Faculty of Environmental Information, Keio University, will serve as chairman.
    (VOICE OF NO OBJECTION)
  • I received an address from Chairman Tezuka.

(2) Matters to be considered concerning the specifications for the next Individual Number Card

  • After Digital Agency explained the future schedule and future procedure based on Material 3 and the main points of discussion in this task force based on Material 4, the members expressed their opinions. The main opinions are as follows.
[1. (1) All matters described on the face of the card]
  • The usage of the card is influenced by the description on the ticket. It is better to minimize the description on the ticket as much as possible.
  • If it is not printed on the face of the ticket, there will be a debate over what devices should be used to read it. There is a view that the government will use devices dedicated to My Number, and the general public will use smartphone. It is necessary to consider the matters to be stated on the face of the ticket while considering the combination of these and My Number Card.
  • In the case of integration with residence cards, foreigners will use the integrated card as an identification card. Therefore, we are interested in how to confirm basic personal information such as date of birth, sex, and address.
  • Since it is necessary to confirm the age at the time of participation in an event and the address at the time of travel support, etc., even if it is a temporary confirmation other than normal operations, I feel uneasy about responding only with a reader.
  • We have asked related organizations to substitute the confirmation of the My Number Card for the one required to submit the certificate of residence, but we are concerned that if it is not displayed on the ticket, we will be asked to submit the certificate of residence, and the residents will be charged with the cost.
  • Regarding online eligibility confirmation, even in the case that the card reader cannot be used due to a power outage or system failure, the matters described on the ticket of the My Number Card are confirmed at the visual inspection, and the matters described on the ticket are written on the application form for insured status to receive insurance benefits. Therefore, under the current system, the matters described on the ticket, including the address, are important, and the examination of the matters described on the ticket is an important issue.
  • Why don't you consider whether to delete the matters to be entered on the ticket after understanding how much is actually used as identification and whether you are required to submit a copy? It is fine to delete the matters to be entered on the ticket, but in that case, if you have to submit your My Number and something to prove yourself separately, it may lead to criticism of the My Number and My Number Card systems.
  • Since there is a trade-off between the amount of information to be stated on the face of the certificate and ease of viewing, sufficient attention should be paid when considering the matters to be stated, the additional information column, the design, etc.
  • There was an opinion that the number of items to be stated on the ticket should be drastically reduced in order to promote digitalization, but it is necessary to consider whether or not to eliminate them at once, considering how they are used on site, including small local government, and the actual situation of private sector use, in which a copy of the ticket is required to be submitted.
  • It is not a choice between eliminating the ticket face and not eliminating it, but there is a gap between them. It is better to reduce it to promote digitalization, but it is better to have support such as free distribution of apps and libraries from the government. In addition, it is possible to systemize it at low cost by including the name, address, and date of birth in the QR code, and it is better to consider how much of a mechanism to lower the cost by reading it digitally will be put on the ticket face.
[1. (1) (I) Matters to be stated on the face of the card (3 information (name, date of birth, address) and face photo)]
  • If the number of people who die after making a card increases in the future, there is a risk that it will be misused without a photo. If it is used as an identification card, the photo will be left.
  • Whether or not the address, etc. is stated on the ticket surface may affect one stop service for address change, which is one of the advantages of integrating driver's license card and My Number Card.
  • Regarding the information stored in the IC chip, it is considered that the expansion of the information such as the reading will lead to the prevention of input errors by the user, and that the information can be obtained more accurately and more conveniently by the system.
  • It is not necessary to swing extremely like losing or not losing. Considering that it is used as an identification card, a photograph of the face, the name, and the date of birth are essential. I think that the address, which changes frequently, will be the biggest discussion. If the address is written, it will lead to a discussion that an additional column is necessary in case of change. Therefore, it is necessary to consider whether or not the address is written in consideration of the burden on the local government.
  • As for how to read electronically, the Basic Access Code, date of birth, expiration date, and security code may not be readable even by OCR. Overseas, the face of the ticket is printed in bold letters to make it easier to read. In digitizing the confirmation procedure of the face of the ticket, if the data on the face of the ticket can be read by a smartphone and the validation of the electronic signature of J-LIS can be made, it is sufficient. If we change the mechanism to be user-friendly like this and write the minimum necessary information on the face of the ticket, it will be easier to use.
[1. (1) (ii) Matters to be stated on the face of the card (gender)]
  • Rather than being an issue of My Number or My Number Card itself, it should be aligned with the government's overall approach to gender and sexuality.
  • There are places where opinions are received from citizens, and there are various views on the perspective of gender diversity and the expression of gender, so there is a sense of Issue in the description of gender in the same column as name, etc.
[1. (1) (iii) Matters to be stated on the face of the card (My Number)]
  • At overseas banks, there have been cases in which the presentation of the My Number has been required when opening an account or transferring funds. As the use of the My Number Card outside Japan will start in the future, there will be more opportunities for the presentation of the My Number Card. Therefore, it is necessary to continue to enter the My Number on the ticket, and to enter the other matters to be entered in the Japanese calendar in the Western calendar.
  • At the window of the tax office, the My Number is confirmed by looking at the information on the ticket. It is fine if the person's information can be read electronically from the My Number Card, but there is also the idea that it is better to have the My Number written on the ticket in case the personal identification number is forgotten. Including this point, we would like to consider alternative methods of confirmation in the case that the My Number is lost from the matters described on the ticket or the matters described on the ticket.
  • Although the My Number is a visible number, based on the example of the linking error this time, it is important to report using the My Number instead of the four pieces of information. If you do not make it easy to use, it will be difficult to issue the My Number. In addition, in light of the fact that there are many spoofs with foreign Social Security Numbers (SSNs) in My Number Card, the My Number and personal identification information are listed together to prevent spoofs. Based on this background, it is necessary to consider how to make it easy to use so that the spoofs does not increase as a result.
[1. (1) (v) Matters to be stated on the face of the card (other matters to be stated)]
  • Regarding the romanization of the name, is it necessary to make it consistent with the only notarized passport? If the romanization of the name is to be made for a person who has not received a passport Issue, is it necessary to apply the rules for romanization of passports, considering that there is a possibility of applying for passports in the future?
[1. (1) (vi) Matters to be stated on the face of the card (postscript column)]
  • Since it is not known whether the address written in the postscript column is correct, there is a possibility that the postscript column will become a breeding ground for forgery. If electronic identification is mainly considered, it may be better to abolish the postscript column. Considering that input errors may occur because it is submitted on paper, it is better to stop submitting a copy of the ticket. In addition, it may be better to stop writing in the postscript column even if something has changed.
  • It is planned that the date of birth will be written in the Western calendar and the name in Roman letters will be written in the additional notes column based on overseas use, but if it is written in the additional notes column, it will be written manually at the local government counter, so it should be avoided as much as possible. In addition, as is often the case in urban areas, there are many cases in which the additional notes column is lost due to multiple moves and reissuance is required, and I feel Issue about the area of the additional notes column.
  • While online transfer procedures are being considered, it is also Issue that entries in the additional information column must be brought to the local government window.
[1. (1) (vii) Matters to be stated on the face of the card (face design)]
  • I do not think that the utilization rate of the organ donation intention column is high. Is it possible to consider that the intention can be expressed on the Mynaportal and conveyed to the validation in the medical institutions function?
[1. (2) (I) Ideal form of encryption method]
  • I think it will be difficult to make a transition for the entire design plan, including the reservation plan, unless we identify the limit that can be made by software in the current hardware specifications of the card. I would like information on the specifications of the cards currently on the market and the number of cards to be included in the discussion.
  • Personally, I think we have no choice but to relax the requirements for encryption so that we can actually do the work.
  • From the perspective of the person who is explaining at the counter, there are situations in which the difference between the expiration date of the E-Certificate and the expiration date of the card itself cannot be understood. Therefore, from the perspective of ease of understanding and prevention of forgetting to complete the procedure, is it possible to consider aligning the expiration dates?
[1. (2) (ii) User convenience for entering a personal identification number]
  • It is not good to have APs with different responsible parties on one card and authenticate them individually. Isn't it necessary to review the method, such as authenticating with a card instead of authenticating with each AP? In addition, when there are two APs, long and short, if there are parts that can be accessed by short and parts that cannot be accessed by short, the story becomes complicated.
  • I think we can consider the structure of the AP itself. In the EU, there are basically an AP equivalent to a passport and an AP equivalent to the JPKI in Japan. If necessary, we need to consider how the AP should be and change its functions, such as integrating the existing APs or transferring some functions to the JPKI.
  • Online applications for passports require reading the card four times and entering the PIN number, which has caused complaints from users. Consideration should be given so that this can be done only once.
  • In terms of policies, we agree with the idea of using two passwords, long and short, because it would be easier for users to manage them if the current three four digit passwords were unified into one, and local government would be able to reduce the burden of explanations and responses to inquiries. Currently, there are cases where users read cards and enter passwords many times, but we would like to see a mechanism in which the minimum number of entries is required.
[1. (2) ③ Renewal of the J-LIS My Number Related System]
  • Since changes in the card AP and algorithm have a significant impact on peripheral systems, it is necessary to carefully consider when to release it, taking into account the timing of updates to other systems in the government, without sticking to the introduction in 2026.
  • When the functions of driver's license card and residence cards are introduced into My Number Card, the APs that are installed will change depending on the individuals. It is necessary to consider whether to install all the APs in advance or to install different APs for each individual. It is necessary to consider not only the issuance process of the J-LIS, but also the optimization with other peripheral APs and how to install these functions.
  • The change in the encryption method will affect not only the card management system but also various systems related to My Number, such as JPKI and Juki. Given the scale of the system renovation, we would like you to give sufficient consideration to the renovation period.
[1. (3) (I) System for prompt issuance of cards]
  • As the range of card usage expands, depending on the needs of card usage, it may be said that even a Issue of one week by the issuance of a limited express will be too long.
  • From the viewpoint of smooth operation of Issue affairs, it is necessary to organize the impact on the affairs of municipalities and J-LIS in the expansion of limited express issuance and Issue.
  • From the viewpoint of convenience for foreigners, I would like to see a mechanism to have it issued promptly.
  • With the spread of cards, renewal will be the main focus in the future. Acceptance of renewal is made three months in advance, and discussion is necessary, including the necessity of limited express issuance.
  • Thorough examination, development period, and securing financial resources are necessary for radical improvement, including the batch-processing system. Therefore, examination including cost-effectiveness is also necessary.
  • I would also like to ask you to review the preparation work before the Issue of the card. In the case of a system in which the card is delivered to local government and the Issue is made after the inspection and the setting in front of the Issue, I am aware that there is a Issue on the security side, but it may be possible to shorten the processing time at the counter by setting various personal identification numbers in advance. I think there is a Issue in terms of system strengthening and cost, but I would like to ask you to consider a form that can be used for the normal card Issue and card issuance system by applying the mechanism of the limited express issuance and Issue that is being considered.
[1. (3) (ii) Ideal online update]
  • If we continue as we are now, a large number of people who issued last year and this year will renew at once, so for those who wish to do so, it may be possible to advance the deadline by year instead of by three months.
  • The timing of switching and the leveling of the switching system are very important themes. It is easy to understand because the driver's license card is updated around your date of birth.
  • There is a high need to make it possible to renew without visiting the municipal office. However, in light of the government's guidelines and NIST's standards for the identification guarantee level, what are the ways to maintain the identification guarantee level without visiting public office? At present, it is necessary to carefully consider the fact that the face photo is listed, so that the identity of the applicant can be confirmed, which is also the basis of the credibility of My Number Card.
  • In the future, it is expected that there will be a rush of deadlines for renewals, and it is considered to be a heavy burden on the people concerned to always ask to visit public office.
  • It is expected that the time to renew the card will be concentrated. Manual work by the staff and manual input may lead to mistakes, so I would like you to consider making it online.
  • Online renewal, PUK, and 10-year renewal in E-Certificate are all very helpful. There is a phase in which we provided considerable analog support to citizens when acquiring new cards, and I think it will be necessary for renewal.
  • Another point of contention is the fee for reissuance of the card. In driver's license card, reissuance costs more than 2000 yen. If the cost of reissuance of the card increases, it is important to provide information to the public as soon as possible. It may be necessary to consider whether the renewal of the card will be continued for free.
  • If the identity guarantee level is to be guaranteed, it is unavoidable that the card must be renewed in person. However, in the case of identity confirmation by persons other than local government employees, for example, identity confirmation by mail to be received only by the person himself / herself, I believe that post office employees respond by being presented with identification documents on behalf of the business operator. Could it be possible to consider using such a mechanism to deliver the card directly from the J-LIS without the intervention of the local government even in the case of a Issue that is not a limited express?
[2. (1) Handling of E-Certificate for cards issued immediately before the issuance of the next card]
  • With the review of E-Certificate, it may be necessary to consider the necessity of renovating the system premised on the current E-Certificate.
[2. (2) Impact on card-using institutions, etc. due to the switching of old and new cards]
  • Why don't we consider a simple procedure to make a transition from the current card to the next card?
  • If new and old ciphers are to be handled on the next card, careful validation is necessary to determine whether the new and old certificates can be read by simply placing them in the card, whether it is necessary to change the specifications of the card so that the reading is performed appropriately, and whether there is no impact on the processing performance.
  • Nearly 100% of medical institutions and pharmacies have introduced the current card reader with face authentication, and nearly 90% have actually started using it. When considering the next generation card, such as reviewing the matters to be stated on the ticket, it is necessary to advance the medical care to the next generation card in a form that can be operated as smoothly as or more smoothly than the current transition.
[2. (3) Free space of IC chip]
  • There is the issue of cost, but given the expansion of facial photos and other use cases, we need to look at what cards are available in terms of not only capacity but also chip performance, especially in terms of contactless communication speed, but we need to look at such stories in the future.
[2. (4) ISO certification (currently CC certification of ISO15408)]
  • Regarding the ticket security, I heard that ISO22388 is being worked on, but I think it will take time until the release, so I think it will be considered according to it.
[2. (7) Issuance of PUK (PIN UNLOCK KEY) (many cases are adopted overseas)]
  • While this will lead to a reduction in the burden on municipal counters, there are concerns about management, such as whether users will be able to manage them or whether the number of inquiries by local government will increase if they are lost. We would like to request that consideration be given so that the burden on local government will be minimized.
[2. (11) Change in the name of the Individual Number Card]
  • The My Number Card says Individual Number Card. The legal name is Individual Number Card, and My Number Card is a common name, so it is better to keep this in mind.
[2. (12) Disclosure of interface specifications]
  • We are aware of the problem that AP does not spread because the specifications are too closed. We would like to see AP spread more and more, including the disclosure of interface specifications.
  • As the disclosure of interface specifications is related to security, we would like you to discuss it carefully.
[2. (14) Other significant issues]
  • I think that the usability of the My Number Card should be considered so that the attractiveness of the card can be drawn out in conjunction with the Mynaportal in addition to the card itself.
  • In the future, when we think about sending things electronically that have been sent by private mail in the government, local government, and medical care fields, why don't we include an encryption function as one of the functions of JPKI?

End

Relevant policies