TheCable

The federal government has introduced virtual national identification number (NIN) tokens.

Isa Pantami, minister of communications and digital economy, disclosed this at a stakeholders workshop on the ‘NIN Tokenization Solution’ organised by the National Identity Management Commission (NIMC) on Wednesday in Abuja.

The virtual NIN is a tokenised version of a person’s actual NIN, which another party verifying the number cannot retain and use in a way that puts the individual’s data privacy at risk.

It expires 72 hours after being generated.

Screenshot of NIMC app

Nigerians can use the virtual NIN when verifying their identity with an agent or enterprise that needs to confirm their identity before offering them a service (banks, airports, shopping delivery, among others).

Speaking at the event, the minister said NIN tokenisation is aimed at protecting the personal information of citizens.

He stated that full implementation would begin next year.

“The Federal Government has adopted the solution to ensure the privacy of personally identifiable information of individuals during verification transactions and to reduce incidences of illegal retrieval, usage, transfer, and storage of NIN. Full implementation commences 1st January 2022,” Pantami said.

Represented at the event by Aliyu Aziz, NIMC director-general, Pantami explained that “the NIN Tokenization solution is a feature of the NIN Verification Service (NVS) which is aimed at providing enhanced data protection for the personal information of persons registered into the National Identity Database (NIDB) and issued a NIN.”

“The resources for the protection of this sensitive data includes the Improved NIN Slip, USerID, MobileID, NIN hashing and the issuance of a unique virtual NIN by the ID holder to anyone who wishes to verify their identity.

“The purpose of the NIN Tokenization is to provide a coded representation (“pseudonymization”) of the actual NIN for which another party verifying the identity of the registered person cannot retain and use in a way that puts the individual’s data privacy at risk.

“Depending on the use cases, this may be via the hash contained in the Improved NIN Slip, the 2 varying hashes contained in the MobileID application, the UserID (which is available instantly to anyone issued a NIN, irrespective of whether they have a device or not), and of course, the one-time use Virtual NIN token.”

Pantami said virtual NIN tokens are merchant-specific and expire after a set period of time.

This means that a token generated for company A cannot be used or verified by company B.

Also speaking at the event, Tunji Durodola, technical consultant of NIMC, said the digital token was designed to replace the 11-digit NIN for everyday usage.

He said NIN had been shared and stored by various entities mostly without the knowledge or consent of the ID holder or NIMC, the custodian of identity in Nigeria.

To get the virtual NIN, a person must have a NIN issued by NIMC, a mobile number registered in Nigeria and linked to your NIN.

It can be generated via the MWS: NIMC MobileID app or via USSD (*346*3*YourNIN*AgentCode#)