Albania has officially embarked on a transformative journey to create a national digital identity, a significant yet challenging step toward modernizing public services and supporting the transition to a more formalized and transparent economy—reducing abuse in the country’s economic chain and tackling informality. From the very launch of the initiative, Prime Minister Rama and the Albanian government have committed to completing the project by next year, potentially even ahead of some European Union member states (noting that the EU’s target is currently set for 2027).
“…The digital identity is an essential tool for implementing the transition from cash to digital transactions. This means greater security for consumers, transparency for businesses, and more revenue from the portion that rightfully belongs to consumers but largely remains outside their hands due to informality and various tricks—issues that will be reduced, if not eliminated, thanks to digital transactions and value-added tax collection,” Rama said in October during a meeting with experts, partners, media, and representatives of IdetiTek, the state-owned company responsible for registering, producing, and distributing biometric documents in the Republic of Albania.
To better understand the critical steps, responsibilities, and lessons for ensuring the success of this process, Business Magazine spoke with Steffen Schwalm, a senior European expert on Digital Identity and Trust, known for his experience with EUDI and eIDAS projects across Europe. According to Schwalm, the success of a national digital identity depends on a careful balance of legal, technical, and economic requirements, early and continuous involvement of all key stakeholders—including regulators, civil society, and industry—and alignment with European standards and frameworks.
In this interview, Schwalm shares his insights on Albania’s roadmap, common challenges observed across Europe, and the strategic choices that can help the country build a secure, user-friendly, and widely adopted digital identity solution.
Albania has officially launched the initiative to create a national digital identity. From your experience with EUDI and eIDAS projects in the EU, which specific technical, legal, or organizational elements should Albania prioritize in the first phase to ensure smooth interoperability with European digital identity systems?
I recommend beside the establishment of a core project team getting all necessary stakeholders on board from the beginning. Means to build a network of them around the core project team which actually design and build the national digital identity.
Those stakeholders are typically:
- Politicians
- relevant regulatory authorities, national cybersecurity authority
- trust services
- people from civil society as representatives of the users themselves
- science
- core industries as representatives of Relying Parties so those ones who may need to deal with the national digital identity so e.g.
- Public Sector including municipalities as they have most contact with user and national identity
- Banking & Insurance
- Health
- Industry
The aim is to take their requirements and needs into account from the beginning and get them involved and so in responsibility for the common success of the national digital identity.
The requirements to be defined should cover legal, business and technical requirements recognizing the needs of the stakeholders to achieve a Big Picture which may achieve consensus among stakeholders. It’s recommended to have also establish cooperation with international partners e.g. European Commission, Member States of EU/EAA comparable in terms of size, inhabitants, structure to Albania resp. with which Albanians and Albanian companies have most interactions/transactions (e.g. Croatia, Estonia as well as possibly Conformity Assessment Bodies. Those cooperations can be used for interoperability testing and independent assessment of requirements regarding feasibility and matching with European regulation like eIDAS.
The development itself should be done step by step, means a first feasible solution with basic functionalities like identification itself and first use cases (e.g. opening bank account, ticketing, registration in municipality) helps for real world testing of end users and relying parties and the feedback can be used for the improvement in the next steps.
In any case the requirements and solutions should align as closely as possible with the new eIDAS regulation and its implementing acts. As the implementing acts refer to European and international standards they ensure a common technical framework. In this interaction of regulation, implementing acts and standards a coherent legal and technical common ground will be achieved. This may also require taking the Architecture and Reference Framework developed by eIDAS Toolbox Group so experts from Member States of EU and EEA into account. The alignment shouldn`t be understood slavely, means that a periodical assessment of requirements against the eIDAS depending on developments steps of Albanian national digital identity is recommended to identify what works for Albania and what may need improvement.
The needs for improvement should be shared with the stakeholders and international partners for further development of the eIDAS framework.
Our country aims to join the EUDI Wallet ecosystem, while several EU countries are already testing advanced digital identity solutions. Based on their experiences, what practical lessons or pitfalls should Albania consider to speed up implementation and avoid common mistakes?
From European experience I recommend exactly the involvement of relevant stakeholders and external partners from beginning to take their requirements into account, give them the conviction that their needs recognized and to ensure ongoing assessment if the developments meets needs of users and Relying parties needed for the success but also aligned with Europe to achieve compliance and interoperability with EU/EEA. To avoid double effort and ensure smooth adoption European and international standards from ETSI & CEN-CENELEC should be widely used and national specifics avoided as much as possible because any specifics only create high effort in certification and adoption for regulative authorities and other Relying parties and may limit interoperability. Albanian experts would be also very welcome to contribute on the European framework.
Beside this it´s recommended to also align sector specific regulations with the national digital identity so e.g. obligations for acceptance or at least to mention it as a possible option for onboarding.
Additionally it`s worth mentioning that usability and feasibility alongside the business and legal requirements of all stakeholders for the national digital identity should be main goal. The security and privacy requirements need to be recognized but always in terms of business and user needs. Means the main goal should be a balance between useability & security/privacy to achieve acceptance and feasibility and so high adoption. As a comparison framework we need to remind ourselves that the majority use Google, Apple etc and want access services with as less steps as possible – if national identity requires significantly more effort it won´t be accepted although it might contain higher levels of security and privacy.
A key challenge in Albania is low citizen trust handling of personal data and also in institutions. Why should we trust a digital identity system?
We face similar challenges in other European countries too. They can be mitigated with an open development process which ensures involvement of relevant stakeholders as described in question 1. This should also contain the possiblity to provide the different results of development steps of National digital identity/wallet as open source so that they can be checked by external experts and establish a dedicated feedback process. The same could be done with the specifications themselves.
The specifications and development should take privacy by design alongside the eIDAS framework into account with the mentioned balance with usability.
Also the establishment of end user testing with the relevant stakeholder including dedicated feedback process may achieve the trust. This should include the testing with the international parters in all development steps to get external independent feedback.
Last but not least Albania should adopt the eIDAS trust model containing independent supervisory bodies, accredited independent conformity assessment bodies and independent accreditation bodies which ensure the independent assessment of trust services using National Identity and wallet. In order to ensure the trust within Albania it could be helpful that the first certification of National digital identity and wallet against the relevant European Standards is done by or in cooperation with an European conformity assessment body or auditor to ensure the independence and trust.
Prime Minister Rama has stated that Albania will have a national digital identity by next year, even ahead of EU implementation. From your experience, do you think this timeline is realistic?
The timeline is realistic. Essential for the success is the step by step approach with involvement of stakeholders and tests/assessment with external international partners to ensure the quality, improvement and acceptance. Also the preparation of Relying Parties and users should start early so to inform and enable them to use and interact with the National digital identity/wallet. In further steps this should also include the issuance, verification and use of additional credentials like diploma, driver license, power of attorney, etc.
0 comments