MyKey Platform (Local Government Authentication Platform)
- Last Updated:
This is one of the platforms that enables the use of Japanese Public Key Infrastructure (JPKI) for administrative services and certification by My Number Card. We will introduce the supported function and procedures for introducing the service.
Table of Contents
- What is the My Key Platform (PPID method)?
- What is My Key Platform (My Key ID method)?
- Terms of Use and Privacy Policy
- Query
1. What is My Key Platform (PPID method)?
1. 1. Overview
My Key Platform (PPID method) ensures the security of function usage by providing My Number Card for which unique user identifiers (PPID (*)) are issued for each service, and enables My Number Card usage for multiple services.
In order for Japanese Public Key Infrastructure (JPKI) to be used in various situations for administrative services, services are provided by dividing it into two types with different function and characteristics.
*PPIDs (Pairwise Pseudonymous Identifiers) are unique kana identifiers (different from MyKey IDs) generated by the MyKey platform for each collaborating system and linked to a My Number Card.
1.2. Characteristics of each type
There are two usage patterns for the My Key platform (PPID method):
- Type 1: APIs: Supports the use of My Number Card by holding it over a reader without the need to enter a PIN, and the My Key platform provides a card reading function and reading screen for face-to-face use to local government systems. Enables the validity of electronic certificate for user identification to be confirmed for Japanese Public Key Infrastructure (JPKI)
- Type (2) APIs: It is possible to confirm the validity of the function for user identification to Japanese Public Key Infrastructure (JPKI) in a wide range of situations, including non-face-to-face environments, while it is not necessary for local governments to prepare a card reading electronic certificate and a reading screen.
By selecting one or using both, it is possible to customize and use them according to the content of administrative services provided by each local government. The characteristics of each type are as follows.
1. 2.1. Type 1: API, Type 2: Common to API
- PPID (Pseudonymous Identifier) can be issued for each administrative service
- In local government systems that provide administrative services, it is possible to link PPIDs (pseudonym identifiers) with local government system user numbers in cooperation with the My Key platform, enabling integrated operation of My Number Card authentication and administrative services.
- It is possible to check the status of revocation of the electronic certificate for signing associated with the electronic certificate for user identification, and check whether the basic four information (name, address, date of birth, gender) has been changed (*).
* Note that it is not the My Number Card that reads and validates the signing electronic certificate from the function.
1.2. 2. Type 1
- Mainly targeted at face-to-face services such as counters
- CARD READING SCREEN AND CARD READING function ARE PROVIDED
- Support for use over a card
- Provide basic four information (name, address, date of birth, gender) scanned from app for assisting input of card information to local government system
- System terminals are for WindowsOS
- Authentication using smartphones is possible (Type 1 in cooperation with Digital Authentication App: When using )
1.2.3. Type (ii) API
- It is possible to confirm the validity of the electronic certificate for user identification to Japanese Public Key Infrastructure (JPKI) using APIs.
- OS of system terminal does not matter.
Please refer to the table below 1 for comparison among services of MyKey platform. For details of each type, please contact Inquiry Form (Digital Agency MyKey Platform) .
Table 1: Comparison of Each MyKey Platform
| Item | My Key Platform (PPID Method) Type 1: API | My Key Platform (PPID Method) Type ② API | Digital Authentication App | Digital Authentication App: When using |
|---|---|---|---|---|
| Usage Scenarios | Enables Public Personal Authentication by incorporating into counter terminals for face-to-face services | Only certified function is available (PPID can be issued and Public Personal Authentication issued) | By installing the app on your smartphone, you can use your smartphone for Public Personal Authentication. | Public Personal Authentication is possible by incorporating it into counter terminals for face-to-face services. In addition, Public Personal Authentication is possible on smartphones by installing the app on the user's smartphone. |
| Organizations Eligible for Use | Administrative organ | Administrative organ | Government / private sector | Administrative organ |
| Reader terminal | PC Terminal (Windows) | - (Developed by service provider) * 1 | Smartphone (iOS/Android) | PC terminals (Windows), smartphones (iOS/Android) |
| Scanning screen and scanning function provided by Digital Agency | Windows Apps | - (Developed by service provider) * 1 | iOS app / Android app, PC browser * 2 | Windows app, iOS app / Android app, PC browser * 2 |
| Issue PPID | Correspondence | Correspondence | Correspondence | Correspondence |
| Use by holding it up | Correspondence | Not supported | Not supported | Correspondence |
| Courtesy of basic four information function | Correspondence | - (Developed by service provider) * 1 | Correspondence | Correspondence |
| Response to electronic certificate for Signature | Not supported | Not supported | Correspondence | Not supported |
| Use of electronic certificate for identification purposes | Correspondence | Correspondence | Correspondence | Correspondence |
* 1 It is also possible to develop by incorporating "Kazashi reading client software" (DLL file for Windows, iOS / Android library) provided by Digital Agency into the service.
* 2 For authentication using a PC browser, the QR Code displayed on the browser can be read by a smartphone, allowing the My Number Card to be read via the smartphone.
1.3. Specifications
The form of use of the My Key platform (PPID method) and the function in which it is supported are as follows.
1. 3.1. Expected Usage Patterns
- Use in a face-to-face environment utilizing Windows PCs (Type 1)
- Can be used regardless of OS type or usage environment (face-to-face / non-face-to-face) (Type II)
1.3.2. Types of electronic certificate that can be validated
- Electronic certificate for user identification (applicable to both types ① and ②)
- It is a proof of your identity online.
*See Types of electronic certificate .
1.3. 3. Method of electronic certificate validation
OCSP responder method (supporting both types ① and ②) (* 1)
In an online setting, the validity of each electronic certificate is verified and the revocation status can be checked in real time.CRL provision method (available only for Type (2) (* 2))
It is a method of checking the validity of the electronic certificate from a revocation list issued periodically (once a day, etc.). It is possible to process quickly and in a batch.
* 1 In principle, if you use private sector (JPKI), which uses the OCSP responder method, with Japanese Public Key Infrastructure as the signature verifier, a fee will be charged for providing information on the revocation of electronic certificate (free of charge for the first three years from January 1, 2023). On the other hand, when using the My Key Platform, no fee will be charged because administrative agencies, etc. will be the signature verifier themselves.
* 2 If the OCSP responder method cannot be used due to maintenance, etc., the validity shall be confirmed by the CRL provision method even in Type 1.
For details, please refer to the electronic certificate Validity Confirmation Method .
1.3.4. Using a My Number Card held up to the reader (Type 1: APIs only)
Due to the revision of the Public Personal Authentication Act, provisions have been prepared regarding the method of identity verification by My Number Card that does not require the entry of a personal identification number (PIN). For details, please check from , Client Software for in-person use of My Number Card without PIN, .
1.3.5 Types of Collaboration with Digital Authentication App (1) APIs
Type 1: In the digital Authentication App linkage of APIs, the same PPID is issued for APIs and digital Authentication App, so it is possible to authenticate using a smartphone.
*For more information on digital Authentication App, see "Digital Authentication App Digital Agency Web Service Application".
1.4 Implementation Steps
The deployment procedure is as follows:
- Inquiry Form (Digital Agency MyKey Platform)
- Receiving application forms, etc. from the Digital Agency
- Submit application forms, etc. * After submitting the application form, etc., it takes about three weeks to provide the specifications due to the procedures, etc. required for the disclosure of technical information.
- Obtain information necessary for development, such as specifications for My Key platform
- Renovate or develop a system that provides government services to work with the system of the MyKey platform
- Carry out the integration test
*Types (2) When using API, you can skip Step 1 to 3. Please check from Step 4.
*Type 1 in conjunction with Digital Authentication App When using APIs, digital Authentication App application procedures are required in addition to the Type 1 APIs introduction procedures. We will inform you after you apply using the inquiry form.
2. What is My Key Platform (My Key ID method)?
2.1. Overview
My Key Platform (My Key ID Method) is a platform that utilizes function of Japanese Public Key Infrastructure (JPKI) and uses My Number Card for administrative services that use Internet-connected systems.
Currently, the My Key platform is used to register My Key IDs (* 1) linked to library user numbers, allowing My Number Card to be used as a library card.
* 1 IDs are guaranteed to be unique and issued to users of My Key Platform. They are issued in response to the issuance number of My Number Card for user identification in electronic certificate and are used as keys to identify users in order to grant various services and Individual Number Card Point of My Key Platform.
2. 2. Features of My Key Platform (My Key ID method)
The features of MyKey platform (MyKey ID method) are as follows.
- For municipal library services only
- Can be used by introducing the "My Key Platform Utilization Software" provided by Digital Agency, and no need to modify the system that provides existing administrative services (WindowsOS only)
- Support for Use of My Number Card by Holding it over the Head
2.3. Implementation Steps
The deployment procedure is as follows:
- Contact us through the inquiry form (Digital Agency MyKey Platform) in order to obtain the information necessary for the introduction procedure (IDs, passwords, etc.)
- Use My Number Card as a user card for public facilities, etc. Obtain the operation manual from and confirm the necessary procedures and manuals.
- Download the "My Key Platform Utilization Software"
- Install the "My Key Platform Utilization Software" on the terminal of the local government and make the necessary settings.
*It can be used without any modification of the system that provides administrative services.
3. Terms of Use and Privacy Policy
4. Inquiry
For inquiries related to MyKey Platform, please contact Inquiry Form (Digital Agency MyKey Platform) .