My Key Platform

This is one of the platforms that enables the use of Japanese Public Key Infrastructure (JPKI) for administrative services and certification by My Number Card. We will introduce the supported function and procedures for introducing the service.

Table of Contents

• What is MyKey Platform?
  • Overview
  • Features of the MyKey platform
  • Implementation Steps
• What is the My Key Platform for Realizing the Citizen Card Initiative?
  • Overview
  • Characteristics of each type
    • Common to Types 1 and 2
    • Type 1
    • Type II
  • Specifications
    • Expected form of use
    • Types of electronic certificate that can be validated
    • electronic certificate Validity Confirmation Method
    • Use of a My Number Card held up to the reader (Type 1 only)
  • Implementation Steps
• Terms of Use and Privacy Policy
• Query

1. What is MyKey Platform?

1. 1. Overview

MyKey platform is a platform that utilizes function of Japanese Public Key Infrastructure (JPKI) and uses My Number Card for administrative services that use Internet-connected systems.
Currently, the My Key platform is used to register My Key IDs (* 1) linked to library user numbers, allowing My Number Card to be used as a library card.

* 1 IDs are guaranteed to be unique and issued to users of My Key Platform. They are issued in response to the issuance number of My Number Card for user identification in electronic certificate and are used as keys to identify users in order to grant various services and Individual Number Card Point of My Key Platform.

1.2. Characteristics of My Key Platform

The MyKey platform features:

• For municipal library services only
• Can be used by introducing the "My Key Platform Utilization Software" provided by Digital Agency, and no need to modify the system that provides existing administrative services (WindowsOS only)
• Support for Use of My Number Card by Holding it over the Head

*Please see the table for a comparison with the MyKey platform for the realization of the citizen card concept described later.

1.3. Implementation Steps

The deployment procedure is as follows:

1. In order to obtain the information necessary for the introduction procedure (IDs, passwords, etc.), contact Inquiry Form (Digital Agency MyKey Platform) MyKey Platform)
2. Use My Number Card as a user card for public facilities, etc. Obtain the operation manual from and confirm the necessary procedures and manuals.
3. Download the "My Key Platform Utilization Software"
4. Install the "My Key Platform Utilization Software" on the terminal of the local government and make the necessary settings.

*It can be used without any modification of the system that provides administrative services.

2. What is the My Key Platform for the realization of the citizen card initiative?

2.1. Overview

In order to promote the "Citizen Card Initiative," Digital Agency has renovated the MyKey platform so that it can be used more conveniently in a wide range of municipal services, including library services.
The My Key platform, which is designed to realize the concept of citizen cards, ensures security in function use by providing My Number Card for which unique user identifiers (PPID (* 2)) are issued for each service, and enables My Number Card use for multiple services.
In addition, in order for Japanese Public Key Infrastructure (JPKI) to be used in various situations for administrative services, we will provide services divided into two types with different function and characteristics.

* 2 PPIDs (Pairwise Pseudonymous Identifiers) are unique kana identifiers (different from MyKey IDs) generated by the MyKey platform for each collaborating system and linked to a My Number Card.

2. 2. Characteristics of each type

There are two patterns of use for the MyKey Platform to realize the concept of citizen cards.

• Type (1): In response to the use of Kazari, the MyKey platform provides the local government system with a card reading function and reading screen
• Type (2): Instead of the need for local governments to prepare a card reading function and a reading screen, the validity of the electronic certificate for user identification to Japanese Public Key Infrastructure (JPKI) can be confirmed in a wide range of situations, including non-face-to-face environments.

It is possible to select one or both of them, and customize and use them according to the content of administrative services provided by each local government. The characteristics of each type are as follows.

2.2.1. Common to Types 1 and 2

• PPID (Pseudonymous Identifier) can be issued for each administrative service
• In local government systems that provide administrative services, it is possible to link PPIDs (pseudonym identifiers) with local government system user numbers in cooperation with the My Key platform, enabling integrated operation of My Number Card authentication and administrative services.
• It is possible to check the expiration status of the electronic certificate for signing associated with the electronic certificate for user identification, and check whether the basic four information (name, address, date of birth, gender) has been changed. (* 3)

* 3 Please note that this is not the My Number Card that confirms the confirmation of validity by reading the electronic certificate for signature from the function.

2. 2. 2. Type 1

• Mainly targeted at face-to-face services such as counters
• CARD READING SCREEN AND CARD READING function ARE PROVIDED
• Support for use over a card
• Provide basic four information (name, address, date of birth, gender) scanned from app for assisting input of card information to local government system
• System terminals are for WindowsOS

2.2.3. Type II

• It is possible to confirm the validity of the electronic certificate for user identification to Japanese Public Key Infrastructure (JPKI) using APIs.
• OS of system terminal does not matter.

*Please refer to the table below 1 for comparison among services of MyKey platform. For details of each type, please contact Inquiry Form (Digital Agency MyKey Platform) .

Table 1: Comparison of Each MyKey Platform

*Addendum 1 Available only if a valid My Key ID has been issued.
*Supplement 2 When the OCSP responder method is out of service, it can be handled.

2.3. Specifications

The form of use of the My Key Platform for the realization of the citizen card concept and the function where it is supported are as follows.

2.3.1. Expected Usage Patterns

• Use in a face-to-face environment utilizing Windows PCs (Type 1)
• Can be used regardless of OS type or usage environment (face-to-face / non-face-to-face) (Type II)

2. 3.2. Types of electronic certificate that can be validated

• Electronic certificate for user identification (applicable to both types ① and ②)
  It is a proof of your identity online.

*For details, please refer to the electronic certificate My Key platform.

2.3. 3. Method of electronic certificate validation

• OCSP responder method (supporting both types ① and ②) (* 4)
  In an online setting, the validity of each electronic certificate is verified and the revocation status can be checked in real time.

• CRL provision method (available only for Type (2) (* 5))
  It is a method of checking the validity of the electronic certificate from a revocation list issued periodically (once a day, etc.). It is possible to process quickly and in a batch.

* 4 In principle, if you use private sector (JPKI), which uses the OCSP responder method, with Japanese Public Key Infrastructure as the signature verifier, a fee will be charged for providing information on the revocation of electronic certificate (free of charge for the first three years from January 1, 2023). On the other hand, when using the My Key Platform, no fee will be charged because administrative agencies, etc. will be the signature verifier themselves.
* 5 If the OCSP responder method cannot be used due to maintenance, etc., the validity shall be confirmed by the CRL provision method even in Type 1.
*For details, please refer to the electronic certificate Validity Confirmation Method My Key platform.

2.3.4. Using a My Number Card held up to the reader (only Type 1 applies)

Due to the revision of the Public Personal Authentication Act, provisions have been prepared regarding the method of identity verification by My Number Card that does not require the entry of a personal identification number (PIN). For details, please check from , Client Software for in-person use of My Number Card without PIN, .

2.4 Implementation Steps

The deployment procedure is as follows:

1. Inquiry Form (Digital Agency MyKey Platform)
2. If Type 1 is used, a confidentiality pledge shall be submitted between Digital Agency and the local government.
3. Obtain necessary information such as system interconnection specifications for the My Key platform.
4. Confirm the content of the information received with the system development vendor responsible for the system that provides administrative services
5. Renovate or develop a system that provides government services to work with the system of the MyKey platform
6. Carry out the integration test

*At present, we are inviting local governments to introduce it ahead of the release and operating it as a model project. For the model project, please refer to , a model project related to the realization of the concept of citizen cards using the My Key platform.

3. Terms of Use and Privacy Policy

• MyKey Platform Terms of Use
• My Key Platform Personal Information Protection Policy

4. Inquiry

For inquiries related to MyKey Platform, please contact Inquiry Form (Digital Agency MyKey Platform) .