If digital teaching aids are increasingly used in class, pupils and teachers need an electronic identity in order to be able to use applications and platforms securely. This is increasingly becoming a critical success factor for schools. From the cantons’ point of view, national developments and cantonal requirements must be reconciled. In a research project of the Digital Society Centre, the situation for the Canton of Bern was analysed. The digital transformation of the school also includes the increased use of digital content and applications. If the issue of access and use of user data is not systematically resolved, numerous offers can no longer be used in practice and the data cannot be adequately protected. The education directors of the cantons have countered this negative scenario with the FIDES project, which aims to develop a federation of educational identities. This will create a national solution that will allow access to many offers with a cantonal or local education ID. The concept of federation requires that cantonal education IDs exist, because FIDES explicitly excludes the creation of a national education ID. With the federation, it only wants to enable a network for the existing identities.

What the Education ID should be able to do

In this initial situation, the Education Department of the Canton of Bern commissioned a team of researchers from the Digital Society Centre to clarify the initial situation in the Canton of Bern. The project documented the requirements and the existing infrastructure, developed a solution concept and interviewed the stakeholders. The aim of the study was to make recommendations on how to proceed and thus provide a building block for the digital transformation of the school. It was assumed that an education ID contains two central aspects and functionalities:

1. An education ID is a unique identifier in the form of a number that is linked to a person for the entire educational career of the learner or through the entire professional career as a teacher in the schools of the Canton of Bern. Further data can be linked to this number.
2. An access key (e.g. in the form of a user name and password) is linked to this education ID, which allows the person to confirm their identity to different services and thus gain access to different services in the education sector.

School leaders and stakeholders want an easy way:

• for access,
• to manage licences, and
• to effectively protect the data of teachers and students.

Thus, the timing is right for the realisation of a solution. The biggest concerns about an Education ID relate to the protection of personal data, in particular to prevent “the glass teacher”. School publishers and providers of school administration solutions prefer a national solution so as not to have to integrate individual cantonal solutions.

Heterogeneous starting position

The initial situation differs in the various school levels with regard to the maturity of the existing infrastructure: grammar schools and vocational schools almost all use a uniform school administration solution operated by the canton, which can serve as the data basis for an Education ID. In primary schools, on the other hand, the tools used vary greatly: while many schools use a school administration solution from the three market leaders in Switzerland, Scolaris, iCampus and Lehreroffice, Excel, Access and Filemaker are used – roughly estimated – in a third of schools. These solutions based on Office tools do not allow for simple automated data matching and thus pose high hurdles for the creation of an Education ID. In the solution design, a decentralised solution based on the administration of the data and the provisioning of an ID by the schools was preferred for two reasons:

1. The data should continue to be managed in the schools in order to be able to guarantee that the data is up-to-date.
2. Decentralised data storage avoids a large database, which brings further costs and risks of attack.

The proposed implementation requires three elements:

1. In the individual schools, the existing school administration solution is to be expanded so that the identity information can be used as electronically confirmable attributes. This means that the individual schools need a school administration solution with an additional element that also functions as an identity provider.
2. To avoid duplicate educational identities being issued, a central database will be created that lists a data-carrying institution for each educational ID.
3. As a central element, an intermediary instance is created, called a hub or broker, which forwards confirmation requests from authorised applications to the data-carrying schools and forwards confirmations back to the applications. This central element can be used to control which applications are authorised to receive the corresponding identity information.

Thanks to data sparseness, it can be achieved that a publishing platform only learns the number, role and any necessary membership of a class, unless further details are necessary.

Hub function in the future

In the course of the project, the interaction with the national infrastructures was also discussed. It is clear that the hub functionality will one day be provided by the FIDES infrastructure and thus also the organisation of the authorisations to receive confirmed attributes. Furthermore, it can currently be assumed that the register functionality will also be provided at national level. The piloting of the national solution is currently underway and shows how the solution works. For the canton of Bern, the study shows that the national developments should be closely monitored to ensure that a functioning solution is built that meets the needs of the canton. Furthermore, the canton should examine options on how school communities can be supported in switching to a school administration solution that enables the automatic exchange of data. This will make it easier to ensure that all pupils and teachers in primary school and secondary and vocational schools can use an education ID and thus have simple and secure access to different digital applications and content in the future.

You can find the report on the project under Research Reports and Studies here.