Digital sovereignty serving citizen trust
Since April 2022, the Direction Générale de la Sûreté Nationale (DGSN) and the Agence de Développement du Digital (ADD) have deployed a national identification and digital authentication platform. Based on the Electronic National Identity Card (CNIE), this infrastructure lays the foundation for active digital trust and assumed technological sovereignty.
VOID supports Moroccan businesses in integrating this platform, enabling instant and secure identity verification for your web and mobile applications.
1What is the DGSN digital identity platform?
The national platform allows Moroccan citizens to prove their identity online without multiplying documents or creating accounts on each site. It provides access, in a few clicks, to a wide range of public and private services:
Certified technologies
- • PKI (Public Key Infrastructure): DGSN public key infrastructure
- • Digital certificates: Stored in the CNIE chip
- • Biometrics: Facial recognition, fingerprints
- • MFA: Multi-factor authentication (PIN + biometrics)
2Platform technical architecture
┌─────────────────────────────────────────────────────────────┐
│ DGSN/ADD PLATFORM │
├─────────────────────────────────────────────────────────────┤
│ │
│ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐ │
│ │ Electronic │ │ PKI │ │ Facial │ │
│ │ CNIE │◄──►│ DGSN │◄──►│ Biometrics │ │
│ └─────────────┘ └─────────────┘ └─────────────┘ │
│ │ │ │ │
│ ▼ ▼ ▼ │
│ ┌─────────────────────────────────────────────────────┐ │
│ │ AUTHENTICATION GATEWAY │ │
│ │ (OAuth 2.0 / OpenID Connect / SAML) │ │
│ └─────────────────────────────────────────────────────┘ │
│ │ │
│ ┌─────────────────┼─────────────────┐ │
│ ▼ ▼ ▼ │
│ ┌───────────┐ ┌───────────┐ ┌───────────┐ │
│ │ iOS SDK │ │Android SDK│ │ REST API │ │
│ └───────────┘ └───────────┘ └───────────┘ │
│ │
└─────────────────────────────────────────────────────────────┘
│
┌───────────────┼───────────────┐
▼ ▼ ▼
┌───────────┐ ┌───────────┐ ┌───────────┐
│ Banks │ │ eGov │ │ Telecoms │
│ (AWB, │ │ (Public │ │ (Orange, │
│ BMCI) │ │ services) │ │ IAM) │
└───────────┘ └───────────┘ └───────────┘Mobile SDK (2024)
- • iOS Swift & Android Kotlin
- • NFC reading of CNIE
- • Integrated biometric capture
- • Complete API documentation
Passports (2024)
- • Moroccan biometric passports
- • International ICAO 9303 passports
- • Residence cards
- • International interoperability
3VOID Integration: Our expertise
VOID implements interconnection with the Digital Identity app
With our experience in the Moroccan banking sector (Attijariwafa bank, BMCI, Crédit Agricole du Maroc), we support businesses in integrating the national digital identity platform.
Integration services
- • Compliance audit
- • Mobile SDK integration
- • Secure backend development
- • Security testing
Tech stack
- • React Native / Flutter
- • Node.js / Drupal backend
- • OAuth 2.0 / OpenID Connect
- • HSM & PKI integration
// DGSN Integration Example - OAuth 2.0 Flow
import { DigitalIdentity } from '@void/dgsn-sdk';
const dgsnClient = new DigitalIdentity({
clientId: process.env.DGSN_CLIENT_ID,
redirectUri: 'https://your-app.ma/callback',
scope: ['identity', 'cnie_data', 'biometric_verify']
});
// Initiate CNIE authentication
async function authenticateWithCNIE() {
const authUrl = await dgsnClient.getAuthorizationUrl({
state: generateSecureState(),
nonce: generateNonce(),
acr_values: 'urn:dgsn:acr:cnie:level2' // Level 2 = biometrics
});
// Redirect to DGSN platform
window.location.href = authUrl;
}
// Callback after successful authentication
async function handleCallback(code: string) {
const tokens = await dgsnClient.exchangeCode(code);
const userInfo = await dgsnClient.getUserInfo(tokens.access_token);
return {
cin: userInfo.cin,
lastName: userInfo.family_name,
firstName: userInfo.given_name,
birthDate: userInfo.birthdate,
verified: userInfo.identity_verified // true if biometrics OK
};
}4Privacy by Design: Data sovereignty
Fundamental principles
Data processed locally
All sensitive data is hosted in Morocco, in accordance with international standards. No transfer to foreign servers.
Protection built-in by design
Data protection is not just promised, it's integrated into the very architecture of the platform.
Data minimization
Only strictly necessary information is shared with service providers.
ISO 27001 Audit
The platform has passed a rigorous security audit aligned with international standards.
5Benefits for businesses and citizens
🏢For businesses
- Instant identity verification
- Identity fraud reduction
- Regulatory compliance (KYC)
- 100% digital customer onboarding
- Reduced operating costs
👤For citizens
- Fewer passwords to remember
- No more physical trips
- No more documents to print
- Quick access to public services
- Enhanced protection against fraud
Frequently asked questions
What is the DGSN digital identity platform?
How to integrate DGSN digital identity into my application?
Which sectors can use this platform?
Is the data secure?
Integrate digital identity into your application
VOID supports you in integrating the DGSN/ADD platform. From compliance audit to production deployment.