The Ministry of Public Security and five other departments jointly announced the "Administrative Measures for National Network Identity Authentication Public Service Management".

Recently, the Ministry of Public Security, the National Internet Information Office, the Ministry of Civil Affairs, the Ministry of Culture and Tourism, the National Health Commission, and the State Administration of Radio and Television jointly announced the "Administrative Measures for National Network Identity Authentication Public Services" (hereinafter referred to as the "Management Measures"), which will be implemented starting from July 15, 2025. The "Management Measures" consist of 16 articles, mainly specifying four aspects: first, clarifying the concepts of national network identity authentication public services, network IDs, and network certificates, as well as the application process; second, clarifying the effectiveness and application scenarios of using national network identity authentication public services; third, emphasizing the responsibility of national network identity authentication public service platforms and internet platforms for data security and personal information protection; fourth, making specific regulations for minors applying for and using national network identity authentication public services. Article 1: To implement the trusted digital identity strategy, advance the construction of national network identity authentication public services, protect the security of citizens' identity information, and support the healthy and orderly development of the digital economy, these Regulations are formulated in accordance with the "Cybersecurity Law", "Data Security Law", "Personal Information Protection Law", "Anti-Telecommunications Fraud Law", "Protection of Minors Law", and other laws and regulations. Article 2: The national network identity authentication public services referred to in these Regulations (hereinafter referred to as "public services") refer to the services provided by the state to natural persons to apply for network IDs, network certificates, and conduct identity verification based on legal identity document information, through the national unified construction of network identity authentication public service platform (hereinafter referred to as "public service platform"). The network ID referred to in these Regulations means a network identity symbol composed of letters and numbers corresponding to the information of natural persons, without clear text identity information; the network certificate is a network identity authentication credential carrying the network ID and non-clear text identity information of natural persons. Network IDs and network certificates can be used for non-clear text registration and verification of real identity information of natural persons in internet services and related departments, industries, and services. Article 3: The state public security department, the state internet information department, and other relevant departments of the State Council, including civil affairs, culture and tourism, health, radio, and television, are responsible for the work related to network identity authentication public services within their respective responsibilities in accordance with these Regulations and relevant laws and administrative regulations. Article 4: Natural persons holding valid legal identity documents may voluntarily apply for network IDs and network certificates from the public service platform. Natural persons under the age of fourteen applying for network IDs and network certificates shall obtain the consent of their parents or other guardians, and shall be applied for by their parents or other guardians. Natural persons over fourteen but under eighteen years of age applying for network IDs and network certificates should apply under the guardianship of their parents or other guardians. Article 5: According to the provisions of laws and administrative regulations, in internet services that require registration and verification of user's real identity information, network IDs and network certificates may be used for registration and verification in accordance with the law. Natural persons under the age of fourteen using network IDs and network certificates for registration and verification of real identity information shall obtain the consent of their parents or other guardians. ... (text continues)Informing the individual about the necessity of processing and the impact on individual rights, except where otherwise required by law. This includes the concepts of public services and network certificates, application methods; it also clarifies the effectiveness and application scenarios of using the national network identity authentication public service; emphasizes the responsibility of the national network identity authentication public service platform, internet platforms, etc., for data security and personal information protection; it also makes special provisions for minors to apply for and use the national network identity authentication public service. Moreover, it has characteristics such as traceability and non-repudiation.Four is convenience. Users can use their smartphones to call the national network identity authentication public service to verify their identity, greatly reducing problems such as account password loss and forgetfulness, and facilitating the people to authorize and handle matters conveniently with one click under the conditions of digitization, networking, and intelligence. Five is public welfare. The national network identity authentication public service is different from commercialized and market-oriented services. It provides strong real-name authentication scenarios required by law to enterprises for free, significantly reducing the cost of identity authentication. Additionally, it can also support enterprises in adapting to the development of the digital economy, expanding their digital space business depth, improving user experience, and service efficiency. Question Eight: What measures has the national network identity authentication public service taken to ensure data security? The national network identity authentication public service platform has established a relatively perfect security protection system, classified and protected data throughout the entire lifecycle, conducted monitoring audits, and promptly fixed security risks and vulnerabilities to effectively protect data security. First, protect citizens' identity information and data through anonymization technology to achieve "data usability without visibility." The platform's identity data is anonymously transformed based on national standard encryption algorithms and complex calculation processes, and the technical solution has been approved by relevant competent authorities. Second, achieve data's full lifecycle security protection through systematic data security solutions. Classify data based on business nature, usage scope, associated impact, compliance requirements, and establish a full lifecycle security protection system. Third, establish a sound data operation and maintenance security process, strictly control data access and approval management. Conduct full-process audits of data usage to ensure legality and compliance. Strictly control data operation personnel, unify access entry, match identity verification measures based on role levels and permissions, achieve manageable and controllable data contact, and ensure full traceability of data access behavior throughout. Fourth, adhere to practical attack and defense drills to achieve continuous active defense data security protection. Periodically conduct real network attack and defense drills, security risk assessments, grade protection assessments, commercial password evaluations, etc., maintain a coordinated security mechanism, continuously enhance network security awareness and knowledge levels, timely discover and patch security vulnerabilities, and improve the overall data security level of the system. This article is selected from the official website of the National Internet Information Office and the Internet Security Bureau of the Ministry of Public Security; GMTEight Editor: Chen Xiaoyi.