Identity Manager & Self-Service
|Physical Access||Desktop App||Mobile App||Messaging|
running the Smart ID server components in a Kubernetes environment
Batch synchronization improvements
Adding improvements to BatchSync, such as start and stop from Identity Manager, configurable date format conversion and some performance and usability improvements.
SiPass PACS Connector
Adding Standard Connector to Siemens SiPass PACS for Entitlement Management
Implementing support for latest PostGres Versions in Physical Access and Identity Manager
Freja Organization ID
Implement the interface to the Freja Organization ID, including upgrading the existing Freja eID implementation to the latest version.
Smart ID Mobile App with BLE
Integrate Windows Logon over BLE functionality into Smart ID Mobile App to use digital identities provisioned to the device, for secure remote login/unlock of Windows based laptops and computers.
Use Smart ID Mobile App as a certificate and keystore for a remote laptop to perform email encryption/decryption and signing operations.
Adding APDU encoding framework
Enabling Identity Manager to encode Crypto Chips via low-level APDU commands without using any standard middleware libraries.
Align certificate bootstrapping for Smart ID, by giving all components the same bootstrap certificates and the same approach how to replace them.
Common database initialization
Provide the possibility to add a description and version information to the configuration deployment, for better control of which configuration is deployed.
Common Smart ID authentication
All user authentication to any Smart ID component (e.g. Identity Manager or Self-Service) should go via Digital Access. Have one central authentication endpoint and one place where authentication is configured/ managed
WebAuthn end-to-end solution
Support WebAuthn on the client side to issue credentials, manage the lifecycle, including enrollment, registration and provisioning, and use it in Smart ID Digital Access for single sign-on (SSO).
Improve Identity Manager Admin usability
Several improvements for Identity Manager Admin are planned: clone configuration items, introduce refresh buttons, add post-login processes to Identity Manager.
Replace java with Smart ID Desktop App for PKI encoding
Replacing java encoder with Smart ID Desktop App for the last remaining case: full personalization including card printing, RFID encoding and PKI encoding via the Card SDK client.
Encryption of Identity Manager configuration files
Add possibility to encrypt the configuration ZIP files when exporting them in Identity Manager and Identity Manager Admin.
Version information to configuration deployment
Providing the possibility to add a description and version information to the configuration deployment, for better control of which configuration is deployed.
Digital Access component provisioning
Extending the functionality for provisioning and managing of authentication types to Digital Access component.
Improved configuration deployment
Introducing possibility to deploy configuration deltas and runtime-delete.
SAML single logout (SLO)
Introduce SAML single logout (SLO) functionalities for SP and IdP.
Introduce functionality to transfer data between different service providers and identity providers.
TLS 1.3 support
Support TLS 1.3 with built-in web server.
Introduce administration configuration based on most common use cases.
Support authentication with FIDO2 token incl. self-registration of new token.
Export and import configuration to enable predefined sets and allow fast deployment.
Smart ID dashboard
Add system-wide dashboard to show important statistic and resource usage.
Merge of Smart ID Desktop App and Personal Desktop Client
Move smart card support via Minidriver and PKCS#11 into Smart ID Desktop App to give end users one common Desktop App for all PKI functionality.
To port Smart ID Desktop App to MacOS and utilize the secure key chain
Mobile Middleware for shared mobile devices
Mobile Middleware is an upcoming super feature of the Smart ID Mobile App which generally speaking provides the capability to read and use external tokens such as NFC smartcards, passports, hardware security tokens from the mobile device.
The primary purpose for this feature in context of this roadmap item is to bring a secure and user-friendly solution to the shared mobile device use-case, i.e. the scenario where many users can share the same mobile for strong online autentication via an external token rather than via a secure identity stored in the mobile device.
Use Smart ID Mobile App as a FIDO2 token in the FIDO2/WebAuthn arcihtecture.
Intune and S/MIME support
Integration with Intune for mobile device management (MDM).
Installation and management of S/MIME certificates.
Nexus reserves the right to change the roadmap due to recent requests.
For other Smart ID components, see Component roadmaps.
If you want to know more about our roadmaps and plans for the future, do not hesitate to contact us.