February 18, 2026, 22:30
SBB Intervention Center in Biasca
Enzo Rezzonico (all names are fictitious), Head of Security for a maintenance team in the Gotthard Base Tunnel, is preparing for a night shift in the tunnel. Shortly after the last freight train has left the south portal of the longest tunnel in the world, he will take his team of over 20 specialists for a five-hour night shift on a special train. Among the specialists, he recognizes several well-known SBB employees, but mainly employees of external companies, who are responsible for the service and maintenance of the various operating and security systems in the tunnel. Three of them are here for the first time. One had to take the place of a sick colleague at short notice.
He paces down the line of colleagues with his tablet. On it is a list with all the necessary qualifications for the various tasks that will be performed during today’s planned service work. Every employee scans a QR code using their smartphone to transfer the required digital credentials. Enzo briefly recalls how tiresome these processes were only five years ago. Everyone had to rummage around for the various plastic cards or paper documents in their jacket and trouser pockets. He knew most of them already. But especially with new employees, there were repeated cases when the necessary documents had not yet been signed off by HR. And the rigmarole when a replacement had to be found!
Enzo gives the go ahead for departure and Guido Minoti climbs into the driver cab. Initially, the main control panel only displays a QR code, which he scans with his phone. Before each use, the train checks that the driver can verifiably produce the necessary licenses to drive this special vehicle, weighing over 100 tons.
Seamless media continuity and increased security
What started in 2019 with a proof of concept in the Gotthard Base Tunnel, as part of a collection of innovative ideas for the application of blockchain technologies, has since been developed into a productive solution for qualification-based access systems on construction sites and in security rooms by an SBB innovation team, together with the relevant infrastructure specialists and future users.
Since the summer of 2021, around 60 employees of SBB and partner firms have used the five doors of the railway engineering building at Solothurn railway station. They no longer need to visit the control center to submit the necessary documents, collect the security keys and bring them back afterwards. The doors, which are fitted with electronic locks connected to a verifying application, check whether the individual requesting access can show the necessary digital credentials for the corresponding room and task.
By eliminating changes in media, such as checking of physical documents or management of keys and badges, processes can be thoroughly digitalized and made more efficient and flexible. In addition, the seamless monitoring increases security without compromising on efficiency.
From authorization management to requirement management
In authorization management, the owners of a resource (building, programs, services) define the conditions necessary to access or use the resource. Then, a (usually centralized) access management system checks whether the conditions are met, and releases keys or badges to the user. If requirements change or the qualifications of authorized persons expire, keys need to be returned and authorizations revoked – a process that, when executed incompletely, comes with high security risks.
In requirement management, the manager of the resource configures the requirements in the verifying application. Meanwhile, users carry their current digital credentials in their digital wallets.
This allows “the door” to check whether the conditions for entry are met, “the machine” to check whether the driver has the necessary qualifications for operation, or a head of security like Enzo to quickly and safely check all his team’s necessary credentials on his mobile device.
Interview with Andreas Fuhrer, SBB
“We welcome an infrastructure in which different ecosystems can issue proof of identification digitally.”
In the discussion about state e-IDs, various "levels of ambition” are up for debate. For SBB, “ambition level 3”, at which both public and private entities can issue digital credentials, offers the most potential. We asked Andreas Fuhrer, Head of Digitalization at SBB: why?
In its statement on the potential introduction of the Swiss e-ID, SBB backed ambition level 3 for a digital credential infrastructure. What does the company get out of it?
In our pilot projects on the digitalization of credentials, we quickly hit limits when the scope of the applications or users extended beyond just SBB. Yet on our construction sites and in our railway engineering buildings, in particular, more than half of the workers are employed by external companies. That’s why we welcome the idea of an infrastructure in which different ecosystems, such as education, health, e-government or mobility, can issue their credentials digitally, instead of physically, as they currently do. This would allow us to digitalize our processes quicker and in a more joined-up way than if we attempted to do it alone.
The e-ID is not expected to arrive until 2025. Does that mean you have to wait before you can digitalize your verification processes?
No, because a perfect user experience and correspondingly adapted business processes will be critical to the success of this infrastructure. We want to use the coming years to prepare ourselves and our partners in the various ecosystems for this. We will achieve this with proofs of concept, e.g. for the digital confirmation of residence for the GA travelcard for families and partners, and with pilot projects. The overarching goal of all these projects is to offer our customers processes that are as simple as possible, and a safe, reliable rail service.
ti&m special e-government
What about the digital transformation of the public service? In our magazine ti&m special, we asked further digitalization experts from politics and government. to download