eidas as blueprint for future eid projects cryptovision mindshare 2015 HJP Consulting Holger Funke

Size: px
Start display at page:

Download "eidas as blueprint for future eid projects cryptovision mindshare 2015 HJP Consulting Holger Funke"

Transcription

1 eidas as blueprint for future eid projects cryptovision mindshare 2015 HJP Consulting Holger Funke

2 Agenda eidas Regulation TR V2.20 German ID card POSeIDAS Summary cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 2

3 eidas Regulation EU-Regulation No. 910/2014 on electronic identification and trust services for electronic transactions in the internal market (short: eidas Regulation) Regulatory environment to enable secure and seamless electronic interactions between businesses, citizens and public authorities Objective: increase the effectiveness of public and private online services, ebusiness and electronic commerce in the EU Electronic Identification: Natural and legal persons shall be enabled to use their eid in services located in other EU Member States (MS) Trust Services, Signature: Should work cross-border in Europe Same legal value as paper-based processes cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 3

4 eidas Regulation General Provisions (article 1 to 5) Electronic Identification (article 6 to 12) Trust Services General Provisions (article 13 to 16) Supervision (article 17 to 19) Qualified Trust Services (article 20 to 24) Electronic Signatures (article 25 to 34) Electronic Seals (article 35 to 40) Electronic Time Stamps (article 41 to 42) eidas eidas Electronic Registered Delivery Services (article 43 to 44) Website Authentication (article 45) Electronic Documents (article 46) Delegations of Power and Implementing Provisions (article 47 to 48) Final provisions (article 49 to 52) cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 4

5 eidas Regulation: Basics Electronic Identification There is no must to introduce an identification process for MS There is a must to accept identification processes of other MS Trust Services Supervisory bodies for trust service providers Electronic Signatures eidas Regulation replaces 1999/93/EG (SigG) Electronic Seals Qualified seal of a legal person, e.g. lawyer Electronic Time Stamps Qualified time stamps to guarantee a significant date cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 5

6 eidas Regulation: Notification Notification of (existing) national eid schemes No EU-eID, but mutual recognition of national eids Notification is not mandatory at least legally Recognition of notified eids is mandatory Even if a MS does not notify an eid scheme itself, it has to recognize all notified schemes from other MS Interoperability instead of Harmonisation cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 6

7 eidas Regulation: Towards an European Digital Identity 3 Key Drivers: Security Border Control, Protection of Schengen Area Growth Digital economy with 400 million participants, EU Digital Agenda 2020 Identity Creating the European Identity How to make it happen? Political: European Building of 28 MS Legal: Directives, Regulations Technical: Standards (ISO, CEN, ETSI, DIN ) cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 7

8 eidas Regulation: eid vs esign eid Authentication of (some) identity information (amount of information application dependent) Equivalent to presentation of ID- Card in physical world No transferable proof, verifiable only by relying party Ephemeral identity only verified for one moment esign Legally binding transaction (contract, full identity of signer) Equivalent to written signature Transferable proof, verifiable by everyone Perpetual signature valid and verifiable in eternity (up to cryptography) Source: Jens Bender, BSI ETSI Security WS 2014 cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 8

9 eidas Regulation: Transaction Workflow (tax declaration) Source: Andrea Servida, EC cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 9

10 Agenda eidas Regulation TR V2.20 German ID card POSeIDAS Summary cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 10

11 eid cards in Europe: Interoperability of Specifications BAC, Doc9303 AA, PA eidas Token SAC ICAO TRs EACv2 PACEv1 PACEv2 ERA, PS, RI Writing LDS2.0 TR v2.20 Part 2 eidas Profiles TR v2.20 Part 4 emrtd EACv1 TR v1.11 EACv1 emrtd TR v2.20 Part 1 CAv1, TAv1, PACEv2 TR v2.20 Part 3 cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 11

12 Structure of TR Technical Guideline Advanced Security Mechanisms for Machine Readable Travel Documents and eidas Token Version 2.20, February 2015 Liason between BSI (Germany) and ANSSI (France) cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 12

13 TR-03110: Extended Access Control V2 Mutual authentication mechanism between the terminal and the chip based on PKI Chip Authentication V2 Authenticates the chip as genuine Enforces strong encryption and integrity protection of the transmitted data Terminal Authentication V2 Restricts access to data stored on the chip to authorized terminals cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 13

14 TR-03110: Restricted Identification Is used to generate a chip-specific pseudonym for a certain terminal sector The terminal sector is an identifier shared by all terminals of a certain service provider This allows an (authenticated) terminal to recognize a chip based on the pseudonym previously received from the chip without reading out any personal data It is computationally impossible to link pseudonyms across terminal-sectors (privacy) cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 14

15 TR-03110: Pseudonymous Signatures Protocol that allows to sign data under a chip and sector specific pseudonym PS can be used as alternative to Restricted Identification PS is part of a version of Chip Authentication Variants of Pseudonymous Signatures: Pseudonymous Signature Authentication (PSA) Part of CAv3 Input: Token s Ephemeral Public Key and DH Key Agreement Pseudonymous Signature of a Message (PSM) Input: Message of the holder of the token Pseudonymous Signature of Credentials (PSC) In combination with ERA Input: Attribute stored on Token cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 15

16 TR-03110: Enhanced Role Authentication Used to store requests for additional attributes on the chip Attribute Providers (AP) can read these requests and may provide corresponding attributes for authorized Service Providers (SP) via storage in the chip Attribute Provider cannot detect to which Service Provider the chip communicates (Privacy) cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 16

17 Online Authentication with GAP and ERA cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 17

18 TR-03110: Attribute Handling and Deployment (I) No third party (GAP) Direct relationship between token and SP No ID-Provider No tracking No central point of failure ID Attributes stored on token and only on token Offline capable Service Provider cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 18

19 TR-03110: Attribute Handling and Deployment (II) Trusted third party (ERA) Direct relationship between token and SP Attribute Provider can provide additional attributes to token provide authorizations No relationship between AP and SP Token as privacy firewall Different from ID-Provider Service Provider Attribute Provider cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 19

20 TR-03110: Attribute Handling and Deployment (III) Combination of both scenarios possible: No third party, GAP Third party, ERA Base attributes stored on token Extension attributes via attribute provider Issuer decides which attributes are available as base or extension attributes SP does not need to distinguish both types of attributes cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 20

21 TR-03110: Privacy Properties Privacy by Design principle Real user consent Protected by secure element + password (2FA) Strong authentication mechanisms: PACE Extended Access Control Mutual Authentication Data minimization (only needed information of holder are provided) Restricted Identification Pseudonymous Signatures Enhanced Role Authentication Age Verification cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 21

22 TR-03110: Tool box for eidas token Interoperable electronic LDS covering all data fields in use in deployed European eid infrastructures LDS is designed to be extended easily New data groups in Version 2.20 Modular approach Use the protocols and configuration according to the issuer needs Allow future extensibility Achieving highest levels of assurance Technology neutrality cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 22

23 TR-03110: eidas Profiles (Part 4) European Passport ID card with MRTD app. Passwords MRZ, CAN MRZ, CAN, PIN, PUK Authentication Procedure ID card with opt. EU compl. MRTD app. MRZ, CAN, PIN, PUK AIP GAP GAP, AIP Applications epassport epassport, eid, esign Protocols PACE, TAv1, CAv1 PACE, TAv2, CAv2, RI epassport, eid, esign PACE, TAv2, CAv2, RI, TAv1, CAv1 cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 23

24 Agenda eidas Regulation TR V2.20 German ID card POSeIDAS Summary cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 24

25 German ID card (from a technical point of view) Three applications available: epassport application (ICAO) eid application (Online Authentication) esign application (QES) Source: cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 25

26 German ID card: Identification process Source: cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 26

27 ID card (Germany): Mutual Authentication Source: BSI cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 27

28 German ID card: Protocols epassport application: BAC / PACE Chip Authentication V1 Terminal Authentication V1 eid application PACE Chip Authentication V2 Terminal Authentication V2 Granular access rights for all data groups Restricted Identification Auxiliary Data Verification cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 28

29 German ID card: Stored data (eid application) Document type, Issuing State, Date of Expiry Given Name, Family Names, Artistic name, Academic title Date of birth, Place of birth Nationality Sex Birth name Normal Place of residence (writable for Updates) Residence permit (eat) Explicite access rights for every data (PACE + TA + CA) Write Access for Address Service Provider needs certificate to get access! cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 29

30 Agenda eidas Regulation TR V2.20 German ID card POSeIDAS Summary cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 30

31 POSeIDAS: PersoSim HJP developed an open source eid simulator for the simulation of all functions of the chip application of the German ID card (Personalausweis) PersoSim. It offers application developers an alternative to sample cards to test their applications. HJP further developed virtual Windows- and Linuxbased card readers, which allow the simulation of the functions of the different reader types (basic, standard or comfort reader) for the German electronic identity card based on the technical guideline BSI TR The migration to an Android operating system further allows the simulation of the eid function of the ID card with an NFC-enabled smartphone. PersoSim is BSI-certified according to BSI TR cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 31

32 POSeIDAS: Implementation of PersoSim Implementation of the functionality of the electronic ID card based on BSI TR-03110: PACE Chip Authentication v2 Terminal Authentication v2 Restricted Identification Age verification Integration into Test-PKI and Beta-PKI of the BSI Signing of data Certificates based on PKI Certified by BSI based on TR /TR Available here: https://github.com/persosim cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 32

33 POSeIDAS: PersoSim in the German ID landscape cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 33

34 POSeIDAS: Overview Prototype Implementation Open Source eidas-token Part I: Server, Part II: Simulator, Part III: Smart Card Project in cooperation with BSI and cryptovision Started in spring 2015 Implementation of eidas protocols (TR V2.20) Simulator -> PersoSim Smart Card -> JavaCard Objectives: See protocols in real life Collect experience with new protocols Reference implementation of eidas-token Review of specifcations during implementation cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 34

35 POSeIDAS: Stages of expansion Stage 1: Profile Identity card with protected MRTD application Stage 2: Chip Authentication Version 3 Pseudonymous Signatures (PSA, PSM, PSC) Stage 3: Authorization Extensions Stage 4: Enhanced Role Authentication (ERA) Management of Attributes cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 35

36 Agenda eidas Regulation TR V2.20 German ID card POSeIDAS Summary cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 36

37 Summary eidas-regulation: Interoperability of eid and esign Regulation No. 910/2014 is finalized TR v2.20 as a tool box for eidas token is finalized Chance to replace Login/Password New chance for electronic signature? German ID card is eidas compliant First implementation of new protocols: project POSeIDAS cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 37

38 Questions? HJP Consulting GmbH Holger Funke Hauptstraße Borchen, Germany tel: fax: web: cryptovision mindshare 2015: eidas as blueprint for future eid projects, Holger Funke Slide 38

An Open Source eid Simulator Open Identity Summit 9th -11th September 2013

An Open Source eid Simulator Open Identity Summit 9th -11th September 2013 An Open Source eid Simulator Open Identity Summit 9th -11th September 2013 BSI Tobias Senger HJP Consulting Holger Funke Agenda Requirements of BSI Current state Simulator Virtual Smart Card Reader Community

More information

Preventing fraud in epassports and eids

Preventing fraud in epassports and eids Preventing fraud in epassports and eids Security protocols for today and tomorrow by Markus Mösenbacher, NXP Machine-readable passports have been a reality since the 1980s, but it wasn't until after 2001,

More information

Sicherheitsaspekte des neuen deutschen Personalausweises

Sicherheitsaspekte des neuen deutschen Personalausweises Sicherheitsaspekte des neuen deutschen Personalausweises Dennis Kügler Bundesamt für Sicherheit in der Informationstechnik egov Fokus 2/2013: Identity- und Access Management im E-Government Rethinking

More information

Identification Card Digital Identity Security and Services Siniša Macan, DG of Agency

Identification Card Digital Identity Security and Services Siniša Macan, DG of Agency Agency for Identification Documents, Registers and Data Exchange of Bosnia and Herzegovina Identification Card Digital Identity Security and Services Siniša Macan, DG of Agency sinisa.macan@iddeea.gov.ba

More information

Advanced Security Mechanisms for Machine Readable Travel Documents and eidas Token

Advanced Security Mechanisms for Machine Readable Travel Documents and eidas Token Technical Guideline TR-03110-4 Advanced Security Mechanisms for Machine Readable Travel Documents and eidas Token Part 4 Applications and Document Profiles Version 2.20 3. February 2015 History Version

More information

Implementation of biometrics, issues to be solved

Implementation of biometrics, issues to be solved ICAO 9th Symposium and Exhibition on MRTDs, Biometrics and Border Security, 22-24 October 2013 Implementation of biometrics, issues to be solved Eugenijus Liubenka, Chairman of the Frontiers / False Documents

More information

Proposal for a Regulation on Electronic identification and trust services for electronic transactions in the internal market

Proposal for a Regulation on Electronic identification and trust services for electronic transactions in the internal market Proposal for a Regulation on Electronic identification and trust services for electronic transactions in the internal market (COM(2012 238 final) {SWD(2012) 135 final} {SWD(2012) 136 final} Andrea SERVIDA

More information

Position Paper European Citizen Card: One Pillar of Interoperable eid Success

Position Paper European Citizen Card: One Pillar of Interoperable eid Success Position Paper European Citizen Card: One Pillar of Interoperable eid Success October 2008 Disclaimer Eurosmart takes reasonable measures to ensure the quality of the information contained in this document.

More information

trust and confidence "draw me a sheep" POLICY AND REGULATION FOR EUROPE

trust and confidence draw me a sheep POLICY AND REGULATION FOR EUROPE trust and confidence "draw me a sheep" POLICY AND REGULATION FOR EUROPE new regulation eidas... "...told him that she was the only one of her kind in all the universe" POLICY AND REGULATION FOR EUROPE

More information

Digital signature and e-government: legal framework and opportunities. Raúl Rubio Baker & McKenzie

Digital signature and e-government: legal framework and opportunities. Raúl Rubio Baker & McKenzie Digital signature and e-government: legal framework and opportunities Raúl Rubio Baker & McKenzie e-government concept Utilization of Information and Communication Technologies (ICTs) to improve and/or

More information

Integration of the New German ID- Card (npa) in Enterprise Environments

Integration of the New German ID- Card (npa) in Enterprise Environments Integration of the New German ID- Card (npa) in Enterprise Environments Technics Prospects Costs - Threats Troopers 2011 By Friedwart Kuhn & Michael Thumann Agenda Introduction The New German ID-Card (npa)

More information

Facts about the new identity card

Facts about the new identity card Facts about the new identity card Contents The new identity card At a glance... 4 In detail... 6 Photographs... 8 New ID card, new possibilities...10 Special functions... 11 The online function...12 Reader

More information

Expert Meeting on CYBERLAWS AND REGULATIONS FOR ENHANCING E-COMMERCE: INCLUDING CASE STUDIES AND LESSONS LEARNED. 25-27 March 2015.

Expert Meeting on CYBERLAWS AND REGULATIONS FOR ENHANCING E-COMMERCE: INCLUDING CASE STUDIES AND LESSONS LEARNED. 25-27 March 2015. Expert Meeting on CYBERLAWS AND REGULATIONS FOR ENHANCING E-COMMERCE: INCLUDING CASE STUDIES AND LESSONS LEARNED 25-27 March 2015 eidas Regulation By Alessandra Sbordoni Legal Officer, eidas Task Force

More information

Electronic machine-readable travel documents (emrtds) The importance of digital certificates

Electronic machine-readable travel documents (emrtds) The importance of digital certificates Electronic machine-readable travel documents (emrtds) The importance of digital certificates Superior security Electronic machine-readable travel documents (emrtds) are well-known for their good security.

More information

Mobile Driver s License Solution

Mobile Driver s License Solution Mobile Driver s License Solution Secure, convenient and more efficient Improved identity protection through secure mobile driver s licenses The introduction of a mobile driver s license is a huge opportunity

More information

DS-05-2015: Trust eservices. The policy context: eidas Regulation

DS-05-2015: Trust eservices. The policy context: eidas Regulation DS-05-2015: Trust eservices The policy context: eidas Regulation Cybersecurity & Privacy Innovation Forum 2015 Brussels, 28 April 2015 Andrea SERVIDA DG CONNECT, European Commission Head of eidas Task

More information

Moving to the third generation of electronic passports

Moving to the third generation of electronic passports Moving to the third generation of electronic passports A new dimension in electronic passport security with Supplemental Access Control (SAC) > WHITE PAPER 2 Gemalto in brief Gemalto is the world leader

More information

esign Online Digital Signature Service

esign Online Digital Signature Service esign Online Digital Signature Service Government of India Ministry of Communications and Information Technology Department of Electronics and Information Technology Controller of Certifying Authorities

More information

Proposal for a Regulation on Electronic identification and trust services for electronic transactions in the internal market

Proposal for a Regulation on Electronic identification and trust services for electronic transactions in the internal market Proposal for a Regulation on Electronic identification and trust services for electronic transactions in the internal market [COM(2012) 238 final] {SWD(2012) 135 final} {SWD(2012) 136 final} Andrea SERVIDA

More information

Implementation: Single European Market for eidentity

Implementation: Single European Market for eidentity Implementation: Single European Market for eidentity January 16th 2014 Berlin Dr. Kim Nguyen, Chief Scientist Security (Bundesdruckerei GmbH) & Managing Director D-TRUST GmbH Intern/Vertraulich 1 eidentity

More information

Glossary of Key Terms

Glossary of Key Terms and s Branch Glossary of Key Terms The terms and definitions listed in this glossary are used throughout the s Package to define key terms in the context of. Access Control Access The processes by which

More information

PERSONALIZATION AS A KEY PROCESS IN ELECTRONIC ID DOCUMENT ISSUING PROGRAMS

PERSONALIZATION AS A KEY PROCESS IN ELECTRONIC ID DOCUMENT ISSUING PROGRAMS PERSONALIZATION AS A KEY PROCESS IN ELECTRONIC ID DOCUMENT ISSUING PROGRAMS Alexander Popov, X INFOTECH Presentation Title cv cryptovision GmbH T: +49 (0) 209.167-24 50 F: +49 (0) 209.167-24 61 info(at)cryptovision.com

More information

Case Studies. National Identity Management Commission (NIMC), Nigeria eid Consulting for national ID system

Case Studies. National Identity Management Commission (NIMC), Nigeria eid Consulting for national ID system Case Studies National Identity Management Commission (NIMC), Nigeria eid Consulting for national ID system Royal Oman Police (ROP) of the Sultanate of Oman eid Consulting for e-passport system Federal

More information

3 rd Generation Electronic Passport Supplemental Access Control (SAC) for future-proof security and privacy

3 rd Generation Electronic Passport Supplemental Access Control (SAC) for future-proof security and privacy 3 rd Generation Electronic Passport Supplemental Access Control (SAC) for future-proof security and privacy Gemalto Verna Heino ICAO MRTD Symposium Montreal ICAO MRTD Symposium, Montreal September 12 th

More information

FAQs - New German ID Card. General

FAQs - New German ID Card. General FAQs - New German ID Card General 1) How to change from the old ID card to the new one? The new Law on Identification Cards came into effect on 1 November 2010. Since then, citizens can apply for the new

More information

Biometrics for Public Sector Applications

Biometrics for Public Sector Applications Technical Guideline TR-03121-2 Biometrics for Public Sector Applications Part 2: Software Architecture and Application Profiles Version 2.3 Bundesamt für Sicherheit in der Informationstechnik Postfach

More information

Security by Politics - Why it will never work. Lukas Grunwald DN-Systems GmbH Germany DefCon 15 Las Vegas USA

Security by Politics - Why it will never work. Lukas Grunwald DN-Systems GmbH Germany DefCon 15 Las Vegas USA Security by Politics - Why it will never work Lukas Grunwald DN-Systems GmbH Germany DefCon 15 Las Vegas USA Agenda Motivation Some basics Brief overview epassport (MRTD) Why cloning? How to attack the

More information

The New German ID Card

The New German ID Card The New German ID Card Marian Margraf Federal Ministry of the Interior marian.margraf@bmi.bund.de Abstract Besides their use in identity verification at police and border controls, national ID cards are

More information

Keep Out of My Passport: Access Control Mechanisms in E-passports

Keep Out of My Passport: Access Control Mechanisms in E-passports Keep Out of My Passport: Access Control Mechanisms in E-passports Ivo Pooters June 15, 2008 Abstract Nowadays, over 40 different countries issue biometric passports to increase security on there borders.

More information

Landscape of eid in Europe in 2013

Landscape of eid in Europe in 2013 Landscape of eid in Europe in 2013 July 2013 Eurosmart White Paper Contents Executive Summary 3 1. Purpose of the document 3 2. EU regulation 3 3. EU Member States identification policies 4 3.1. National

More information

Strong Authentication based on the German ID Card

Strong Authentication based on the German ID Card Strong Authentication based Protocols and Use Cases 10th ICCC / 2009-09-22 / Present Registration / Identification filling in an (electronic) form (print out with hand-written signature) copy of id card

More information

European Electronic Identity Practices

European Electronic Identity Practices European Electronic Identity Practices Country Update of Austria Speaker: Herbert Leitold Date: 9 Nov 2004 PART I: Overview Table of contents Overview of Citizen Card initiatives and its status (Summary

More information

Securing Identities & Trust

Securing Identities & Trust Securing Identities & Trust Agenda About Safelayer Identities & Trust eidas (eid, Authentication and Signature) Use case: Izenpe Mobile eidas services Safelayer Demo Portal Q& A? WWW.SAFELAYER.COM 2 About

More information

Business Issues in the implementation of Digital signatures

Business Issues in the implementation of Digital signatures Business Issues in the implementation of Digital signatures Much has been said about e-commerce, the growth of e-business and its advantages. The statistics are overwhelming and the advantages are so enormous

More information

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 114 thereof,

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 114 thereof, 28.8.2014 Official Journal of the European Union L 257/73 REGULATION (EU) No 910/2014 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 23 July 2014 on electronic identification and trust services for electronic

More information

Commission s proposal for a Regulation on Electronic identification and trust services for electronic transactions in the internal market

Commission s proposal for a Regulation on Electronic identification and trust services for electronic transactions in the internal market Commission s proposal for a Regulation on Electronic identification and trust services for electronic transactions in the internal market COM(2012)238 of 4.6.2012 ClubPSCo, Paris, 20.6.2012 Gérard GALLER

More information

Electronic Identity Cards for User Authentication Promise and Practice

Electronic Identity Cards for User Authentication Promise and Practice Electronic Identity Cards for User Authentication Promise and Practice Andreas Poller Ulrich Waldmann Sven Vowé Sven Türpe Fraunhofer Institute for Secure Information Technology (SIT) Rheinstraße 75, 64295

More information

European Electronic Identity Practices Country Update of Portugal

European Electronic Identity Practices Country Update of Portugal European Electronic Identity Practices Country Update of Portugal Speaker: Anabela Pedroso anabela.pedroso@umic.pt Date: 3 November 2006 1. Status of National legislation on eid Are eid specific regulations

More information

NIST-Workshop 10 & 11 April 2013

NIST-Workshop 10 & 11 April 2013 NIST-Workshop 10 & 11 April 2013 EUROPEAN APPROACH TO OVERSIGHT OF "TRUST SERVICE PROVIDERS" Presented by Arno Fiedler, Member of European Telecommunications Standards Institute Electronic Signatures and

More information

Implementation of eidas through Member States Supervisory Bodies

Implementation of eidas through Member States Supervisory Bodies Implementation of eidas through Member States Supervisory Bodies Riccardo Genghini - ETSI TC ESI & CEN-ETSI e-sign Coord. Group Chairman CA Day Berlin June 09 th, 2015 ETSI 2013. All rights reserved 2

More information

Full page passport/document reader Regula model 70X4M

Full page passport/document reader Regula model 70X4M Full page passport/document reader Regula model 70X4M Full page passport reader with no moving parts inside. Automatic reading and authenticity verification of passports, IDs, visas, driver s licenses

More information

LEGAL FRAMEWORK FOR E-SIGNATURE IN LITHUANIA AND ENVISAGED CHANGES OF THE NEW EU REGULATION

LEGAL FRAMEWORK FOR E-SIGNATURE IN LITHUANIA AND ENVISAGED CHANGES OF THE NEW EU REGULATION LEGAL FRAMEWORK FOR E-SIGNATURE IN LITHUANIA AND ENVISAGED CHANGES OF THE NEW EU REGULATION Aušra Kumetaitienė Head of Information Society Development Division Tomas Jakimavičius Telecommunications and

More information

The Estonian ID Card and Digital Signature Concept

The Estonian ID Card and Digital Signature Concept The Estonian ID Card and Digital Signature Concept Principles and Solutions Ver 20030307 Contents Contents...2 Status of the document...3 Introduction...3 Intended audience...3 Current project status...3

More information

Test plan for eid and esign compliant terminal software with EACv2

Test plan for eid and esign compliant terminal software with EACv2 Technical Guideline BSI TR-03105 Part 5.3 Test plan for eid and esign compliant terminal software with EACv2 Version: 2.0 Date: 2015-05-22 Bundesamt für Sicherheit in der Informationstechnik Postfach 20

More information

Regulation on electronic identification and trust services for electronic transactions in the internal market

Regulation on electronic identification and trust services for electronic transactions in the internal market Informationsgesellschaft, Telekommunikation Regulation on electronic identification and trust services for electronic transactions in the internal market Meaning of the EU-Regulation for the national legal

More information

Operational and Technical security of Electronic Passports

Operational and Technical security of Electronic Passports European Agency for the Management of Operational Cooperation at the External Borders of the Member States of the European Union Operational and Technical security of Electronic Passports Warsaw, Legal

More information

Establishing and Managing the Schengen Masterlist of CSCAs

Establishing and Managing the Schengen Masterlist of CSCAs Establishing and Managing the Schengen Masterlist of CSCAs Big City 21/04/2015 European Commission Directorate-General HOME Unit B3 Information Systems for Borders and Security Richard.Rinkens@ec.europa.eu

More information

FAQs Electronic residence permit

FAQs Electronic residence permit FAQs Electronic residence permit General 1) When was the electronic residence permit introduced? Since 1 September 2011, foreigners in Germany have been issued with the new electronic residence permit

More information

CoSign by ARX for PIV Cards

CoSign by ARX for PIV Cards The Digital Signature Company CoSign by ARX for PIV Cards Seamless and affordable digital signature processes across FIPS 201-compliant systems Introduction to Personal Identity Verification (PIV) In response

More information

TrustedX: eidas Platform

TrustedX: eidas Platform TrustedX: eidas Platform Identification, authentication and electronic signature platform for Web environments. Guarantees identity via adaptive authentication and the recognition of either corporate,

More information

Combatting Counterfeit Identities: The Power of Pairing Physical & Digital IDs

Combatting Counterfeit Identities: The Power of Pairing Physical & Digital IDs Combatting Counterfeit Identities: The Power of Pairing Physical & Digital IDs 1 GOVERNMENTS ADOPTING DIGITAL STRATEGIES Governments designing/operating digital ecosystems to create, transform and optimize

More information

26.3.2014 A7-0365/133

26.3.2014 A7-0365/133 26.3.2014 A7-0365/133 Amendment 133 Amalia Sartori on behalf of the Committee on Industry, Research and Energy Report A7-0365/2013 Marita Ulvskog Electronic identification and trust services for electronic

More information

Advanced Security Mechanisms for Machine Readable Travel Documents

Advanced Security Mechanisms for Machine Readable Travel Documents Technical Guideline TR-03110-3 Advanced Security Mechanisms for Machine Readable Travel Documents Part 3 Common Specifications Version 2.10 20. March 2012 History Version Date Comment 1.00 2006-02-08 Initial

More information

Electronic Signatures: A New Opportunity for Growth. May 10, 2005

Electronic Signatures: A New Opportunity for Growth. May 10, 2005 Electronic Signatures: A New Opportunity for Growth May 10, 2005 1 Contents Is It Legal? 3 E-Signature Technology 12 Another Industry Example 15 National Association for Variable Annuities Applications

More information

The ID card with eid function at a glance

The ID card with eid function at a glance The ID card with eid function at a glance New possibilities, more security Since 1 November 2010, Germany has been issuing the new ID card in smart card format and with a chip. With this chip, the ID card

More information

THE LEADING EDGE OF BORDER SECURITY

THE LEADING EDGE OF BORDER SECURITY THE LEADING EDGE OF BORDER SECURITY RECORD-BREAKING TRAVEL CREATING NEW CHALLENGES TIM KLABUNDE Entrust Datacard; Director, Government Vertical Marketing THE ERA OF THE MOBILE IDENTITY In an increasingly

More information

The German eid-card. Jens Bender. Federal Office for Information Security Bundesamt für Sicherheit in der Informationstechnik

The German eid-card. Jens Bender. Federal Office for Information Security Bundesamt für Sicherheit in der Informationstechnik The German eid-card Federal Office for Information Security Bundesamt für Sicherheit in der Informationstechnik eid Workshop KU Leuven / The German Electronic ID-Card (Elektronischer Personalausweis) Motivation

More information

SECURITY IMPLICATIONS OF NFC IN AUTHENTICATION AND IDENTITY MANAGEMENT

SECURITY IMPLICATIONS OF NFC IN AUTHENTICATION AND IDENTITY MANAGEMENT SECURITY IMPLICATIONS OF NFC IN AUTHENTICATION AND IDENTITY MANAGEMENT Dmitry Barinov SecureKey Technologies Inc. Session ID: MBS-W09 Session Classification: Advanced Session goals Appreciate the superior

More information

OB10 - Digital Signing and Verification

OB10 - Digital Signing and Verification Global Headquarters 90 Fetter Lane London EC4A 1EN Tel: +44 (0) 870 165 7410 Fax: +44 (0) 207 240 2696 OB10 - Digital Signing and Verification www.ob10.com Version 2.4 March 2013 Summary In order to comply

More information

Guide for Securing E-mail With WISeKey CertifyID Personal Digital Certificate (Personal eid)

Guide for Securing E-mail With WISeKey CertifyID Personal Digital Certificate (Personal eid) The World Internet Security Company Solutions for Security Guide for Securing E-mail With WISeKey CertifyID Personal Digital Certificate (Personal eid) Wherever Security relies on Identity, WISeKey has

More information

Audio: This overview module contains an introduction, five lessons, and a conclusion.

Audio: This overview module contains an introduction, five lessons, and a conclusion. Homeland Security Presidential Directive 12 (HSPD 12) Overview Audio: Welcome to the Homeland Security Presidential Directive 12 (HSPD 12) overview module, the first in a series of informational modules

More information

Study on Mutual Recognition of esignatures: update of Country Profiles Icelandic country profile

Study on Mutual Recognition of esignatures: update of Country Profiles Icelandic country profile Study on Mutual Recognition of esignatures: update of Country Profiles Icelandic country profile This report / paper was prepared for the IDABC programme by: Coordinated by: Hans Graux (time.lex), Brigitte

More information

Description of the Technical Component:

Description of the Technical Component: Confirmation concerning Products for Qualified Electronic Signatures according to 15 Sec. 7 S. 1, 17 Sec. 4 German Electronic Signature Act 1 and 11 Sec. 2 and 15 German Electronic Signature Ordinance

More information

View from a European Trust Service Provider Server Signing: Return of experience and certification strategy

View from a European Trust Service Provider Server Signing: Return of experience and certification strategy View from a European Trust Service Provider Server Signing: Return of experience and certification strategy January 16, 2014 - Berlin Thibault de Valroger VP Strategy & Development OPENTRUST Thibault.devalroger@opentrust.com

More information

Identity - Privacy - Security

Identity - Privacy - Security Identity - Privacy - Security Systems Security Engineering and Privacy Privacy and Security Workshop 3 Nov 2006 Toronto Recent Digital FIPS Border 201 Motivation Identity Security for Security Privacy

More information

PKD Board ICAO PKD unclassified B-Tec/37. Procedures for the ICAO Public Key Directory

PKD Board ICAO PKD unclassified B-Tec/37. Procedures for the ICAO Public Key Directory Procedures for the ICAO Public Key Directory last modification final 1/13 SECTION 1 INTRODUCTION 1.1 As part of the MRTD initiative by ICAO, the Participants will upload to and download from the PKD, their

More information

Signicat white paper. Signicat Solutions. This document introduces the Signicat solutions for digital identities and electronic signatures 2015-08

Signicat white paper. Signicat Solutions. This document introduces the Signicat solutions for digital identities and electronic signatures 2015-08 Signicat white paper Signicat Solutions This document introduces the Signicat solutions for digital identities and electronic signatures 2015-08 Version 1.1 2015-08-20 Disclaimer Please note that this

More information

Frequently Asked Questions About the Standard for Personal Identity Verification (PIV) of Federal Employees and Contractors

Frequently Asked Questions About the Standard for Personal Identity Verification (PIV) of Federal Employees and Contractors Frequently Asked Questions About the Standard for Personal Identity Verification (PIV) of Federal Employees and Contractors Background On Aug. 27, 2004, the President issued a Homeland Security Presidential

More information

Server based signature service. Overview

Server based signature service. Overview 1(11) Server based signature service Overview Based on federated identity Swedish e-identification infrastructure 2(11) Table of contents 1 INTRODUCTION... 3 2 FUNCTIONAL... 4 3 SIGN SUPPORT SERVICE...

More information

Security framework. Guidelines for trust services providers Part 1. Version 1.0 December 2013

Security framework. Guidelines for trust services providers Part 1. Version 1.0 December 2013 Security framework Guidelines for trust services providers Part 1 Version 1.0 December 2013 European Union Agency for Network and Information Security www.enisa.europa.eu Security framework Guidelines

More information

Digital Signatures The Law and Best Practices for Compliance. January 2014

Digital Signatures The Law and Best Practices for Compliance. January 2014 Digital Signatures The Law and Best Practices for Compliance January 2014 Electronic/Digital Signature Legislation Disclaimer: ARX is not is not a law firm and does not provide legal advice. We make no

More information

Sub- Regional Workshop and Consulta;ons on Capacity- Building in Travel Document Security: Colombia, 2013

Sub- Regional Workshop and Consulta;ons on Capacity- Building in Travel Document Security: Colombia, 2013 Sub- Regional Workshop and Consulta;ons on Capacity- Building in Travel Document Security: Colombia, 2013 Carlos Gómez Head of R&D and Innova.on, FNMT- RCM, Spain ICAO TRIP: Building Trust in Travel Document

More information

Discover Germany s Electronic Passport

Discover Germany s Electronic Passport Discover Germany s Electronic Passport Starting 1 Nov. 2007 E-Passport 2nd Generation www.epass.de 1 Introducing Germany s e-passport If you want to know why there are electronic passports and how to recognize

More information

Global eid Developments. Detlef Eckert Chief Security Advisor Microsoft Europe, Middle East, and Africa

Global eid Developments. Detlef Eckert Chief Security Advisor Microsoft Europe, Middle East, and Africa Global eid Developments Detlef Eckert Chief Security Advisor Microsoft Europe, Middle East, and Africa Agenda Country View on eid initiatives Trustworthy Identity Scenarios Microsoft eid update Summary

More information

January 2015 Copyright 2015 GSM Association

January 2015 Copyright 2015 GSM Association Mobile Identity A Regulatory Overview Second edition January 2015 Copyright 2015 GSM Association 1 Introduction This paper is the second edition of the paper published by GSMA in February 2013 which provided

More information

Automation for Electronic Forms, Documents and Business Records (NA)

Automation for Electronic Forms, Documents and Business Records (NA) Automation for Electronic Forms, Documents and Business Records (NA) White Paper Learn more. www.alphatrust.com Automation for Electronic Forms, Documents and Business Records (NA) White Paper About AlphaTrust

More information

The Concept of Trust in Network Security

The Concept of Trust in Network Security En White Paper Date: August 2000 Version: 1.2 En is a registered trademark of En, Inc. in the United States and certain other countries. En is a registered trademark of En Limited in Canada. All other

More information

Transaction Security. Advisory Services

Transaction Security. Advisory Services Transaction Security Advisory Services Your independent, trusted partner for transaction security technology Welcome to UL UL is a world leader in advancing safety with over a hundred years of history.

More information

e-passports Erik Poll Digital Security Group Radboud University Nijmegen

e-passports Erik Poll Digital Security Group Radboud University Nijmegen e-passports Erik Poll Digital Security Group Radboud University Nijmegen overview e-passports functionality and security mechanisms problems, so far future 2 e-passports e-passport contains RFID chip /

More information

De-Mail. A reliable and secure online communication platform. Armin Wappenschmidt (secunet) More information: www.de-mail.de

De-Mail. A reliable and secure online communication platform. Armin Wappenschmidt (secunet) More information: www.de-mail.de De-Mail A reliable and secure online communication platform Armin Wappenschmidt (secunet) More information: www.de-mail.de 1 Agenda Overview of De-Mail Implementation aspects Current status and outlook

More information

A KIND OF IMPLEMENT ABOUT MOBILE SIGNATURE SERVICE BASED ON MOBILE TELEPHONE TERMINAL

A KIND OF IMPLEMENT ABOUT MOBILE SIGNATURE SERVICE BASED ON MOBILE TELEPHONE TERMINAL A KIND OF IMPLEMENT ABOUT MOBILE SIGNATURE SERVICE BASED ON MOBILE TELEPHONE TERMINAL Wangjian, Xu Guoai, Zhangmiao National Engineering Laboratory for Disaster Backup and Recovery, Beijing University

More information

Position Paper. Third-country nationals and digital identity management in the EU

Position Paper. Third-country nationals and digital identity management in the EU Position Paper Third-country nationals and digital identity management in the EU January 2010 Disclaimer Eurosmart has taken reasonable measures to ensure the quality of the information contained in this

More information

In principle, BITKOM therefore welcomes the draft regulation to promote EUwide use of means of electronic identification.

In principle, BITKOM therefore welcomes the draft regulation to promote EUwide use of means of electronic identification. on the proposal for an EU regulation on electronic identification and trust services for electronic transactions in the internal market 18.04.2013 Page 1 The Federal Association for Information Technology,

More information

Banking. Extending Value to Customers. KONA Banking product matrix. KONA@I is leading the next generation of payment solutions.

Banking. Extending Value to Customers. KONA Banking product matrix. KONA@I is leading the next generation of payment solutions. Smart IC Banking Banking Extending Value to Customers KONA Banking product matrix Contact - SDA Product EEPROM Java Card Type KONA Products KONA@I is leading the next generation of payment solutions Banks,

More information

Guidelines for the use of electronic signature

Guidelines for the use of electronic signature Republic of Albania National Authority for Electronic Certification Guidelines for the use of electronic signature Guide Nr. 001 September 2011 Version 1.3 Guidelines for the use of electronic signature

More information

Innovations in Digital Signature. Rethinking Digital Signatures

Innovations in Digital Signature. Rethinking Digital Signatures Innovations in Digital Signature Rethinking Digital Signatures Agenda 2 Rethinking the Digital Signature Benefits Implementation & cost issues A New Implementation Models Network-attached signature appliance

More information

Qualified mobile electronic signatures: Possible, but worth a try?

Qualified mobile electronic signatures: Possible, but worth a try? Qualified mobile electronic signatures: Possible, but worth a try? Lothar Fritsch 1, Johannes Ranke 2, Heiko Rossnagel 1 Interest level of audience: 3 - for application developers (interested in IT security)

More information

ISO/IEC 24727 for secure mobile web applications

ISO/IEC 24727 for secure mobile web applications ISO/IEC 24727 for secure mobile web applications Jan Eichholz 1 Detlef Houdeau 2 Detlef Hühnlein 3 Manuel Bach 4 1 Giesecke & Devrient GmbH, jan.eichholz@gi-de.com 2 Infineon Technologies AG, detlef.houdeau@infineon.com

More information

Public Key Applications & Usage A Brief Insight

Public Key Applications & Usage A Brief Insight Public Key Applications & Usage A Brief Insight Scenario :: Identification, Authentication & Non- Repudiation :: Confidentiality :: Authenticity, requirements and e-business Integrity for electronic transaction

More information

MACHINE READABLE TRAVEL DOCUMENTS

MACHINE READABLE TRAVEL DOCUMENTS MACHINE READABLE TRAVEL DOCUMENTS TECHNICAL REPORT Version 1.0 Date - April 7, 2011 Published by authority of the Secretary General ICAO/NTWG SUB-WORKING GROUP FOR NEW SPECIFICATIONS td1 CARD File Author

More information

Setting Processes for Electronic Signature

Setting Processes for Electronic Signature Setting Processes for Electronic Signature Dr. Joachim Schiff On behalf of the SPES Consortium Workgroup City of Saarbruecken IKS Nell-Breuning-Allee 1 D-66115 Saarbruecken Germany Tel. 0049 681 905 5000

More information

eauthentication in Estonia and beyond Tarvi Martens SK

eauthentication in Estonia and beyond Tarvi Martens SK eauthentication in Estonia and beyond Tarvi Martens SK E-stonia? Population: 1.35M Internet usage: 56% Internet banking: 88% Mobile penetration: >100% 1000+ Free Internet Access points PKI penetration:

More information

esign FAQ 1. What is the online esign Electronic Signature Service? 2. Where the esign Online Electronic Signature Service can be used?

esign FAQ 1. What is the online esign Electronic Signature Service? 2. Where the esign Online Electronic Signature Service can be used? esign FAQ 1. What is the online esign Electronic Signature Service? esign Electronic Signature Service is an innovative initiative for allowing easy, efficient, and secure signing of electronic documents

More information

Proposed Framework for an Interoperable Electronic Identity Management System

Proposed Framework for an Interoperable Electronic Identity Management System page 1 Proposed Framework for an Interoperable Electronic Identity Management System Amir Hayat 1, Thomas Rössler 1 Several Member States in the European Union (EU)have rolled out electronic identity (eid)

More information

Secure Card based Voice over Internet Protocol Authentication

Secure Card based Voice over Internet Protocol Authentication Secure Card based Voice over Internet Protocol Authentication By GOWSALYA.S HARINI.R CSE-B II YEAR (IFET COLLEGE OF ENGG.) Approach to Identity Card-based Voiceover-IP Authentication Abstract Voice-over-IP

More information

Implementation of e-signature in the ESCWA Region: Status and Next Steps. By Matthew Perkins

Implementation of e-signature in the ESCWA Region: Status and Next Steps. By Matthew Perkins Implementation of e-signature in the ESCWA Region: Status and Next Steps By Matthew Perkins Understanding e-signature How do we identify ourselves online? Electronic records of real-world authenticators

More information

Understanding Digital Signature And Public Key Infrastructure

Understanding Digital Signature And Public Key Infrastructure Understanding Digital Signature And Public Key Infrastructure Overview The use of networked personnel computers (PC s) in enterprise environments and on the Internet is rapidly approaching the point where

More information

Statewatch Briefing ID Cards in the EU: Current state of play

Statewatch Briefing ID Cards in the EU: Current state of play Statewatch Briefing ID Cards in the EU: Current state of play Introduction In March 2010, the Council Presidency sent out a questionnaire to EU Member States and countries that are members of the socalled

More information

Best Practices for the Use of RF-Enabled Technology in Identity Management. January 2007. Developed by: Smart Card Alliance Identity Council

Best Practices for the Use of RF-Enabled Technology in Identity Management. January 2007. Developed by: Smart Card Alliance Identity Council Best Practices for the Use of RF-Enabled Technology in Identity Management January 2007 Developed by: Smart Card Alliance Identity Council Best Practices for the Use of RF-Enabled Technology in Identity

More information

Information & Communication Security (SS 15)

Information & Communication Security (SS 15) Information & Communication Security (SS 15) Electronic Signatures Dr. Jetzabel Serna-Olvera @sernaolverajm Chair of Mobile Business & Multilateral Security Goethe University Frankfurt www.m-chair.de Agenda

More information