The online ID linked to the electronic ID card should be easier to use in the future. The Federal Ministry of the Interior (BMI) has submitted a draft bill for a law “to introduce electronic proof of identity with a mobile device”. Citizens should in future be able to save their online ID directly on their smartphones. This should improve the acceptance of electronic ID cards and increase their use by at least half.
For this purpose, the laws for the identity card, for the card for the electronic proof of identity (eID) and for the residence of foreign citizens “user-friendly” are to be further developed, writes the interior department. The online ID in its current form is generally recognized for secure identification. However, its distribution “has not met expectations”. The federal cabinet is expected to approve the proposal on Wednesday and then bring it to the Bundestag.
Identitätsnachweis per Smartphone
Electronic proof of identity is currently guaranteed by two factors: knowledge of the six-digit secret number and possession of an identity card, eID card or electronic residence permit. Now the smartphone and the state app should also be considered a means of possession.
Citizens should be able to request the transfer of the necessary keys from the memory of the identity card to their cell phone online, whereby they have to identify themselves by eID. The ID card manufacturer must take measures to prevent the data stored in the mobile phone from being misused, for example with an additional blocking key. According to the plan, the card holder can delete the data of the eID function on his end device himself.
The ministry estimates that electronic proof of identity with mobile devices will save citizens a total of 11,806 hours a year. He and the BSI (Federal Office for Information Security) would incur one-time development costs of more than 19 million euros and annual costs of over 26 million euros. Each hour saved therefore costs more than 2,200 euros in operating costs, not including one-off development costs.
The working group of municipal IT service providers Vitako welcomes the project in principle. In order for users to take up this new online ID, there must also be “sufficiently relevant use cases”. From the point of view of the association, the success of the project also depends on the fact that as many smartphones and tablets as possible meet the requirements of the Federal Office for Information Security (BSI) for systems for electronic identification.
Not with every smartphone or tablet
So far it looks bad here. In order to be able to use the eID solution, a smartphone needs an embedded security architecture that has to reach the level of “substantial” of the eIDAS regulation. According to Vitako, this is currently only achieved by Samsung devices from the Galaxy S20 series, which can be attributed to the state-funded Optimos 2.0 project. The planned amendments to the law should not lead to “a corresponding competition in the market being prevented”.
The Federal Ministry of the Interior admits that the identification service will “initially only work with a few devices”. And how long the cell phone ID should be valid is unclear. The draft law speaks of five years, the explanations of how Vitako got noticed.
The general association of the German insurance industry demands “that in addition to a digital identity derived from the identity card, other identification procedures are recognized at the same level of trust”. An “eID ecosystem” is needed.