 |
mtG-eID: The eID server by mtG for using the identity-verification function provided by the "new Personalausweis" (nPA)
On November 1th 2010, the new German identity card (neuer Personalausweis, nPA) will be introduced. The nPA includes an electronic chip supporting three functions which are:
| •
|
| the function of a sovereign identity document (inclusive biometric data) |
| •
|
| the function of an electronic identity card and |
| •
|
| optionally the function for an electronic signature according to the German signature law |
Especially the function for an electronic identity card will offer advantages to the cards owner in the future. Wherever previously a personal appearance of the identity card owner with identity card was necessary for identity verification, it will be possible in the future to check the card owner’s identity without a personal appearance. Electronic commercial transactions and electronic government operations will become much easier and the card holder will thus be much more independent of business hours and must not accept waiting periods.
From a technical point of view an electronic identity server (eID-Server) is required for the electronic identification.. With such an eID server, service providers (online traders, banks, insurances, public institutions, administrations ...) and customers (identity card holder) will identify themselves to each other before performing a commercial transaction or an administrative operation. Also the age verification of the card owner can be accomplished this way. Service providers thereby have the opportunity to run a eID server on their own or use it as a service provided by a service provider.
The media transfer AG (mtG) today has a potential of about 15 years in experience on the realization of such complex systems with highest demands on security, availability, performance and scalability. With the product mtG-CARA, mtG already delivered the certificate infrastructure for the new German identity card to the federal republic of Germany. Thus technology of mtG will be used with every new German identity card. Against this background, the decision of mtG to develop and market an eID-Server product with product name mtG-eID is consistent. Moreover mtG-eID will complement the security product portfolio of mtG.
In the context of the electronic identity server "mtG-eID" mtG offers the following services:
| •
|
| Delivery of eID-mtG as a software product or as a preconfigured appliance
|
| •
|
| Maintenance of the software product or appliance
|
| •
|
| Support via phone or e-mail for the product or appliance
|
| •
|
| Support during installation, configuration and start of production
|
| •
|
| Integration support for mtg-eID into the existing IT-infrastructure
|
| •
|
| Operational support of mtG-eID (On-Site Support, update support, remote monitoring)
|
Usage scenarios for the electronic identity thru an eID server are (this list does not claim to be exhaustive):
| •
|
| Data registration of new customers (time consuming address verification can be omitted) |
| •
|
| pseudonymous registration and recognition (eg. sufficient for music, video games or download with payment provider) |
| •
|
| Age verification (eg older than 18 years) without costly and time consuming "Schufa" verification and enrollment |
| •
|
| Anonymous age verification (eg enough for music, video games or download with payment provider) |
| •
|
| Seamless integration with applications that require an electronic signature (eg, online contract) |
| •
|
| Account and / or opening deposit with banks
|
| •
|
| Administrative processes (residence registration or re-registration, vehicle registration / re-registration)
|
The following references demonstrate already the mtG involvment in the new German identity card projects:
| •
|
|
Pilot project of the Deutsche Telekom Laboratories eCARD:
| •
|
| mtG provides the so-called Country Signing PKI (CSCA) for testing the authenticity of the nPA |
| •
|
| mtG implements prototypically the card personalization of the test cards |
|
| •
|
|
Pilot project KopileID:
| •
|
| mtG provides the so-called Country Verifying PKI (CVCA / authorization service) to provide access rights to the nPA in eCommerce applications |
|
| •
|
|
German IT Summit November 2008
| •
|
| mtG provides PKI services and card personalization |
|
| •
|
|
Pilot project "Citizen Card", the German Telekom Laboratories:
| •
|
| mtG provides a prototypical eID server |
| •
|
| mtG integrates secure nPA – based authentication in multiple portals |
|
|
