eIdentification/eAuthentication
Citizen Card
To make procedures with public authorities both secure and traceable, public authorities
must be able to verify a person's identity. An electronic tool is needed that can uniquely
identify citizens and businesses. This electronic identification is the 'citizen card'. The citizen
card can also be used to sign documents securely and electronically. Since the
implementation of the mobile phone signature (citizen card with mobile phone function) at
the end of 2009, it is no longer necessary to have chip cards, card reading devices, or to
install software on a local machine in order to use citizen card functionality. In comparison
to other systems, the citizen card has many advantages. The normal username/password
approach presents a high security risk due to poorly chosen passwords. Research has
shown that many computer users select bad, easy to crack passwords (e.g., their own
name) or write the passwords down. Passwords can also be intercepted on the Internet. All
of these problems lead to unauthorised access. The 'digital signature' is covered by law and
protects against unwanted access and changes to content.
The term 'citizen card' is used to describe an identity management concept that makes it
possible to provide electronic services for public administration employees and customers in
a simple and secure manner. Being the electronic identification in the Internet, the citizen
card provides unique identification and authentication of users, which is necessary in order
to offer certain electronic procedures. When the citizen card functionality is activated, for
example free-of-charge on a citizen's e-card, two certificates and an 'identity link' is saved
on the storage medium. The identity link establishes a link between the person and the
storage medium. This enables the person to be identified at a later time. The authentication
and signature certificates are used to encrypt and sign data and documents.
|