The eID service offered by a commissioned external service provider running an appropriate eID server for several services of clients is another way to connect to the infrastructure as a service provider.

In this case the service provider is the holder of the authorization and thus fully responsible for complying with all requirements, also for third party assignments.

The eID service

• manages the entire communication process with the ID card's chip and receives up-to-date authorization certificates and revocation lists,
• transmits the data retrieved from the ID card's chip to the requesting service after the ID card holder has been successfully authenticated,
• communicates with the service provider via a secure SSL connection,
• can help in applying for authorization certificates at the authority responsible for issuing authorization certificates.

If an eID service is used, the cryptographic keys for the communication between the service provider and the eID service must be stored on both sides with the same security protection level.

To comply with these requirements several modular functional units have been integrated into the eID server.

eID service providers

In the following list you can find providers of eID services.

Questions and anwers