Technology

type: Article

The prerequisite for using the ID card's online ID function is a working infrastructure. The entire infrastructure is based on a public key infrastructure (PKI) for authorization certificates and a system to block ID cards. A variety of public authorities and institutions cooperate in the PKI.

  • The Federal Office for Information Security (BSI) as the root CA operator,
  • the Federal Office of Administration with its authority responsible for issuing authorization certificates (VfB) as the registration authority (RA) and
  • the providers of certificates responsible for the technical aspects of issuing authorization certificates.

You can find an overview of all technical specifications in the Technical Guideline BSI-TR-03127 "Architecture Electronic Identity Card and Electronic Resident Permit".

Providers wishing to integrate the online ID function into their services need the following infrastructure components:

Service providers pursuant Section 21 of the Act on Identity Cards and Electronic Identification need

Customers of an identification service provider pursuant to Section 21 b of the Act on Identity Cards and Electronic Identification need

  • Connection to the interface (API) of the identification service provider (e.g. OpenIDConnect)
    With this components service providers can reliably identify themselves to their clients and establish a secure communication link with ID cards.

Contact

Federal Office of Administration,
Authority Awarding Authorization Certificates