Language switcher

You are here

The majority of electronically used ID-cards were renewed

494,000 ID-cards with a security risk, i.e. 95% of electronically used cards, were renewed by the end of March. As at 1 April, the certificates of almost 300,000 cards were revoked. The cards will still be valid as identity and travel documents until the date marked on the card.

‘The government revoked the certificates of cards with a security risk to avoid the exploitation of the weakness in the chip. To our knowledge, this security risk has not realised and no one’s digital identity has been abused due to it,’ said Margus Arm, Head of the Electronic Identity Department of the Information System Authority.

The Director General of the Police and Border Guard Board suspended the certificates of 760,000 ID-cards with a security risk on 3 November last year after Czech researchers had published their research describing the security risk in the chips manufactured by Infineon, which are used in Estonian ID-cards. The security risk affected ID-cards, including residence permit cards, e-residency cards, and digital ID, issued between October 2014 and 25 October 2017. The documents and mobile IDs issued earlier were not affected by this security risk.

‘We are glad that most people who use ID-cards electronically renewed their certificates and that the security risk had no effect on using Estonian e-services. Estonian people are used to e-services as well as software updates, which helped to mitigate the risk affecting Estonian ID-cards quickly. However, we must consider that for security reasons, our digital identity might require software updates also in the future,’ said Margit Ratnik, Head of the Identity and Status Bureau of the Police and Border Guard Board.

The majority of un-renewed ID-cards have not been used electronically for a year, i.e. no digital signatures have been given and electronical services have not been used. About 30,000 cards that were not renewed have been used electronically at least once.


  • 1.3 million ID-cards
  • Certificates of 760,000 cards were suspended
  • 494,000 ID-cards were renewed (incl. digital ID, residence permits, e-residency cards)
  • Certificates of nearly 300,000 ID-cards were revoked
  • 520,000 ID-cards were used electronically last year
  • 160,000 users of mobile-ID

More news on the same subject


As of 1 March, it will no longer be possible to access certain public e-services via a bank link

10.02.2021 – From 1 March, it will no longer be possible to log in to the state authentication service via a bank link. This means that the user will not be able to access some public e-services, such as the state portal, by using their bank PIN calculator, password, or biometrics. Online services can still be accessed by using an ID-card, Mobile-ID, or Smart-ID.


The Information System Authority (RIA) and its partners fixed a critical bug in the ID-card browser extension

03.02.2021 – At the end of January, RIA updated the ID-card browser extension (plugin) to fix a critical error discovered by researchers at the University of Tartu. The ID-software (ID-Updater) notifies users when software updates are required. If the software does not yet display an automatic update message, you can download the new version here.