Applications of electronic identity
Electronic identity can be used:
Electronic personal identification is mainly suitable for providing web services in the public as well as the private sector, but also in other fields, e.g. in mobile devices.
Electronic personal identification with certificates is a standard function in many software packages. ID-card based identification is, among others, supported by the most common web browsers (Firefox, Google Chrome, Microsoft Edge) and web servers (IIS, Apache).
Information about the operations necessary for implementing authentication is available in the environment id.ee ».
ID-cards and mobile-ID can be used for authentication to access most e-services of the public and private sector.
The aim of data encryption is to render information illegible for strangers.
Encryption with an ID-card is meant for secure transfer, but not for long-term storage of information.
An encryption algorithm is used for encryption. It is a mathematical formula that encrypts information. In the case of asymmetric encryption used with Estonia’s ID-card, one key is used for encryption and another for decryption, one of which is a public key and the other a secret key in the sole possession of its user.
For decryption with an ID-card (i.e. for opening and reading an encrypted file), a secret key that corresponds to the public key in the authentication certificate and is located on the user’s ID-card must be used. If a user loses his/her ID-card, it is no longer possible to decrypt the information. It is also not possible to decrypt information that was encrypted with an earlier certificate after the user has renewed his/her ID-card’s certificates. Upon the issuing of new certificates, a new public and secret key are also generated.
More information about encryption is available in the environment id.ee ».
According to Estonia’s and EU’s (eIDAS) legislation, Estonia’s digital signature carries equal weight with a handwritten signature.
Digital signature is a universal technology that all organisations in Estonia should be able to use, accept, and forward.
In Estonia, two main acts regulate ID-card related areas. Identity Documents Act » describes the functions of the ID-card as Estonia’s primary national identity document and establishes an identity document requirement for the residents of Estonia. Electronic Identification and Trust Services for Electronic Transactions Act » describes the trust services necessary for e-identification and e-transactions.
More information about adding the functions of digital signing or digital signature verification to your system is available in the environment id.ee ».
What’s contained in a certificate?
Upon the issuing of an ID-card, the user receives two certificates, one of which is related to digital signatures and the other with authentication and encryption. A certificate connects a person with his/her public and secret key. A certificate contains personal information, including a person’s name and personal identity code and a unique key for public use. The certificate allows to verify digital signatures. If there is a mathematical match between a certificate and a signature, then it is certain that the person written in the certificate has provided the signature.
After providing a signature, the validity of certificates must be checked. To do that, the programme that was used for the provision of the signature automatically connects with the server of the certification centre SK ID Solutions (SK) and checks the validity of the certificate. If the certificate is valid, then the SK server issues a special certificate of confirmation that is added to the signature.