Updates for ID-card Security Risk in November 2017 and the Effects on e-Service Providers
13.10.2017
The State Information System Authority has announced that due to the possible security vulnerability related to ID-cards, the electronic part of 750 000 ID-cards, residence permit cards and digi-IDs will be renewed from November. Renewed ID-card certificates will be based on elliptic curve cryptography.
Renewing the electronic components of the documents might impact information systems and applications where authentication, electronic signing and/or encrypting-decrypting with ID-cards, digi-IDs, residence permit cards and e-resident’s digi-IDs is possible.
More information: id.ee
The following limitations are related to the renewed ID-cards:
- unable to sign files in DDOC format. Information systems where signing in DDOC format is allowed should upgrade to the new ASICE format;
- encryption to renewed certificate is not possible at first, necessary support will be developed later;
- cards can be used only with the new version of ID-software which will be released at the end of October.
To make sure your e-services will be accessible for users with renewed documents, we ask the e-service providers and owners of information systems to test and improve your services, if necessary.
You can order renewed test cards from SK’s web.