Print

Updates for ID-card Security Risk in November 2017 and the Effects on e-Service Providers

13.10.2017

The State Information System Authority has announced that due to the possible security vulnerability related to ID-cards, the electronic part of 750 000 ID-cards, residence permit cards and digi-IDs will be renewed from November. Renewed ID-card certificates will be based on elliptic curve cryptography.
 
Renewing the electronic components of the documents might impact information systems and applications where authentication, electronic signing and/or encrypting-decrypting with ID-cards, digi-IDs, residence permit cards and e-resident’s digi-IDs is possible.
More information: id.ee
 
The following limitations are related to the renewed ID-cards:
  • unable to sign files in DDOC format. Information systems where signing in DDOC format is allowed should upgrade to the new ASICE format;
  • encryption to renewed certificate is not possible at first, necessary support will be developed later;
  • cards can be used only with the new version of ID-software which will be released at the end of October.
 
To make sure your e-services will be accessible for users with renewed documents, we ask the e-service providers and owners of information systems to test and improve your services, if necessary.
You can order renewed test cards from SK’s web