eID

eID -- Electronic Identity Cards

An electronic identity card (eIDeIDIdentityNational ID with embedded chip.Click to view →) is a national identity document embedded with a smart card chip that enables both physical identification (through printed personal data and a photograph) and digital authentication (through on-chip cryptographic operations). eID cards are issued by governments to provide citizens with a secure means of proving identity online, signing documents digitally, and accessing e-government services.

Architecture and Data Model

An eID card typically contains a dual-interface module supporting both ISO 7816 contact and ISO 14443 contactless interfaces. The chip stores the cardholder's personal data (name, date of birth, nationality, photo) in a standardized file structure, along with X.509 certificates for authentication and digital signing. Two key pairs are commonly provisioned: one for online authentication (proving identity to a web service) and one for qualified electronic signatures (legally equivalent to a handwritten signature under EU eIDAS regulation).

Access Control Protocols

To protect sensitive data on the chip, eID implementations use layered access control. PACE establishes an encrypted channel using the CAN printed on the card or a user-entered PIN. Terminal Authentication verifies that the reader terminal is authorized (via a CVC certificate chain) to access specific data groups. Chip Authentication proves that the chip is genuine (not cloned) using an on-chip ECC key pair. These protocols, defined in BSI TR-03110, provide mutual authentication between the card and terminal before any personal data is released.

Global Deployments

Germany's nPA (neuer Personalausweis), Estonia's ID-kaart, and Belgium's eID are prominent implementations. Estonia's system is particularly notable: over 98% of citizens hold an eID card used for voting, tax filing, prescription retrieval, and business registration. The EU's eIDAS regulation enables cross-border recognition of eID schemes, allowing a German eID holder to authenticate with a French government service. Cards are personalized at certified bureaus with laser engraving for tamper-evident visual personalization and electrical personalization for chip data loading.