Results of the Remote Signature Survey 2023

As it is by now almost five years ago that the first version of ETSI TS 119 432 (“Protocols for remote digital signature creation”) was published, the experts from ETSI ESI, OASIS DSS-X, Cloud Signature Consortium (CSC) and go.eIDAS have joined forces in order to set up a short survey, which aimed at identifying existing implementations of ETSI TS 119 432 and providing an overview of existing Remote Signature services.

Note, that these services may play a crucial role within the practical implementation of the forthcoming Art. 6a (4) (ec) eIDAS2, which stipulates that the European Digitial Identity Wallet (EUDIW) shall offer the ability to create qualified electronic signatures free of charge for non-professional purposes.

Remote Signature Survey 2023

This survey has been carried out in the last quarter of 2023 and was answered by 30 organisations listed below, among almost all provide Remote Signature services.

The main results of the survey may be summarised as follows:

  • 17 % (5) of the Remote Signature Services are compliant to ETSI TS 119 432 v1.2.1, whereas 13 % (4) have chosen to implement the variant based on the CSC-API and 3 % (1) is based on the OASIS-API.
  • 60 % (18) of the Remote Signature Services provide an API, which is similar to the ETSI-API, whereas 47 % (14) are based on the CSC-API, 7 % (2) are based on the OASIS-API and 7% (2) are based on some other API. Note, that several respondents, which support the CSC-variant, have indicated that they are supporting version 0.4.0 or even 2.0.0.2 of this specification, while ETSI 119 432 v1.2.1 is refering to version 1.0.3.0 of the CSC-API-specification and hence ETSI TS 119 432 may need to be updated accordingly.
  • 3 % (1) of the Remote Signature Service providers plan to support the ETSI-API in the near future and
  • 20 % (6) do not plan to support a standardised API at all.

Remote Signature Survey Result

While almost all participants in the survey prefer to keep pricing information confidential, there were some figures provided: One respondent indicated a price of 120 € per year for qualified electronic signatures and 400 € for advanced electronic seals. Another respondent mentioned a monthly fee of 200 € for accessing the remote signature interface. Yet another respondent mentioned a range from 0 to 0,50 € per advanced electronic signature and 0 to 2,50 € per qualified electronic signature. Sample costs for identification have been provided for 2,50 € with eID, 7,50 € with VideoIdent and 3,50 € with AutoIdent. Only one respondent shared a price list for remote signature services, which is based on transaction fees and a minimum number of transactions, but this pricing is only valid in selected EU Member States.

We thank the following organisations for participating in the survey:

The triple is completed: The German ID card can now be used in Nextcloud, WordPress and TYPO3 for strong authentication free of charge!

The strong authentication by means of the German ID card for all TYPO3 applications completes the triple of eID logins for Nextcloud, WordPress and TYPO3 realised by ecsec GmbH on behalf of the Federal Office for Information Security (BSI). In the last few weeks, three eID Login Services for web applications that are particularly popular have been developed and published under an Open Source license. In connection with the SkIDentity service, the German eID card can now be used free of charge in all these web applications for strong authentication.

Underline: The German ID card can now be used in Nextcloud, WordPress and TYPO3 for strong authentication free of charge!

Strong Authentication with German eID Card reaches public

The German eID Card (“Personalausweis”) with online ID function, which has been notified at the highest possible level of assurance (“high”) in accordance with the eIDAS-Regulation, can be used by all citizens for electronic identification (eID) and for strong pseudonymous authentication on the Internet. Until now, this has been used in a range of special applications mostly in the government sector. With the eID Login Services developed by ecsec GmbH on behalf of the BSI, it is now possible to use the German eID Card with online ID function in the popular web applications Nextcloud, WordPress und TYPO3 for strong authentication.

The early and consequent consideration of relevant security aspects according to the „Security by Design“ principle and the publication of the “eID-Login” extensions as Open Source ensure that a very high level of trustworthiness is achieved

„eID-Login“ App for Nextcloud

Nextcloud offers the industry-leading Open Source Cloud Solution for on-premises data processing and communication. The platform combines universal data access via mobile and desktop web interfaces with innovative, secure communication and collaboration functions such as document processing in real time, chat and video calls – and all of this under the direct control of IT and can be integrated into existing infrastructures. With its easy and fast deployment, modular architecture and focus on security and efficient collaboration, Nextcloud enables modern companies to optimize their existing file storage facilities inside and outside the boundaries of their company. Based on the “eID-Login” App for Nextcloud developed by ecsec GmbH on behalf of the BSI, it is now possible to use the German ID card with online ID function in this popular cloud solution for strong authentication. “It is great to see Nextcloud as the first mainstream platform with support for the German eID Card for strong authentication and identification,” adds Frank Karlitschek, founder and managing director of Nextcloud GmbH. “We look forward to many users of this innovative authentication technology.”

„eID-Login“ Plugin for WordPress

WordPress was originally a software for weblogs and has now developed into a full-fledged Content Management System (CMS) based on PHP and MySQL for creating and maintaining websites. A large percentage of all German websites are implemented on the basis of the freely available and market-leading WordPress Content Management System (CMS). Against this background, ecsec GmbH developed on behalf of the BSI an „eID-Login“ Plugin for WordPress, with which the German eID card with online ID can now be used for strong authentication. “This means that the electronic identity can be activated and used immediately in around 40% of all German websites,” explains Dr. Detlef Hühnlein Managing Director of ecsec GmbH.

„eID-Login“ Extension for TYPO3

TYPO3 is a free and flexible Open Source Content Management System that is very well suited for professional website creation. About half of the German DAX companies and about a quarter of all German cities have set up their websites with TYPO3. In order to use the German ID card for strong authentication of frontend users in TYPO3, ecsec GmbH has developed an “eID-Login” extension for TYPO3 on behalf of the BSI. “It is great that the German eID card with online ID function can now also be used in TYPO3 for strong authentication”, adds Tina Hühnlein Managing Director of ecsec GmbH.

Cooperation between BSI and ecsec GmbH enables free https://eID.Services

So that the German eID Card can be used immediately and free of charge for strong authentication in Nextcloud, WordPress and TYPO3 the SkIDentity service, which has won multiple international awards, is also provided for strong authentication free of charge as part of the joint project. In addition to the free authentication service, the eID experts at ecsec GmbH also offer additional support services for hosting providers and application developers (see https://eID.Services) so that the “eID-Login” functionality can easily be integrated and used in other Open Source applications as well.

 

Deploy with GAIA-X – Towards Digital Sovereignty at a push of a button

Digital sovereignty describes the ability to shape the digital transformation in a self-determined manner with regard to hardware, software, services, and skills. Common standards, modular architectures and the use of Open Source in the public sector are considered to be central pillars for digital sovereignty and interoperability and GAIA-X is expected to provide a major contribution for the practical implementation of digital sovereignty in Europe.

Against this background leading European cloud experts from Cloud & Heat, Charité / deNBI, D3TN, ecsec, IONOS, publicplan, Red Hat / IBM, Scheer and Trusted Cloud have joined forces to demonstrate the feasibility of deploying composite Open Source applications, such as Nextcloud with the recently presented eID-Login App, via the orchestrator engine Krake to suitable cloud environments as determined by matching user requirements with provider Self-Description files. The application of eIDAS-compliant identity management services provided by SkIDentity ensure the required high level of trust, legal compliance and easy application across Europe.

The presented “Deploy with GAIA-X” prototype will be the starting point for the implementation of the German public code repository “Ort für öffentlichen Code”, which is envisioned to foster digital sovereignty in all levels of the German public sector – from the local government level via the federal states to the federal level.