Bavarian Innovation Award 2016 for SkIDentity as start of digitalization initiative “BayernID”

After numerous international awards last year and the successful completion of relevant certification procedures, ecsec GmbH was distinguished last night for “SkIDentity – Mobile eID as a Service” with the renowned Bavarian Innovation Award 2016. The award, which was handed over by the Bavarian Minister of Economic Affairs, Ilse Aigner, together with the President of the Bavarian Chamber of Industry and Commerce, Dr. Eberhard Sasse, and the President of the Bavarian Chamber of Crafts, Georg Schlagbauer, marks the start of the “BayernID” initiative – the digitization campaign of the Bavarian economy based on trustworthy identities.

Bavarian Innovation Award 2016 for “SkIDentity – Mobile eID as a Service”

Bavaria’s Minister of Economic Affairs, Ilse Aigner, together with the President of the Bavarian Chamber of Commerce and Industry, Dr. Eberhard Sasse, and the President of the Bavarian Chamber of Crafts Georg Schlagbauer, yesterday awarded the Bavarian Innovation Award 2016, in a solemn setting in the dignified hall of the German Museum in Munich. Among a total of 187 nominated companies, ecsec GmbH has been awarded for its “SkIDentity – Mobile eID as a Service” offering. “I congratulate the company ecsec GmbH on the award of the Bavarian Innovation Award 2016. By transforming electronic identity documents eID into secure and mobile ‘Cloud Identities’, which can easily be used in any cloud and web application for privacy friendly authentication, ecsec has made an important contribution to a secure and user-friendly networked world. It is also an essential prerequisite for a successful digitalization of the economy and society”, commented Ilse Aigner, Bavaria’s Minister of Economic Affairs.

Secure electronic identities for successful digitalization of the economy

The “Cyber Security Strategy for Germany 2016“, recently presented by the Federal Minister of the Interior, foresees the provision and use of secure electronic identities as an important basis for the sustained successful digitalization of the economy: “The electronic identification documents with online identification function are a key element with which the Federal German Government already provides a highly secure and privacy friendly identification option for the internet. The goal is to establish the online identity function, and the secure identities derived from it, as a standard identification tool for sensitive services, and to promote comparable secure solutions in the economy as well.”

The distinguished SkIDentity Service supports, among other identification means the German electronic identity card (Personalausweis), the Austrian social security card (e-card), the Estonian identity card and e-Residency ID, as well as various signature and banking cards for the secure implementation of electronic business processes. The certificate for the SkIDentity Service according to the “Trusted Cloud Data Protection Profile for Cloud Services” (TCDP) with the highest protection class III issued by the certification body of TÜV Informationstechnik GmbH (TÜViT) and the certification of the “Secure Cloud Infrastructure (SkIDentity)” according to ISO 27001 based on IT-Baseline Protection by the Federal Office for Information Security (BSI-IGZ-250), proof that even the highest standards with respect to privacy and data security are fulfilled within the SkIDentity Service.

„BayernID“ – the integrated digitalization initiative for the Bavarian economy

Theelectronic ID card has been successfully used in Bavaria for the digitization of administrative processes for quite some time now. Since 1st of July 2016, the eIDAS-regulation on electronic identification and trust services for electronic transactions in the European Single Market has been fully applicable. In addition, the Free State of Bavaria promotes the secure digitalization of business processes in small and medium-sized Bavarian companies with the “Digitalbonus.Bayern” program.

Against this background, leading Bavarian technology providers, consulting companies and digitalization experts from selected chambers of industry and commerce have joined forces in order to create the “BayernID” package (http://BayernID.de), which is an integrated service package for the intelligent digitalization of business processes in Bavarian companies. This package includes expert and non-committal advice on general digitalization measures and aspects of IT security, demonstrates the opportunities inherent in the eIDAS regulation and provides trusted identities, as well as other cloud and trust services, at preferential terms. In addition to ecsec GmbH, which has been awarded with the “Bavarian Innovation Award 2016”, the “BayernID” initiative is supported by the internationally leading technology group Giesecke & Devrient GmbH, the Fraunhofer Institute for Industrial Engineering (IAO), SiXFORM GmbH, Urospace GmbH, the buergerservice.org association, which is especially active in Bavaria to promote the use of the German eID card, the IT-Cluster association for Upper Franconia, the Institute of Information Systems at Hof University, the Munich-based provider of the iDGARD-Service Uniscon GmbH as well as the chambers for industry and commerce for Würzburg-Schweinfurt and Bayreuth. Furthermore the initiative is open for further partners who want to contribute to the digitalization of the Bavarian economy.

The “Video Ident Service” from Giesecke & Devrient, which can be used to open a bank account, activate a prepaid SIM card, or identify an insured person in the health care system without a card reader, is a component of “BayernID”. In the same way, the check of the driving license, which is necessary for car-sharing systems, can now be carried out online. “We are pleased to be able to contribute to the successful digitalization of the Bavarian economy with our user-friendly security technologies within the ‘BayernID’ initiative,” commented Frank Nordmann, responsible for Public Sector at Giesecke & Devrient. “The verification of the identity and the associated document is optionally carried out in the browser or even mobile in a smartphone app, whereby an electronic check of the various security features integrated into the identification document and a matching of the user information always takes place.”

The Munich-based non-profit association buergerservice.org e.V. supports the “BayernID” initiative with the SID-Box (Secure Identity-Box) developed by the association. With the aid of the SID-Box, a citizen terminal (digital service point) can be produced with the least effort, for the direct use of the online ID function of the German eID. Companies, institutions and authorities are thus in a position to provide access to the German eID card to all persons in their environment (employees, customers, members, etc.) in a very simple way. The first digital service points are currently being set up in co-operation between municipalities, chambers of industry and commerce and the buergerservice.org association in the city of Ansbach and in the district of Würzburg.

SkIDentity certified by BSI according to ISO 27001 and by TÜViT according to Trusted Cloud Privacy Profile

ecsec GmbH today has received the certificate according to the “Trusted Cloud Privacy Profile for Cloud Services” (TCDP), issued by the certification body of TÜV Informationstechnik GmbH (TÜViT), for the highest protection class III. Furthermore the Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI) has certified the “Secure Cloud Infrastructure (SkIDentity)” in accordance with ISO 27001 based on IT Baseline Protection (BSI-IGZ-250).

Privacy and data security as foundation for successful digital transformation

At today’s closing ceremony of the pilot project “Data Protection Certification for Cloud Services” not only the remarkable project results including the catalogue of evaluation criteria based on ISO/IEC 27002 and ISO/IEC 27018 were presented, but also the certificate for SkIDentity according to the “Trusted Cloud Privacy Profile for Cloud Services” issued by the certification body of TÜV Informationstechnik GmbH (TÜViT) has awarded to ecsec GmbH. As it has been demonstrated within the evaluation and certification procedure, the SkIDentity Service fulfils the demanding requirements for the highest protection class III and hence it may be used for processing particularly sensitive data in a legally compliant manner.

SkIDentity technology is now not only distinguished, but also certified

The multiple award-winning¹ SkIDentity Service (https://skidentity.com) was developed in the scope of the “Trusted Cloud” initiative supported by the German government. Using SkIDentity, electronic identity documents (eID), such as the German electronic identity card “Personalausweis”, can be easily used in cloud and web applications. SkIDentity in particular allows to derive cryptographically protected “Cloud Identities” from any eID document, which can be transmitted to any smartphone and used there for the strong pseudonymous authentication or a self-determined identity proofing in the cloud. Thanks to SkIDentity, no passwords need to be stored in web applications and therefore there is no risk that they could be stolen or misused.

As shown in the certificate (BSI-IGZ-250) issued by the Federal Office for Information Security, the scope of the security assessment and certification according to ISO 27001 based on IT Baseline Protection did not only comprise the identity management service of SkIDentity, but the full blown “Secure Cloud Infrastructure (SkIDentity)”, which can be used for highly reliable operation of other cloud and web applications. “The processing of sensitive data in cloud services requires high security standards. A transparent proof of the correct implementation of an appropriate security concept can only be provided within an independent certification procedure,” adds Bernd Kowalski, Head of Department in the Federal Office for Information Security. “Within the certification of SkIDentity it was shown that even the demanding requirements associated with the use of the German electronic identity card in cloud services, can be proved to be satisfied via an ISO 27001 certification based on IT Baseline Protection.”

¹ See https://www.skidentity.com/en/awards/ .

SkIDentity uses certified Open eCard App

[Michelau, January 12th 2016] SkIDentity uses the new version of the Open eCard App, which has recently be certified by the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI) according to its technical guideline BSI TR-03124 (eID-Client). The certificate, which has been awarded the very first time to an Open Source component and without any failures in the conformity report, is valid until December 8th 2020 and enables the trustworthy use of electronic identity (eID) cards and other smart cards in SkIDentity with Linux, Mac OS and Windows.

Platform-independent and lightweight eID-Client for SkIDentity

Thanks to the constructive cooperation of industrial and academic experts within the Open eCard project, a lightweight and platform-independent Open Source implementation of the “eCard-API-Framework” according to BSI TR-03112 was created, which supports various smart cards for electronic identity, health, signatures and banking from Germany, Austria, Estonia and Belgium for example. Based on this framework a user-friendly eID-Client according to BSI TR-03124 – also known as the “Open eCard App” – was created, which now has been certified by the BSI. Because of the modular architecture based on the international standard ISO/IEC 24727, the Open eCard App can easily be extended and smoothly integrated into modern web applications such as SkIDentity.

With continuous improvement and strict Quality Management to the BSI TR-03124 certificate without conformity failures

To ensure the conformity to the relevant technical specifications of the BSI and a high level of quality, the Bavarian State Ministry of Finance started the certification process according to BSI TR-03124 for the Open eCard App in 2014. Thanks to continuous improvement and a strict Quality Management system based on international standards such as ISO/IEC 9001 and ISO/IEC 90003 and utilizing the Open Source eID-Client-Testbed of the BSI, the current version 1.2 of the Open eCard App now has been formally certified by the BSI. Note, that it is the first time ever that an Open Source eID-Client received a certificate according to
BSI TR-03124. „We are particularly proud of the fact, that the test report shows that there are no conformity failures, „Open eCard Project Maintainer“ Tobias Wich complements. „On the one hand this underlines the high quality of the Open eCard software and on the other hand it creates further trust and confidence for the German eID card and similar smart cards.“

„As shown by the example of ‚SkIDentity‘, the secure, extensible and user-friendly Open eCard App has already several times formed the basis of distinguished and awarded systems solutions“, replenished Dr. Detlef Hühnlein, CEO of ecsec GmbH and head of the SkIDentity project. „We are delighted, that a first result of our work now is not only awarded, but also certified.“