Secure Identification - eID Procedures at a Glance

Secure identification procedures are indispensable for successful business in the digital world – and continue to be in the analogue world as well. Whether opening an account, car sharing or applying for subsidies digitally, fast customer onboarding and secure “Know Your Customer” (KYC) processes can be realised for banks, health insurance companies, telecommunication companies and also for the public sector with the online ID function (eID) of the ID card.

Countless business and administrative processes require verification that a person is who they say they are. The German ID card, the electronic residence permit and the EU citizen card have an electronic identification option with the online ID function. Thanks to the high level of security, this can be used quickly in all legal contexts without additional certification.

Highly Secure Identification Procedures with Online ID Function

With the integration of eID-based procedures, service providers offer their customers an end-to-end digital, fast and thus convenient identification option – without compromising on security.

The online ID card offers two basic applications:

Identification of a natural person on the Internet at a high trust level
Electronic reading of ID card data at the point of sale (POS)

Integrating eID Securely into your own services

Companies and public authorities have various options for integrating the online ID function into their own services:

Using an identification service provider:

With this option, the service is provided by an identification service provider such as D-Trust. This provider handles the process of identifying customers as well as the necessary communication with the infrastructure of the online ID card. You yourself do not need an authorisation certificate to use the provider’s services.

Becoming a service provider yourself:

You can also connect your services directly to the infrastructure of the online ID card and use an eID service or operate an eID server yourself. To do this, you must become a service provider yourself and have an authorisation certificate issued to you.

Comparison of D-Trust Identification Solutions

D-Trust offers both integration options of the online ID card as “Software as a Service” (SaaS):

AusweisIDent is an identification service for companies and public authorities jointly developed by D-Trust and Governikus that enables simplified integration and organisational onboarding. AusweisIDent is available in two versions: online and on-site.

AusweisIDent Online provides electronic proof of identity for third parties. In other words, AusweisIDent handles the process of identifying and authenticaing customers on the Internet for the service provider – fully online, without media disruptions, scalable and inexpensive. As a service provider, you do not need an authorisation certificate yourself.

AusweisIDent On-Site enables the electronic reading of data from the ID card at the point of sale (POS) in your branch office. Existing identification processes are thus accelerated, and errors in the manual transfer of data are avoided.

D-Trust eID-Service also enables you to identify your end customers on the Internet, read out ID data in the office and provide identification on the Internet as a service for third parties. The difference from AusweisIDent is that you need to become a service provider yourself and have an authorisation certificate for your application. The advantage of having your own authorisation certificate is that the end user will see your organisation’s name during the identification process. If you use an identification service provider, the name of the service provider will be displayed in the certificate.

	AusweisIDent Online	AusweisIDent On-Site	D-Trust eID Service
Application Scenarios	Identifying your customers over the Internet	Readout of ID card data at the POS	Identification over the Internet or readout of ID card data at the POS or identification for third parties
Authorisation certificate necessary	No	No	Yes (per application scenario)
Pricing model	Transaction-based; four different models (S, M, L, XL) able to be selected depending on the volume of transactions and changed as required	Transaction-based; four different models (S, M, L, XL) able to be selected depending on the volume of transactions and changed as required	Package-based: Packages of 100,000 transactions plus price for the authorisation certificate
Integration	OpenID Connect web interface	OpenID Connect web interface	Either SAML or SOAP interface
Option of pseudonymous login (username and password replaced by eID)	Yes	No	Yes, for (online) service providers
eIDAS option (identification based on notified eID means of other EU States)	Yes	No	Yes, for (online) service providers
Identification service provider option (identification as a service for third parties)	No	No	Yes

eIDAS – Europe-Wide Electronic Identification

Using Ident procedures based on the online ID function, the digital identity of customers is confirmed at the highest level of trust. The online ID function, or the German eID system, has been notified in accordance with the eIDAS Regulation. The Regulation provides for the mutual recognition of Member States’ national electronic means of identification. For this purpose, the Member States can notify the EU Commission of their electronic means of identification. The notification of the online ID function allows it to be used for electronic proof of identity across borders.