Important legal notices
 
Contact   |   Who 's Who   |   Search on EUROPA   
Back to IDABC home page Back to IDABC home page
The Programme 
Projects 
Your Europe 
eProcurement 
Interoperability 
eSignature 
Resources 
IDABC Events  
Public consultations  
Search
 
 
  Registration   |   Call for Tenders   |   FAQ   |     Site Map  
 
 
See printer friendly version Print

eID in action: Estonia
In terms of coverage of the population, Europe’s most developed electronic ID card scheme is found in Estonia. By the end of May 2005 around 765,000 cards had been issued. In addition, 158,000 eID cards had been issued to foreigners. Estonia is one of Europe’s smaller countries with 1.37 million inhabitants and it is in this context that achieving widespread coverage has been possible. Estonia is also distinguished by good ICT infrastructure and the Internet is accessible from 99 percent of the territory.


The Estonian Parliament took the decision to introduce an eID card in 2000, and the first cards were issued in January 2002. 130,000 were issued in the first year. The Identity Documents Act regulates the scheme and cards are mandatory.

The cards are issued in standard form and there are no optional features that holders can choose to have or not have. However, if citizens wish to suspend the electronic functions of their cards, they have the right to suspend the validity of their certificates. This also removes the holder’s data from the public certificate directory – unique personal ID numbers are public information in Estonia.

The front of the card contains:

  • Holder’s signature and photo
  • Holder’s name
  • Personal code (national ID code)
  • Date of birth
  • Gender
  • Citizenship status
  • Card number
  • Card validity expiry date

The reverse of the card contains:

  • Holder’s place of birth
  • Card issuing date
  • Residence permit details (if applicable)
  • Card and holder data in machine readable format (except for the photo and signature)

This information is not duplicated on the card chip, which contains two certificates and their associated private keys protected by PIN codes. The certificates contain only the holder’s name and personal (national ID) code. The certificates are designed for authentication and for signing documents.

An interesting feature of the Estonian eID is that the authentication certificate also contains a unique email address allocated to the holder. This takes the format firstname.lastname_NNNN@eesti.ee, where NNNN represents four random numbers. This address is intended as a lifetime address. It is not associated with a real email service but is rather a relay address forwarding mails to the holder’s ‘real’ address. The holder can update his or her ‘real’ address details whenever necessary.

The email address is intended for government communications but can also be used privately or for dealings with companies. The addresses are publicly available through Estonia’s National Registry of Certification Service Providers’ certificate directory.
Estonian eID card
Estonian eID card


At the heart of the system is AS Sertifi tseerimiskeskus (SK – ‘certificate centre’), which maintains the electronic infrastructure necessary for issuing and using the card. Two major Estonian banks, Hansapank and Eesti Ühispank, in partnership with telecom companies Eesti Telefon and EMT, established SK, and it is at branches of the two banks that citizens can collect their cards. However, when requesting a card, the citizen applies to the Estonian Citizenship and Migration Board, which administers the scheme.

The Estonian electronic signature strategy does not limit the use of digital authentication. It can be used in any sector without restrictions. In can also be used for accessing healthcare and thus no separate health card is required in Estonia – only the ID card is needed when visiting a medical institution.

The basic software components used for authentication are publicly available to all developers. Any organisation can therefore build applications and business processes based on the eID card as the central identification device. This approach has resulted in widespread adoption of the functionalities of the ID card: for example in banking authorisation and online transactions, contracts, tax declarations, WIFI authentication, accessing personal data held in government databases, and even control of physical access points (opening doors).

Estonia is therefore coming ever closer to becoming an ‘online state’, where the key to transactions is identification of the person, with permissions granted via online request. The government foresees streamlining official documentation still further: the Estonian police board is developing a system that enables verification of the status of drivers in connection with the authentication functionalities of the card. The system needs to be fully tested and accommodated by Estonian legislation, but once this is done there will be no need for a separate driver’s license.

This all-encompassing approach has been made possible, says Agu Leinfeld, Head of the IT Department at the Estonian Citizenship and Migration Board, by an approach that concentrates on identifying and authenticating persons, and developing a system that enables these basic functionalities to be used in a wide variety of contexts. The usage of the eID card is therefore not limited by the constraints of service based functionalities.

Further information:
www.id.ee


Article published in Synergy 03 - July 2005