Open Web Portal SupportContact
Signhost logoSignhost logo
Log in

What is Electronic Identification?

Electronic identification (eID) is a digital solution for determining, authenticating, and verifying the identities of individuals, organizations, and devices. It involves several technologies and methods to secure online transactions and services.

Elements of electronic identification

  • Identifiers: These include personal attributes (e.g., name and ID number), biometric data (e.g., fingerprints and facial recognition), and digital certificates to establish the entity’s identity.
  • Authentication mechanisms: Authentication ensures that an individual is who they claim to be. Mechanisms include two- and multi-factor authentication (2FA and MFA), biometric authentication, digital and physical tokens, and liveness detection.
  • Trust service providers: Certificate Authorities (CAs) and Qualified Trust Service Providers (QTSPs) are responsible for ensuring the identity’s legitimacy. CAs primarily focus on providing digital certificates, while QTSPs offer a broader range of services, including digital signatures, timestamps, and electronic seals.

eID process

Registration

The first phase is to establish who the entity is. During registration, users provide their identification documents and biometric data to create their identity. The collected information is processed and stored, forming the foundation for the user’s digital profile.

Authentication

The next step is to confirm that the entity is who they claim to be before allowing access to a system or service. This involves checking the user’s data against stored data to ensure they are a match. Authentication requires any of the following user information: 

  • What they know: PIN or password.
  • What they own: Physical or digital tokens, such as OTP-generating apps and security keys.
  • What they are: Fingerprint or facial recognition.

Verification

Identity verification confirms the legitimate existence of the identity. It involves checking the details provided against official records and trusted sources, such as verifying the integrity of a website by confirming that its digital certificate was issued by a trusted CA.

Difference from a digital identity card

  • An eID is an electronic method for users to prove who they are before they can access a service. It does not necessarily imply the use of a physical item, such as a token. Digital ID cards are physical cards embedded with smart chips to verify an individual’s identity and country of citizenship. They can be used as a physical container to share an eID.
  • An eID is versatile and adapts to the different roles a person may fulfill in various contexts, allowing access to a broad range of services. Digital ID cards, in contrast, contain information needed in a particular sector and serve specific purposes, such as travel or accessing government services.
  • It is necessary to manage corresponding data independently in an eID depending on the specific sector and role, while a digital ID card consolidates data for a specific function and does not need to separate information.
  • An eID needs sufficient legal provisions and personal control to ensure data protection, while the authorities retain control over digital ID card usage.

Applications of electronic identification

  • Online banking: To ensure secure access to banking accounts and protect against fraudulent transactions.
  • E-commerce: Authenticating customers to authorize online purchases, preventing fraudulent transactions and account theft.
  • Healthcare: Ensuring secure management of patient records and verification for accessing medical services and prescriptions.
  • E-government services: Providing easy access to government services and benefits and simplifying electronic document submission.
  • Corporate systems: Offering secure access to internal systems and data, and authenticating users for remote work and business transactions.

Electronic identification legislation

The eIDAS Regulation establishes a framework for electronic identification and trust services in the EU. Its updated version, eIDAS 2.0, mandates strict provisions to ensure the security of eIDs and introduces digital identity wallet apps to allow individuals to share, store, and manage their eIDs with ease.

GDPR is another EU regulation that focuses on the protection of personal data within eID systems. It ensures that eID systems collect data for legitimate purposes, process it transparently and fairly, limit it to what is necessary, and keep it accurate and secure.

*Disclaimer: This content does not constitute legal advice. The suitability, enforceability or admissibility of electronic documents will likely depend on many factors such as the country or state where you operate, the country or state where the electronic document will be distributed as well as the type of electronic document involved. Appropriate legal counsel should be consulted to analyze any potential legal implications and questions related to the use of electronic documents.