Main content

Concept Citizen Card and mobile phone signature

The citizen card concept , an essential component of ICT security in the area of eGovernment, offers functions for identification and authentication.

Citizen Card Token

The citizen card token is the element that ensures that the user has solitary control when accessing applications. The token can take the form of, for example, a chip on a plastic card such as the e-card. With the mobile phone signature, it can be the Hardware Security Module (HSM), which is kept by the provider of the mobile phone signature in a secured environment in combination with the secret code of the signatory and the SMS-TAN that was sent to the signatory. The token controls the computation of cryptographic functions and access to the data of the mobile phone signature or on the citizen card. The data stored on the citizen card includes the user’s first and last names, date of birth and the keys required for creating signatures. In a separately controlled area, the SourcePIN for deriving sector-specific personal identifiers is present:

  • Cryptographic operations: Various mathematical operations and algorithms are used for creating signatures. 
  • Key pairs for signatures and encryption: In addition to the key pair that is used for creating qualified electronic signatures as per the Electronic Signature Act, an additional key pair is usually stored on card-based citizen card (e.g. of the activated e-card) which can be used for other purposes. Although this key pair is not essential for eGovernment procedures, it can be used for data encryption or for logging in to operating systems.
  • Identity link: The person’s first and last names, date of birth and the SourcePIN are signed by the SourcePIN Register Authority and saved on the citizen card (chip or HSM module). The fact that the data is signed confirms the identity of the user.
Citizen card environment and token
Citizen card environment and token (Components: Secure viewer, PIN Input, Memory, Hash computation and Security Layer)

Since the citizen card environment is built upon open standards, it allows all mobile phones and signature cards that fulfil citizen card specifications and legal requirements to be used as a citizen card. The same thing applies for foreign “citizen cards”. This refers to any foreign electronic identities that are built on the basis of electronic signatures, for example, the Belgian electronic identity card. In order for these kinds of electronic identities to be accepted and used as valid citizen cards in Austrian eGovernment, the owner must apply for an identity link and then store it on the card. The identity link is built on the basis of the person’s entry in the supplementary register. If the person does not already have an entry, he or she must apply for one first. In addition, the signature solution must be recognised as being equivalent to the citizen card as set down in §6, Par. 5 of the E-GovG.

Security Layer

For the implementation of the citizen card concept, a security layer was specified. The security layer is the interface between an application, such as a Web application, and the mobile phone signature or signature card. It offers access to the token’s functions for the purposes of identification, signatures and memory elements. The security layer is embedded in the citizen card environment software as middleware and fulfils the following requirements:

  • Independent of hardware and technology: The type of token which carries out the signature function, whether on a smartcard, USB stick or mobile phone signature on the mobile phone should be irrelevant to the application from the logical view of the functionality.
  • Independent of cryptographic algorithms: Over time, scientific and technological advances lessen the secureness of cryptographic operations. Therefore, these algorithms must be able to be replaced without impacting the application.

Displaying Documents and the Formats Used

An essential component of any signature solution is the ability to display the message to be signed in a way that can be trusted by the user. It must ensure that the message to be signed does not contain any hidden content or any dynamic elements which could later change the content. This guarantees that the content to be signed (texts, forms, documents, etc.) can always be processed and displayed in the same way by the recipient who is verifying the signature. For this reason, a uniform standard for the display format was developed to ensure that different implementations of the citizen card software are able to do this. The specifications for the display format are based on international standards for displaying Websites, XHTML 1.1 and CSS 2.