Certificates and their security

The certificates tied to your digital means of identification (such as the ID-card, digital ID, mobile-ID, Smart-ID) represent you in the electronic world. Therefore, it’s very important that your certificates are always protected.

By default, the term of validity of the certificates is the same as the term of the means of identification to which they are tied. However, it may happen that you have to replace your certificates with newer ones for security considerations. DigiDoc4 Client will notify you of this. You can always read about major security updates on the id.ee website and in mass media.

Two certificates are tied to your ID-card: the personal identification certificate (which requires the use of PIN1) and the signing certificate (which requires the use of PIN2).

PINs made the use of the certificates secure. Even if your document ends up in the wrong hands (e.g. your ID-card was in a wallet that was stolen/lost), it will be impossible to use it in e-services, perform transactions or give signatures without the PINs. You need access to the PUK code in order to create new PINs.

Your electronic identity is protected for as long as a criminal doesn’t have your digital document and your PIN and/or PUK codes!

  • Certificates: suspending ID-card certificates

    Show Hide

    If your ID-card, mobile-ID, etc. is lost or stolen, you should immediately suspend the certificates related thereto in order to be protected from identity theft.

    You can suspend the certificates of ID-cards and other digital documents via telephone:

    • by calling +372 677 3377.

    NB! You will be asked to provide your name and personal identification code.

    In order to reactivate suspended certificates you need to go to a Police and Border Guard Board service point: certificates cannot be reactivated by phone.

    If you are certain that your ID-card is indeed stolen, you should notify the police and have your ID-card and related certificates declared invalid.

    Did you know that in the case of theft you should also suspend the certificates related to your mobile smart device?

  • Certificates: suspending mobile-ID certificates

    Show Hide

    If your mobile phone is lost or stolen, call your mobile operator helpline as soon as possible and suspend the mobile-ID certificates or close the mobile-ID service.

    It is not possible to access e-services, give digital signatures or perform any other activities in the electronic environment with suspended certificates.

    A respective letter will be sent to your @eesti.ee address, notifying you of the suspension of mobile-ID certificates.

    Continuing the use of mobile-ID after a status change of certificates

    If you had your mobile-ID certificates suspended at your own request (e.g. mobile phone was lost, but you found it again), it is possible to continue using the existing mobile-ID SIM card. To reactivate the certificates, you must visit your mobile operator’s service point with your identity document.

    If your phone remained missing and you ordered a new mobile-ID SIM card, you must cancel the old mobile-ID certificates before you can activate the new mobile-ID service.


Never disclose your PIN and PUK codes to anyone!

  • You can change the PINs yourself with DigiDoc4 Client: select PINs that are easy to remember (but are difficult for strangers to guess). This way, you don’t have to write your codes down.
  • If you have written your PIN and PUK codes down, do not keep them anywhere near your ID-card! For example, unsafe places to keep them are your wallet, phone notes, desk, computer screen, etc.
  • Do not share your PIN and PUK codes with others!