eID Easy – a solution for eID developers

eID Easy is a solution provider in the field of Qualified Electronic Signatures (QES) and electronic identity in Estonia and in other countries. This includes everything related to eIDAS with national eID cards, mobile cryptographic solutions (Mobile-ID, Smart-ID) and e-Seal practical usage.

Developers find that with eID Easy it’s extremely simple to add eID support to websites allowing them to provide much better value to their customers. OAuth 2.0 protocol can be used for user identification similarly to Facebook and Google logins. There are plugins and modules, so allowing users to login with an ID card takes only minutes or a few hours. More powerful use case is integrating user login over the API directly into the website to get exactly the user experience needed. All this without complex certificate and server setups nor constant certificate maintenance and upgrades.

While user identification is relatively easy then creating digital signatures is much more complex requiring quite deep cryptographic knowledge. eIDAS specifies a lot of different variations of accepted electronic signature formats. Software needs to prepare signature containers, combine data that needs to be signed in right way, create digests, have digests signed, verify all related certificates and cryptographic signatures considering if it is RSA or Elliptic Curve based signature, is the signature in raw format or ASN.1 encoding and so on. Programmers need to understand a lot of keywords: PKCS, XAdES, CAdES, PAdES, ASIC-E, ASIC-S, HSM, OCSP, Baseline-LT and more. Also framework support is quite limited in all web programming languages besides Java.

Digital signing with eID Easy SaaS service is as easy as preparing Word documents with blanks to create digitally signable HTML forms. Forms can be shared online and users can fill the form to sign it directly in the browser using their ID card, Mobile-ID or other secure method. For more flexibility the developer can send pre-prepared PDF which will be displayed to the user before signing. For even more demanding use cases it is possible to use only REST API-s and build exactly the UX that is required. If the documents are really sensitive then it is possible to sign them without eID Easy ever seeing the documents themselves and using only hash-es of the actual files. In the private sector digital signing in websites is very often used for accepting different applications and signing service agreements. For example sports club membership applications, kindergarten applications, rental agreements, loan applications or loan extensions, water/utility contracts and so on. If the signed documents volume is high then it makes sense to add a company side signature using e-Seal, otherwise local representatives can sign on the behalf of the company using their personal eID tokens.

Companies can use SaaS services, get custom solutions to host on premises or guidance to get their own engineers up to speed and using best practices.

More info and help regarding eIDAS level qualified electronic signatures and user eID identification from https://eideasy.com.

PS: If you also have a eID-related solution and you think it would be good to share the information with potential developers, please contact us via help@ria.ee.