ID-card

All electronic services used with the ID-card are also accessible to the users of the digital ID, residence permit card, diplomatic card, and e-resident digital ID, and any instructions applicable to the ID-card also apply to them.

Last updated articles

Services

Development of encryption solutions

In the world of ID card, encryption means that one or more files requiring encryption are merged into one file with .cdoc extension, which can only be opened by the specified recipients with an ID’cards authentication certificate.

Using ID-cards for logging in to Windows (Windows 7, 8.1, 10, Windows Server 2012 / 2016 / 2019)

Instructions for configuring Windows domain for authentication of users with ID-cards, digi-IDs and other digital eID documents

What is the difference between digitally signed documents with .bdoc and .asice extensions?

In Estonia, the BDOC format and its two subformats are used for digital signatures, which can be recognised by .bdoc and .asice file extensions.

Recommended data file formats for digital signing

Nowadays, nearly all file formats are suitable for digital signing. There are no restrictions on digitally signed documents exchanged between information systems, but if a signed document is sent to an end-user, the most common and standard file formats should be preferred.

BDOC, CDOC and ASICE DigiDoc file formats

An overview of DigiDoc container formats supported by different versions and components of the ID-software can be found on the DigiDoc container format life cycle page. There is also a sample file for each format.

Cryptographic algorithms life cycle reports

Cryptographic algorithms life cycle reports ordered by the Information System Authority

Verifying signatures given with test certificates in the DigiDoc4 client

In order to verify signatures given with test certificates in the DigiDoc4 client, you need to configure the test certificates manually. Otherwise the signature validation check will return the status “Unknown”.

Implementation of TLS 1.3 standard in web servers

Implementation of the TLS 1.3 standard (published in August 2018) in a web server may require changes in the authentication solution.

DigiDoc libraries: overview

DigiDoc libraries can be used to create DigiDoc-compatible applications. An overview of DigiDoc libraries and file formats supported therein.

Digital stamping

Digital stamping means digital signing with an e-Stamp designed for legal persons. The service is offered by SK ID Solutions AS. There are two methods of digital stamping: stamping individual documents with DigiDoc4 and mass stamping with the DigiDoc4j utility program.

Electronic signatures and addressing them in Europe

eIDAS (electronic IDentification, Authentication and trust Services) is the regulation on e-identification and e-transactions effective in the European Union, which is aimed at simplification of the use of cross-border e-services through harmonised standards and operating principles.

Reading personal data files from ID-cards

Information necessary for reading personal data from ID-cards issued since 2018

Informing user of unsuccessful signing

Upon electronic use of an ID-card, setup related errors may occur with the browser. To avoid problems, we recommend doing an automated check-up of the signing plugin in the e-service and display to the user as precisely a formulated error message as possible.

Identification with mobile-IDs and ID-cards

Advantages of electronic identification over regular authentication solutions that use usernames and passwords.

Identification with ID-cards on websites: server configurations, problem solutions, etc.

Authentication success depends on the client platform used. Instructions for configuring web servers (Apache, IIS, NGINX, Ubuntu).

Signing with ID-cards and digi-IDs on websites

Several signing plugins have been developed for different operating systems and browsers: components and sample applications.

Digital signing in web applications

In order to make it easier to add signing support to web applications, we recommend using a JavaScript library with a unified API that allows different plugins to be used in a similar way (independently of the operating system and the browser).

Testing

Verifying signatures given with test certificates in the DigiDoc4 client

In order to verify signatures given with test certificates in the DigiDoc4 client, you need to configure the test certificates manually. Otherwise the signature validation check will return the status “Unknown”.

Service testing: general information

For testing services, it is recommended to order a test ID-card, which are issued by SK ID Solutions AS. Depending on the profile of the organisation’s users, ordering different generation cards should be considered.

Service testing

You should purchase a test ID-card for testing created services and applications. There are test numbers available for the developers of mobile-ID applications. Information and links to test environments.

Overview

eID symbols

Logos and other symbols of electronic identity (eID) can be used free of charge by all providers of e-services. Logos, pictograms, etc. can be found from the eID symbols page on the RIA website.

Digital signature profitability calculator

The digital signature profitability calculator provides an overview of costs related to the digital signing of documents. It was developed by SK ID Solutions in cooperation with MoZg Agentuur.

Digital signatures, i.e. digital signing

Integrating digital signing in your e-service: technical requirements, timestamping service, etc.

Trusted lists

Using certificate Trust Service Status Lists (TSLs) in software libraries

Trust Service Status Lists (TSLs) are used in Libdigidocpp (v3.9 and later) and DigiDoc4j libraries. More information on TSLs can be found in the documentation.

Implementation of TLS 1.3 standard in web servers

Implementation of the TLS 1.3 standard (published in August 2018) in a web server may require changes in the authentication solution.

Installation

Certificates required for verifying digital signatures

In order to verify files that are digitally signed with an ID-card or a mobile-ID and/or digitally stamped, all of the root certificates, certifiers and OCSP-responder certificates used to date must be configured in the information system.

ID-card documentation

Documentation of different generations of ID-cards: applicable standards and technical documents to review before developing ID-card services.

New ID card

New ID-card and its changes

At the end of 2018, the manufacturer of ID-cards changed. Instead of the former manufacturer Gemalto, the Police and Border Guard Board started cooperating with IDEMIA. In relation to this, a number of changes were made to both the card supplied and the related software and services and updated standards were adopted in the course of changing the manufacturer.