Companies implement eIDAS prototype in Germany

The French Agence nationale de la sécurité of systems dinformation (ANSSI) and the German Federal Office for Information Security (BSI) have jointly developed the smart card specification. Given these developments, the BSI commissioned the POSeIDAS project to three companies: HJP Consulting, cv cryptovision and Governikus.

The project aims to provide a prototype eIDAS server and a simulation environment for simulating the functions of an eIDAS token and the implementation of eIDAS functions on a chip card.

HJP provided the simulation environment for simulating the eIDAS functions based on BSI TR-03110. This open source smart card simulator, PersoSim, was developed by HJP and certified by the BSI. PersoSim emulates the functions of an electronic identity card and is already used by eID client developers and the BSI among others. PersoSim now includes features such as Chip Authentication in version 3, pseudonyms signatures and attribute extensions (ERA).

The Governikus KG delivered an open source version of an eID server and a corresponding eID client that are used for the verification of the interoperability of the electronic identities (Proof of Concept) within the eIDAS regulation. Starting with the eID server and the eID client that already supported the infrastructure of the online ID function of the German ID card, the extensions for the eIDAS token were implemented to support all requirements given by the Technical Guideline BSI TR-03110 version 2.20.

cryptovision delivered the first implementation of the new eIDAS functions on a chip card. The implementation is based on the product ‘ePasslet Suite’, a modular Java Card-based application suite for multi-functional national ID documents. ePasslet Suite provides a set of Java Card applets for passports, eID cards, electronic driving licenses, signature cards and other applications, and is also the foundation for the implementation of the eIDAS functionality.

The ‘Regulation on electronic identities and trust services (eIDAS)’ published by the European Union in July 2014 forms the legal basis for the secure handling of electronic transactions between businesses, citizens and public authorities or institutions within the EU.