News

[12.01.2016]

SkIDentity uses certified Open eCard App

[Michelau, January 12th 2016] SkIDentity uses the new version of the Open eCard App, which has recently be certified by the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI) according to its technical guideline BSI TR-03124 (eID-Client). The certificate, which has been awarded the very first time to an Open Source component and without any failures in the conformity report, is valid until December 8th 2020 and enables the trustworthy use of electronic identity (eID) cards and other smart cards in SkIDentity with Linux, Mac OS and Windows.


Platform-independent and lightweight eID-Client for SkIDentity

Thanks to the constructive cooperation of industrial and academic experts within the Open eCard project, a lightweight and platform-independent Open Source implementation of the “eCard-API-Framework” according to BSI TR-03112 was created, which supports various smart cards for electronic identity, health, signatures and banking from Germany, Austria, Estonia and Belgium for example. Based on this framework a user-friendly eID-Client according to BSI TR-03124 – also known as the “Open eCard App” – was created, which now has been certified by the BSI. Because of the modular architecture based on the international standard ISO/IEC 24727, the Open eCard App can easily be extended and smoothly integrated into modern web applications such as SkIDentity.

With continuous improvement and strict Quality Management to the BSI TR-03124 certificate without conformity failures

To ensure the conformity to the relevant technical specifications of the BSI and a high level of quality, the Bavarian State Ministry of Finance started the certification process according to BSI TR-03124 for the Open eCard App in 2014. Thanks to continuous improvement and a strict Quality Management system based on international standards such as ISO/IEC 9001 and ISO/IEC 90003 and utilizing the Open Source eID-Client-Testbed of the BSI, the current version 1.2 of the Open eCard App now has been formally certified by the BSI. Note, that it is the first time ever that an Open Source eID-Client received a certificate according to
BSI TR-03124. „We are particularly proud of the fact, that the test report shows that there are
no conformity failures, „Open eCard Project Maintainer“ Tobias Wich complements. „On the one hand this underlines the high quality of the Open eCard software and on the other hand it creates further trust and confidence for the German eID card and similar smart cards.“

„As shown by the example of ‚SkIDentity‘, the secure, extensible and user-friendly Open eCard App has already several times formed the basis of distinguished and awarded systems solutions“, replenished Dr. Detlef Hühnlein, CEO of ecsec GmbH and head of the SkIDentity project. „We are delighted, that a first result of our work now is not only awarded, but also certified.“

About the Open eCard project

The Open eCard Team (see http://openecard.org) consists of industrial and academic experts, who have joined forces to provide an Open Source and platform independent implementation of ISO/IEC 24727, such that arbitrary applications can easily access arbitrary smart cards for authentication and signature purposes. A first result of the project is the Open eCard App, which is the first Open Source eID-Client certificated according to BSI TR-03124.

About the SkIDentity

The SkIDentity project is performed by an interdisciplinary team, which is coordinated by ecsec GmbH and comprises experts from ENX Association, Fraunhofer institutes for industrial engineering (IAO) and computer graphics (IGD), OpenLimit SignCubes GmbH, Ruhr University of Bochum, University of Passau, Urospace GmbH and Versicherungswirtschaftlicher Datendienst GmbH. In addition the SkIDentity team is supported by major associations and federations such as the Federal Association for Information Technology, Telecommunications and New Media (Bundesverband Informationswirtschaft, Telekommunikation und neue Medien e.V., BITKOM), the German EuroCloud association (EuroCloud Deutschland_eco e.V.), the ProSTEP iViP association and TeleTrusT – IT Security Association Germany and well known enterprises such as DATEV eG, easy Login GmbH, media transfer AG, noris network AG, SAP AG and SiXFORM GmbH.

http://www.skidentity.de

About the “Trusted Cloud” Program

The German Federal Ministry for Economic affairs and Energy (BMWi) supports through “Trusted Cloud” the development and testing of innovative, secure and legally valid cloud computing services with about 50 million Euro. Because the various project partners roughly bring in own resources of the same amount, the program has in total about 100 million Euro as its disposal. The “Trusted Cloud” technology program of the BMWi is part of the cloud computing initiative, which has been started by the BMWi in October 2010 together with its industrial and academic partners.

http://www.trusted-cloud.de

(760 words)

 

Contact:

Dr. Detlef Hühnlein

SkIDentity c/o ecsec GmbH

Sudetenstraße 16

96247 Michelau, Germany

E-Mail: skidentity@ecsec.de

http://www.skidentity.de

Full Press Release