Online authentication with the German eID is based on a direct mutual authentication between the relying party and the user. One advantage of this setting is that it avoids the risk of a central security hotspot and/or tracking entity.
The notion eID infrastructure denotes the infrastructure to enable the secure electronic identification of the holder of the German eID towards a service provider over the internet. It consists of the following components:
The environment of the user consists of a computer (e.g. desktop PC, notebook, tablet, cell phone,...), eID Client software and a card reader. The local eID Client software manages the online authentication process on the client side and serves as the link between the German eID, the user and the service provider (certified eID Clients). One certified implementation – the AusweisApp2– is provided by the German Federal Government.
Furthermore, the user uses a card reader for the physical communication with the eID card. Different types of readers ensure a flexible integration into different user environments. Examples are
A service provider wishing to integrate online authentication with the German eID into their IT systems has to deploy an eID Server. The eID server communicates with the application of the service provider, the eID Client software of the user and the background system (How to Become a Service Provider).
Working group DIF eID
The DIF AG eID-Infrastructure (short: DIF eID) is a working group for discussing organisational matters with the goal of a coordinated development of the eID infrastructure.
The working group acts as a communication and information platform and initiates cross-organizational technical workshops where required. Under moderation of the German Federal Office for Information Security (BSI) the members of the working group meet on a regular basis to discuss and evaluate cross-component changes among all participating parties.
The participant of the DIF eID manufacturers and operators of components within the eID infrastructure, service providers, certificate suppliers as well as other involved authorities.
Questions or feedback concerning the eID-Infrastructure and the DIF working group