Attempts to carry identity documents on mobile have been numerous almost since the beginning of smartphones, although it is now when the idea begins to mature and materialize. Without going any further, in Germany it will be possible carry the identity document on the Samsung Galaxy S20 before the end of the year.
Cooperation between Samsung, the German Federal Office for Information Security, the Bundesdruckerei and Deutsche Telekom Security has resulted in a digital identification system that complies with strict German and European Union security requirements. It will be released later in the Samsung Galaxy S20 series.
Registration in three steps
The Samsung Galaxy S20 are the first devices to meet security requirements set by the German security authorities for the storage of digital identity credentials, offering a “substantial” level of security according to European eiDAS regulations. This regulation seeks to ensure that EU citizens can use their digital identity documents in different member countries.
The main asset of the Samsung Galaxy S20 to guarantee this security is the integrated storage eSE, which keep confidential information separately such as identity cards or credit cards in isolation as a safe. In the future, Samsung ensures that more terminals in the house will be launched with this security system.
The registration process of this digital identity document will be very simple in its application in Germany. Terminals with NFC will be able to start the registration by touching with the DNI on the back and entering a PIN code. It is possible to do it without NFC, with a photo to the identity document.
Then comes the turn of the issuing entity of the document, which you must verify the validity of the document. The transmission of the document is made encrypted, so that only said entity and the device, the Samsung Galaxy S20, can access the content. After approval, the identity document is stored in the secure storage of the mobile and can be obtained through the official application
Additional security measures
The secure storage of the Samsung Galaxy S20, eSE, is designed with a series of additional security measures to prevent an attacker from accessing identity documents, even if they have physical access to the terminal.
Some of these protections are at least curious, such as the use of sensors to detect if someone is trying to manipulate the eSE chip, the generation of non-cloneable keys or the fact that it hides the use of battery and radiation to prevent hackers from using this information to access data.
For the time being, this security with CC EAL 6+ certification will be used to store German identity documents although, by complying with the requirements of eIDAS, Samsung hopes other member countries will join the initiative to implement the digital identity document that can always be carried by hand, on mobile.
More information | Samsung