The identity card is becoming digital

The identity card is becoming digital.

Samsung is working together with the German Federal Office for Information Security (BSI), Bundesdruckerei and Deutsche Telekom Security on a hardware-based security architecture that will allow us to store our ID card – and later also our driving licence, health card and other sensitive documents – on our smartphone.

These documents will be stored safely in an embedded secure element.

The eSE (embedded secure element) is a tamper-proof chip that can be embedded in any mobile device. It ensures that data is stored in a secure location and information is only shared with authorized applications and people.

The aim is to provide citizens a simple way to keep sensitive documents safely with them at all times. The solution is the smartphone that almost everyone always carries with them.

Would you store your data such as personal ID, driving licence, health card, etc. on your smartphones? We are interested in your comments.

https://www.nfcw.com/2020/07/29/367360/germany-to-begin-rollout-of-open-national-digital-identity-service-later-this-year/

 

Best practice: Experiences with IAM in the German industry

This week we had a very interesting chat on IAM with an experienced architect working with one of the biggest German industries.

Some years ago they started to develop a cloud platform where customers can access heavy machines this company built for them.

This already took place about five years ago and as it was one of the first online/cloud projects it was criticized to be unsecure and meant to fail. All eyes were on this project and the pressure to succeed very high. Imagine a breach taking place when starting to use this platform: Big customers would experience hacks of machines worth millions – this costs lots of money and could even be very dangerous for the employees working with them.

Their advise to all other manufacturers is very easy: Take good care of security as fast as possible when it comes to cloud projects. Until today they never had any problems with cyberattacks on their platform as they are using a professional solution to secure internal and external access.

Just one more thought: They started to use IAM and MFA already five years ago – until today the amount of attacks grew to an alltime high with many millions of identity threats every day from all around the world – are you prepared for them?