Daily use of ID-card in Estonia
Yesterday I showed how the e-voting procedure takes place with the help of an id-card. Today I want to talk about how it can still be used in everyday life. By the way, Estonia is one of 19 EU countries where id-cards are used. Now they are slowly changing to a new version with biometric data.
Some technical data from the previous topic :
The main purpose of the id card is that it serves as an official identity document. It has the same power as a passport and driver's license. Recognized by all EU countries, i.e. with it you can move freely around Europe.
Most often, I use it for authorization in the Internet bank. Swedbank currently has as many as 4 ways to authorize on the site:
1. The oldest and not very convenient way is to use a password card. To enter, enter your username, permanent password and one of several dozen passwords indicated on the plastic card. Obvious disadvantages: you should always have an extra card with you and remember your login / password. To confirm a transaction (transferring money to another account) you need to enter the first 3 digits of one of the passwords.
')
2. Pin calculator. This is, in fact, the usual RSA SecurID token, on which a new digital key is displayed once a minute. The password will be a combination of a constant pin and key with SecurID. The method is also not very convenient. Yes, and the token is worth the money, albeit small.
3. ID card. Insert the card into the card reader, enter your username and authorization pin1. To confirm the transaction, you must enter pin2 from the id-card, which is analogous to the usual signature on paper.
4. The last way is my favorite: Mobile-ID. Mobile-ID is a separate service that is tied to the id-card and provided by the mobile operator (you need a special SIM card that replaces the regular one). So far, only one operator provides this service, but by the end of this year 2 others promised to catch up. It is worth the service of 20 rubles per month.
The point is that in order to enter, we need to specify a user sign and a phone number (on other sites, for example, to buy an electronic ticket, we only need a phone number).
We see a four-digit code on the screen, flash-sms with the same code comes to the phone, press OK on the phone and, again, enter Mobile-ID pin1 on the phone. After checking on the server, the browser makes a redirect. Everything, we are logged in the Internet bank. Convenient, safe and the phone is always with you. To confirm the transaction you need to enter a 5-digit pin2 from Mobile-ID.
The second use of an id-card I often use is the purchase of an electronic ticket for public transport. We go to pilet.ee, log in the same way using an id-card or Mobile-ID, select the desired type of ticket (monthly or hourly) and pay for it. When controllers enter the bus, I simply give my id-card, and it checks from my wireless reader that I have a ticket. You can also buy an id-ticket directly from your mobile by calling a certain number and indicating your personal code. With the onset of the crisis, I began to cheat a little, buying a ticket only when I see that the controllers are going to stop the busters :) call + ticket activation takes 5 seconds and I don’t have to get up, frantically search for a punch and punch a ticket. An hour ticket costs 30 rubles.
Information about each citizen is stored in a common database. It is called the X-way and you can see in it information about your property, vehicles, place of work, insurance, loans, educational institutions and diplomas, even marks for state examinations at school.
Here, for example, the result of a driver's license request, in which the owner’s data, category of rights and expiration date
I finished school a long time ago, so I didn’t feel like testing the e-school site in my work. Authorization is also done using an id-card. Pupils watch class schedule, homework. Their parents look at what grades and comments their children receive, and the teachers give homework and assess. The system is centralized and, I think, very convenient. The well-known portal immediately comes to mind :)
Yesterday I discovered openid.ee . This is a set of tools that allows you to do authorization on your website through OpenID. Only Estonians went further, tying it to the id-card or Mobile-ID. That's exactly the future, OpenID on the phone :)
Authorization by id-card is also carried out to pay for insurance, bills for mobile, Internet, TV, electricity, gas, water. There is even an online electronics store, where you can enter with its help. On the website of the local newspaper ( Eesti Päevaleht ) some time ago, you could also use an id-card to leave a comment. Later, however, this case was covered.
That's all. If you wrote a messy - sorry. Chukchi, as they say, is not a writer.
Some technical data from the previous topic :
Technically, the usual X.509. The certificate and private key are stored on the ID card chip. If interested, then RSA crypto block is implemented with PKCS # 1. Drivers are installed on the computer that allow the server request to communicate with the card and request PIN codes. There is also certification authority (CA) at the state level. The server establishes an SSL connection + requests a client certificate. After that - the certificate is checked through downloaded CRL lists or OCSP service. If everything is ok, for example, in the code you can get access to the java.security.cert.X509Certificate class and access to various personal data, such as first name / surname / personal code / passport number / citizenship.
The main purpose of the id card is that it serves as an official identity document. It has the same power as a passport and driver's license. Recognized by all EU countries, i.e. with it you can move freely around Europe.
Most often, I use it for authorization in the Internet bank. Swedbank currently has as many as 4 ways to authorize on the site:
1. The oldest and not very convenient way is to use a password card. To enter, enter your username, permanent password and one of several dozen passwords indicated on the plastic card. Obvious disadvantages: you should always have an extra card with you and remember your login / password. To confirm a transaction (transferring money to another account) you need to enter the first 3 digits of one of the passwords.
')
2. Pin calculator. This is, in fact, the usual RSA SecurID token, on which a new digital key is displayed once a minute. The password will be a combination of a constant pin and key with SecurID. The method is also not very convenient. Yes, and the token is worth the money, albeit small.
3. ID card. Insert the card into the card reader, enter your username and authorization pin1. To confirm the transaction, you must enter pin2 from the id-card, which is analogous to the usual signature on paper.
4. The last way is my favorite: Mobile-ID. Mobile-ID is a separate service that is tied to the id-card and provided by the mobile operator (you need a special SIM card that replaces the regular one). So far, only one operator provides this service, but by the end of this year 2 others promised to catch up. It is worth the service of 20 rubles per month.
The point is that in order to enter, we need to specify a user sign and a phone number (on other sites, for example, to buy an electronic ticket, we only need a phone number).
We see a four-digit code on the screen, flash-sms with the same code comes to the phone, press OK on the phone and, again, enter Mobile-ID pin1 on the phone. After checking on the server, the browser makes a redirect. Everything, we are logged in the Internet bank. Convenient, safe and the phone is always with you. To confirm the transaction you need to enter a 5-digit pin2 from Mobile-ID.
The second use of an id-card I often use is the purchase of an electronic ticket for public transport. We go to pilet.ee, log in the same way using an id-card or Mobile-ID, select the desired type of ticket (monthly or hourly) and pay for it. When controllers enter the bus, I simply give my id-card, and it checks from my wireless reader that I have a ticket. You can also buy an id-ticket directly from your mobile by calling a certain number and indicating your personal code. With the onset of the crisis, I began to cheat a little, buying a ticket only when I see that the controllers are going to stop the busters :) call + ticket activation takes 5 seconds and I don’t have to get up, frantically search for a punch and punch a ticket. An hour ticket costs 30 rubles.
Information about each citizen is stored in a common database. It is called the X-way and you can see in it information about your property, vehicles, place of work, insurance, loans, educational institutions and diplomas, even marks for state examinations at school.
Here, for example, the result of a driver's license request, in which the owner’s data, category of rights and expiration date
I finished school a long time ago, so I didn’t feel like testing the e-school site in my work. Authorization is also done using an id-card. Pupils watch class schedule, homework. Their parents look at what grades and comments their children receive, and the teachers give homework and assess. The system is centralized and, I think, very convenient. The well-known portal immediately comes to mind :)
Yesterday I discovered openid.ee . This is a set of tools that allows you to do authorization on your website through OpenID. Only Estonians went further, tying it to the id-card or Mobile-ID. That's exactly the future, OpenID on the phone :)
Authorization by id-card is also carried out to pay for insurance, bills for mobile, Internet, TV, electricity, gas, water. There is even an online electronics store, where you can enter with its help. On the website of the local newspaper ( Eesti Päevaleht ) some time ago, you could also use an id-card to leave a comment. Later, however, this case was covered.
That's all. If you wrote a messy - sorry. Chukchi, as they say, is not a writer.
Source: https://habr.com/ru/post/60862/
All Articles