Electronic identity (eID) is a commonly used term in today’s world, and its use is highly debated across several EU countries.

Germany has launched its nation-wide eID scheme in 2010, and has by now distributed approximately 10 million smart identity cards to its citizens. This is one of Germany’s largest IT projects, with around 23,000 employees in over 5,300 ID card authority contact points. On the other hand the UK has recently scrapped its multi-million pound scheme with the British eID card ceasing to be a legally valid document since January 2011.

Unlike the British, the Maltese citizen accepts the idea of carrying and producing an identity document when transacting with both commercial and governmental entities.

Last year this newspaper revealed how the government has plans to start rolling out the new eID cards by the second quarter of this year. That’s quite soon. However it’s good to note that the eID has been with us for several years now. The first version of the Maltese eID was launched in March 2004 with limited functionality at the time. Throughout the years this has been further developed and now we have eIDs provided as soft tokens (digital certificates) conforming to one of the higher levels of security required for sensitive e-services.

Signing of official documents can be done from the comfort of one’s home, while cumbersome forms such as VAT returns can be submitted from anywhere with an internet connection. However, to date, take up of eIDs has not been so encouraging even though there are no fees attached. One might argue that it is too physically demanding to go all the way to Valletta to apply for one. This story will now change, since in the near future everyone will hold an eID, embedded discreetly on a chip within the new national ID card. Let’s call this technology a Smart ID.

This Smart ID offers the highest levels of security to its holder when interacting with e-government services, materialising the more abstract soft token (digital certificate) into something more tangible. However, this abstraction requires additional hardware, both for home users and for entities accepting its usage.

A smart card reader needs to be available whenever the Smart ID is used. The German government has distributed around 1.5 million security kits, which contain a smart card reader amongst other useful material. These are provided free of charge or at a reduced price in an effort to increase the availability of smart card readers and boost Smart ID adoption. Information on how the Maltese government plans to boost adoption rates for Smart IDs is not yet available.

To avoid unnecessary risks, there are various points we should keep in mind once we become proud owners of a Smart ID.

You have to treat your Smart ID as if it was a credit card with no limits: and never disclose your security PIN to anyone. Do not write down your PIN on a piece of paper and keep it with your Smart ID. Anyone who finds both the PIN and the Smart ID has the power to conduct serious transactions using your identity. This becomes even more perilous when, and if, commercial entities such as banks integrate the eID into their authentication processes.

If you cannot find it, call the eID office immediately to revoke or block the electronic identity itself as you would with a credit card. This would disable your electronic identity and any unauthorized usage attempts will be declined.

Do not use your Smart ID on untrusted hardware. Always use it with your personal equipment or on official machines. No one, except for the government and serious commercial entities, would give you free equipment for home use.

Do not use it on suspicious sites. Before using it on any website check for a valid security seal, and make sure that the site’s certificate is issued by a valid and recognised certificate authority (e.g. Verisign Class 3 Secure Server CA).

You also need to stay informed with the latest updates and news issued by the government and its IT agency (e.g. MITA).

We are entering a new era of citizenship and with it come new responsibilities which need to be respected in order to stay safe while benefiting from exciting new opportunities delivered by any e-government platform.

chris.porter@um.edu.mt.

Mr Porter is an assistant lecturer in the Department of Computer Information Systems in the Faculty of ICT at the University of Malta.

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.