eID Server
Article
The eID server consists of hardware and software components run by the service provider to integrate the eID function into its IT systems. The eID server fulfils the following tasks:
- It ensures the secure communication with the client software and the ID card's chip and transmits the data retrieved to the relevant service.
- It verifies the authenticity and validity of the ID card, examines whether it has been blocked by the ID card holder and transmits the results of the eID function to the other systems of the service provider.
- It regularly receives new authorization certificates from the authorization certificates provider and updated revocation lists.
As a service provider you can develop your own eID server as long as the hardware and software modules comply with the requirements of the relevant Technical Guidelines of the Federal Office for Information Security. This is necessary to execute cryptographic protocols with the ID card's chip and regularly receive the required authorization certificates and revocation lists.
Using an eID server
An easier method to establish a connection with the ID card's infrastructure is to use an eID server certified by the Federal Office for Information Security (BSI) in accordance with the Technical Guideline BSI-TR-3130 which already fulfils the above-mentioned requirements.
In the following list you can find providers of eID servers.