Samsung, BSI, Bundesdruckerei and Telekom Security Partner to Bring National ID to Your SmartphoneShare open/close
Samsung’s Galaxy S20 will be the first mobile device in Germany allowed to carry the mobile ID solution thanks to its secure chip
Today, Samsung Electronics, the German Federal Office for Information Security (BSI), Bundesdruckerei (bdr) and Deutsche Telekom Security GmbH announced Germany’s National electronic ID will be available on selected Samsung Galaxy smartphones when the eID solution becomes available later this year. As part of a long-term collaboration with an alliance of German government bodies to deliver upon its eGovernment initiative, Samsung partnered with the BSI, bdr and Telekom Security to develop a hardware-based security architecture that allows citizens to securely store their National ID on their smartphone as an eID. Once enrolled, their eID is transferred to a secure location on their phone.
Protecting What is Valuable to Users
Users expect their information to be protected. It is therefore essential to ensure that the eID mobile solution meets the strict security requirements of the federal government and keeps German citizens’ information safe. To do so, all four partners developed a holistic security architecture centered around the foundation of smartphone security – the hardware. Thanks to a highly secure chip built directly into the phone, information can be stored locally on the device and gives users full control over their data.
“In addition to the identity card, almost every citizen in Germany owns a smartphone. Thanks to the OPTIMOS project and in cooperation with Samsung and Deutsche Telekom Security, we now have the chance to combine the high level of trust in the physical document with the user-friendliness of the smartphone,” says Dr. Stefan Hofschen, CEO of Bundesdruckerei. “We are thus creating the basis to ensure sovereignty and trust in a world that is becoming increasingly ‘digital’ and ‘mobile’. In the future, digital sovereign identities and authorizations can be used and managed by citizens in a self-determined manner via the app provided by bdr for this purpose”.
An Open Security Platform
This new mobile eID solution was created as part of the OPTIMOS 2.0 project, whose goal is to create an open ecosystem that provides the technology and infrastructure for secure mobile authentication. As such, it was important for all partners to make sure that this new security architecture would be open to many identity service providers.
“The more we digitalize our daily lives, the more important it is to protect our digital identity. At BSI, we develop, promote and certify eID solutions and technologies designed to protect people’s digital identity. As part of the OPTIMOS 2.0 project, our role was to standardize the necessary components, interfaces and processes so that the technology developed would meet the high security standards and be available to as many end users as possible,” said Arne Schönbohm, President of the German Federal Office for Information Security.
To achieve this goal of creating an open ecosystem, Samsung made the Software Development Kit (SDK) for its embedded Secure Element (eSE) available to third parties.1 This will enable service providers and app developers to create applets for Trusted Service Manager (TSM) that can be loaded into the secure chipset-based platform. As a result, applications and services will be able to work seamlessly with the eID program and German citizens can enjoy them with peace of mind, knowing their information will be protected.
“Together with Samsung and Bundesdruckerei, we created a comprehensive ecosystem for secure digital authentication. This uses the trusted secure elements of smartphones for storing forgery-proof identity information. Our newly developed TSM system is used for the transport of the identities, data storage management and ultimately lifecycle management of each eID, which provides the basis for a multitude of other secure applications,” says Thomas Fetten, CEO of Deutsche Telekom Security GmbH.
The Galaxy S20 Will Be the First Device to Comply With the New Security Requirements
The Samsung Galaxy S20 lineup, including the Galaxy S20, Galaxy S20+ and Galaxy S20 Ultra, will be the first smartphone to comply with the BSI’s eID security framework for sovereign use.2 Thanks to the security embedded in Samsung’s Galaxy S20, the eID solution offers a “Substantial” level of assurance for secure and seamless electronic interactions under the EU eIDAS Regulation.3 This regulation was designed to ensure EU citizens can use their national eID across borders and helps prevent misuse or alteration of their government-issued IDs.
The Galaxy S20 lineup offers the highest level of encryption available, as illustrated by the Common Criteria Evaluation Assurance Level (CC EAL) 6+4 it recently received. It is the latest Samsung device to feature Samsung’s industry-leading embedded Secure Element (eSE) with other Samsung smartphones to follow. The eSE securely stores sensitive data on the device like credit card information, documents and keys and isolates them for maximum protection. Acting as a safe, a separate secure processor provides an extra layer of security designed to defend against hardware attacks and makes it difficult to access and copy information stored on the device.
“We’re incredibly proud that our Galaxy S20 series was the first line of mobile devices to meet such high security standards set out by the BSI. We always strive to offer the highest level of protection possible for our users. As we continue to move towards digitization, our goal is to ensure that mobile users around the world can enjoy these new services with true peace of mind, knowing that we’ll keep them safe,” said Daniel Ahn, Corporate SVP and Head of Security Team at Mobile Communications Business, Samsung Electronics.
What’s Next For Mobile eID?
This is only the beginning. Similar to contactless payments a few years ago, consumers will quickly realize the benefits of having key credentials including their driver’s license, national health insurance cards, or even their car and apartment keys available on their mobile phone, securely stored at all times. Soon, they may also be able to remotely verify their identity to access and send confidential medical records, open a bank account, or vote using their smartphone.
How Can I Enroll?5
The eID app will be available to German citizens using Samsung’s Galaxy S20, Galaxy S20+ and Galaxy S20 Ultra later this year. After downloading and installing the Mobile ID application distributed by Bundesdruckerei from Play Store, Galaxy S20 owners can tap their Near Field Communications (NFC) enabled National ID card on the back of their phone to verify their identity and get started. Once verified, the mobile eID will be stored securely on the smartphone and can be used to open a bank account, use eGovernment services and more.6
About Bundesdruckerei (bdr)
Bundesdruckerei GmbH is a leading German high-tech security company. bdr products and services “Made in Germany” are firmly rooted in the reliable and lawful identification of individuals and institutions. Working as a security company on behalf of the German government, bdr is paving the way for a secure digital age. The Group employs a workforce of more than 2,700 and in 2019 generated revenue of around EUR 602m. For more information, go to: www.bundesdruckerei.de.
About German Federal Office for Information Security (BSI)
The Federal Office for Information Security (BSI) shapes information security in digitization through prevention, detection and reaction for government, business and society. As the federal cyber security authority, it is the task of the BSI to make Germany digitally secure. For this reason, the BSI is investigating the fields of application in which risks could arise from digitization and how these risks can be made calculable and controllable.
About Deutsche Telekom Security GmbH
As an independent company under the umbrella of Deutsche Telekom Group, Deutsche Telekom Security GmbH offers customers the same highly professional solutions, consisting of technology and services, with which Deutsche Telekom AG is also protected worldwide. With over 250 million euros of revenue, Telekom Security is the market leader in Germany and one of Europe’s top cybersecurity providers.
1 “Samsung eSE SDK.” Samsung Developers, developer.samsung.com/ese/overview.html.
2 “BSI TR-03159 Mobile Identities.” BSI, www.bsi.bund.de/DE/Publikationen/TechnischeRichtlinien/tr03159/tr03159_node.html;jsessionid=958104D96504D3A5A1CBF1A320C18EE8.2_cid503.
3 Substantial is the second level of assurance out of the three levels of low, substantial, and high awarded for eIDAS Regulation in the EU.
4 “Samsung Elevates Data Protection for Mobile Devices with New Security Chip Solution.” Samsung Newsroom, May. 26, 2020, news.samsung.com/global/samsung-elevates-data-protection-for-mobile-devices-with-new-security-chip-solution.
5 These enrollment instructions are specific to Germany and may vary by country.
6 Subject to service availability.
TAGSbdrBSIBundesdruckereiCC EAL 6+Common Criteria Evaluation Assurance Level 6+Deutsche Telekom Security GmbHeIDeID SolutionElectronic IDEmbedded Secure ElementeSEGalaxyGalaxy S20Galaxy S20 SeriesGerman Federal Office for Information SecurityMobile IDOPTIMOSOPTIMOS 2.0 Project