FutureTrust enables “EU Student eCard” and starts eIDAS-Portal for Germany
Against the background of Regulation (EU) No 910/2014 on electronic identification and trusted services for electronic transactions in the internal market (eIDAS) and the envisioned EU Student eCard, which will enable students to easily register electronically at European Higher Education Institutions (HEI) and thus have access to cross-border online student services when moving abroad, the EU-funded FutureTrust project has today released the eIDAS-Portal (https://eID.AS/portal), which enables German Universities to securely combine academic and national identities, which have been notified according to Art. 8 of the eIDAS-Regulation, in order to issue trustworthy X.509 certificates for students and academic staff, which can subsequently be used for strong authentication, encryption and advanced electronic signatures for negotiable electronic Learning Agreements in line with European norms and regulations, such as the Commission Implementing Decision (EU) 2015/1506, for example.
The innovative solution has been designed and implemented in a joint effort of experts from Ruhr University Bochum (RUB), University of Leipzig (UoL), University of Applied Science Coburg, DFN-Cert Services GmbH and ecsec GmbH and is operated in the “Secure Cloud Infrastructure (SkIDentity)“, which has been certified according to pertinent security, privacy and conformity criteria. The involved X.509 certificates are managed within the Public-Key Infrastructure of the German Research Network (Deutsches Forschungsnetz, DFN-PKI), which is certified according to ETSI EN 319 411-1 and provided to all members of the DFN Association. Instead of complex and cost-intensive paper-based processes and manual identification procedures, which according to the applicable policy require the physical presence of the applicants, the eIDAS-Portal combines the academic identity of an applicant from the Authentication and Authorization Infrastructure (DFN-AAI) with the official national identity from the German eID card (“Personalausweis”), which has been notified according to the highest level of assurance (“high”) according to the eIDAS-Regulation and which is accepted all over Europe since September 2018.
The smart “eIDAS-Portal made in Germany” does not only demonstrate the feasibility and convencience of a completely electronic process for certificate enrolment based on remote electronic identification (eID) means according to Art. 24 (1) (b) of the eIDAS Regulation, but constitutes the kick-off for the practical realisation of open, inclusive, secure, privacy-friendly and sustainable EU Student eCard Digital Service Infrastructure powered by the pan-European eID-Infrastructure regulated by eIDAS and embedded in the international eduGAIN network.
“We are very pleased to announce the launch of the eIDAS-Portal as kick-off for the ‘EU Student eCard’, which does not only improve the trust and efficiency of administrative processes within the Ruhr University Bochum and other German Universities, but has the potential to advance the adoption of eIDAS in Europe and beyond to foster trust, security and privacy in many academic institutions,” explains Prof. Dr. Jörg Schwenk, Chair of Network and Data Security at the Ruhr University Bochum and Project Leader of the FutureTrust project.
The Portuguese service for electronic SEPA Mandates
The objective of the Single European Payments Area (SEPA) eMandate demonstrator, which has been developed by FutureTrust partner Multicert S.A., is to provide a system for managing electronic and XML-based SEPA mandates in order to replace the paper-based processes for the Direct Debit Mandate authorization between a bank, a consumer and a service. The Debtor can issue, amend or cancel a Mandate through a secure electronic channel via Internet to enable a secure end-to-end real time process.
The eMandate demonstrator covers the complete workflow of issuing an eMandate, i.e. authorizing online a SEPA interoperable direct debit, compliant with standard EPC208-08. Based on the Four Corner Model for the SEPA Direct Debit (Debtor, Creditor, Debtor Bank, Creditor Bank), a fully featured Routing Service and Validation Service is integrated. The remaining services (Debtor´s bank home-banking and Creditor´s website) are developed as mock services to complete the workflow. Three main data flows are involved in this process: an eMandate request, an eMandate response and an electronic signing using an electronic certificate. This eMandate workflow, presented on the eMandates section of the FutureTrust Pilot Portal, digitalizes the complete workflow of a SEPA eMandate based on the various eIDAS-compliant FutureTrust services, including the FutureTrust eID-Broker, Signature Generation & Sealing Service (SigS), Validation Service (ValS) and Preservation Service (PresS) and demonstrates how these advanced electronic services could further improve the existing EPC eMandate standards utilizing modern eIDAS technologies.
The Austrian service for electronic invoices
This FutureTrust eInvoice pilot application addresses the need to handle the electronic delivery of electronic invoices through automated processes. The Austrian Federal Computing Center Bundesrechenzentrum (BRZ) develops and operates the Austrian shared application “eInvoice submission for the Austrian Public Sector” on behalf of the Austrian Federal Ministry of Finance. The eInvoice System is integrated in the Austrian Governmental Business Portal (USP), which provides identification, authentication and access control of registered users, when using integrated eServices. USP offers a specific authentication service to verify applying organisations in a very stringent manner. After the initial login at USP the authorised agent can access eServices, one of which is the eInvoice-System, which offers several channels to allow companies to transfer eInvoices to the Austrian government. The FutureTrust eInvoice pilot demonstrates the feasibility of validating international certificates using the FutureTrust Validation Service ValS and Global Trust List (gTSL).
The Georgian service for electronic Apostilles
The eApostille demonstrator aims at providing an alternative to paper-based apostilling and legalisation services for official documents. Apostilles are certificates which authenticate the origin of a public document (e.g. a birth, marriage or death certificate, a judgment, an extract of a register or a notarial attestation). An Apostille only certifies the origin of the public document to which it relates: it certifies the authenticity of the signature or seal of the person or authority that signed or sealed the public document and the capacity in which this was done, but not the content of the document. This eApostille demonstrator, developed by the Public Service Development Agency of Georgia (PSDA), ensures that apostilled documents are easily validated (using the FutureTrust ValS) for receiving parties such as administrative bodies of other countries. Usually, there is one or more distinguished administrative body per contracting state, which is empowered to provide the services of apostilling/legalization. In case of Georgia, PSDA represents one of such bodies, which are authorized to provide apostilling/legalization services on a wide range of documents issued by competent bodies in Georgia. It should be noted that the documents endorsed by PSDA apostille can be directly sent abroad and enjoy international recognition.
The system builds on the evidential value given to electronic signatures referring to Art. 33 of the eIDAS-Regulation when used by government bodies or notaries to verify the authenticity of a document in electronic form. For this purpose, the eApostille demonstrator integrates the FutureTrust Validation Service (ValS) to verify the validity of the affixed electronic signatures or seals based on the Global Trust List (gTSL), the eID-Broker and the Preservation Service (PresS) developed within the FutureTrust project.
About the FutureTrust project
Against the background of the Regulation (EU) No. 910/2014 on electronic identification (eID) and trusted services for electronic transactions in the internal market (eIDAS), the FutureTrust project (https://futuretrust.eu), which is funded within the EU Framework Programme for Research and Innovation (Horizon 2020) under Grant Agreement No. 700542, aimed at supporting the practical implementation of the regulation in Europe and beyond.
For this purpose the FutureTrust project addressed the need for globally interoperable solutions through basic research with respect to the foundations of trust and trustworthiness, actively support the standardisation process in relevant areas, and provide Open Source software components and trustworthy services, which will ease the use of eID and electronic signature technology in real world applications. The FutureTrust project has developed numerous innovative services and applications, which are now gradually piloted and released to the public for productive use.
Dr. Detlef Hühnlein Jon Shamah
FutureTrust c/o ecsec GmbH FutureTrust c/o EEMA