Swedish eID card - Replaced by mobile ID

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Swedish eID card - Replaced by mobile ID

Anders Rundgren-2
After two years of pretty successful usage it is clear that Sweden will never (again) try to equip citizens with electronic ID-cards. A mobile device with an ID-App can support many more use-cases at a fraction of the cost of supporting smart cards in consumer computers.

This system also spells doom for OTP.

Since the Swedish system is run by banks it is secret and uses a hard-code link to a central server (...), I took the liberty a year ago publishing an open solution which works like this:
https://openkeystore.googlecode.com/svn/resources/trunk/docs/QR-ID-presentation.pdf

You may even try it:
https://play.google.com/store/apps/details?id=org.webpki.mobile.android

Anders

------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Swedish eID card - Replaced by mobile ID

Jaroslav Imrich
Hello Andrers,

could you please provide also link to swedish solution you have mentioned?

Thank you

Regards, Jaroslav


On Mon, Jun 2, 2014 at 8:04 AM, Anders Rundgren <[hidden email]> wrote:
After two years of pretty successful usage it is clear that Sweden will never (again) try to equip citizens with electronic ID-cards. A mobile device with an ID-App can support many more use-cases at a fraction of the cost of supporting smart cards in consumer computers.

This system also spells doom for OTP.

Since the Swedish system is run by banks it is secret and uses a hard-code link to a central server (...), I took the liberty a year ago publishing an open solution which works like this:
https://openkeystore.googlecode.com/svn/resources/trunk/docs/QR-ID-presentation.pdf

You may even try it:
https://play.google.com/store/apps/details?id=org.webpki.mobile.android

Anders

------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel

------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Swedish eID card - Replaced by mobile ID

Anders Rundgren-2
On 2014-06-02 08:50, Jaroslav Imrich wrote:
> Hello Andrers,
>
> could you please provide also link to swedish solution you have mentioned?

Hi Jaroslav,

http://bankid.com/en/Mobile-BankID/

Since it is developed by banks the design is secret :-)

The security features with respect to key-storage and enrollment are unknown
but I assume that long-time they will build on standard solutions exploiting
the availability of TEEs (Trusted Execution Environments) in mobile phones:
http://images.apple.com/iphone/business/docs/iOS_Security_Feb14.pdf
https://www.samsungknox.com/en

A somewhat funny thing is that the ARM-folks maintain that secure applications
should/must be written as TAs (Trusted Applications) running in the TEE and
be programmed in C.  By doing that they will also be able to use OS-overriding
"Secure UIs" like the following already shipping system from Intel:
https://communities.intel.com/community/vproexpert/blog/2012/05/18/intel-ipt-with-embedded-pki-and-protected-transaction-display

I don't think this is what will happen, it would only stifle developments
in this space.  Hard-to-use security is IMO the same as no security.

Regards,
Anders

>
> Thank you
>
> Regards, Jaroslav
>
>
> On Mon, Jun 2, 2014 at 8:04 AM, Anders Rundgren <[hidden email] <mailto:[hidden email]>> wrote:
>
>     After two years of pretty successful usage it is clear that Sweden will never (again) try to equip citizens with electronic ID-cards. A mobile device with an ID-App can support many more use-cases at a fraction of the cost of supporting smart cards in consumer computers.
>
>     This system also spells doom for OTP.
>
>     Since the Swedish system is run by banks it is secret and uses a hard-code link to a central server (...), I took the liberty a year ago publishing an open solution which works like this:
>     https://openkeystore.googlecode.com/svn/resources/trunk/docs/QR-ID-presentation.pdf
>
>     You may even try it:
>     https://play.google.com/store/apps/details?id=org.webpki.mobile.android
>
>     Anders
>
>     ------------------------------------------------------------------------------
>     Learn Graph Databases - Download FREE O'Reilly Book
>     "Graph Databases" is the definitive new guide to graph databases and their
>     applications. Written by three acclaimed leaders in the field,
>     this first edition is now available. Download your free book today!
>     http://p.sf.net/sfu/NeoTech
>     _______________________________________________
>     Opensc-devel mailing list
>     [hidden email] <mailto:[hidden email]>
>     https://lists.sourceforge.net/lists/listinfo/opensc-devel
>


------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel