We congratulate Daniel Träder for successfully defending his Master’s Thesis with the title “FIDO-konforme abgeleitete eID im E-Government” last Tuesday.
Abstract: An online identification of a user often works with user name and password. This method is increasingly viewed as unsafe, but alternative technologies are not yet widely used. The Identity Card (nPA) in Germany also includes these alternative technologies. This provides the user with a standardized method of being identified in on-line procedures compliant with the official directives. This offer is currently not well accepted by the citizens. One reason is a lack of usability, which is caused by the provided system. The poor circulation of card readers is a challenge. In this context, the work examines the possibility of addressing new user groups by means of derived identities and making the authentication more user-friendly. Challenges are presented in the integration and implementation of a system with derived identities. In particular, substantial assurance level according to BSI definition is aimed at. Various solutions for derived identities, which are used in the European states and scientific work on the subject, are considered. The result is an architecture that uses a bank as identity provider. The Payment Services Directive 2 (PSD2) of the European Union was selected as the basis and an interface was designed and implemented according to this. This architecture fulfills the prerequisites for the assurance level substantial. In addition, the introduction of the new assurance level substantial is discussed for the “Servicekonto”, the necessary changes are described and implemented in the prototype. It is shown that an online authentication can be made trustworthy and usable, and at the same time more user groups can be addressed. For the achievement of the substantial assurance level, changes are essential to the system in which the prototype is to be integrated.