Our employees only speak German in the office and on the phone.

Request authorization certificate for online ID card function Register und Kataster

If you want to use the online ID function as a provider in your own application, you need an authorization certificate.

  • Basic information

    An authorization certificate is required for each electronic service that can be used with the online ID card, which authorizes authentication and authentication of the user and provider.
    The following can apply for an authorization certificate:

    • Service providers and
    • Identification service providers
    • On-site service providers

    The following authorizations are distinguished:

    • the proof of identity to online service providers,
    • on-site reading at service providers, and
    • the proof of identity vis-à-vis identification service providers.

    Proof of identity vis-à-vis online service providers

    The authorization certificate gives you permission to request and process data from ID cards to identify the holder. The authorization certificate and the verified electronic keys enable technical access. You can use it to integrate the online ID card function as a digital means of identification in your own online service or in a vending machine or terminal.
    In your application, you must explain why you have an interest in using the online ID card function and how you will use the ID card holders' personal data. You must also ensure that the data is adequately protected.

    On-site readout at service providers

    Wherever personal data such as name and address are to be transferred to a form, on-site readout is a good option. The data is read out and transferred electronically.
    The credential holder is present in person. Before the data is read out, the authorization holder must identify the cardholder by means of the printed photograph and his/her personal data.
    In the case of on-site readout, the PIN entry by the ID card holder is not required. It is replaced by the entry or technical recording of the access number (Card Access Number - CAN) on the front of the ID card by the authorization holder.

    Proof of identity to identification service providers

    Companies and public authorities can use a certified third-party service for proof of identity. The so-called identification service providers make the data from the use of the online ID function available to companies and authorities in individual cases. Identification service providers must apply for authorization and the authorization certificate instead of the service providers.
    They must also have their service certified by the Federal Office for Information Security.

    The authorizations are each valid for a maximum of 3 years. In the event of a breach of the declaration made and the law, they can be withdrawn immediately at any time.

    Note
    As the applicant, you must commission the authorization certificate provider (BerCA) yourself. This means: On the basis of the positive authorization notice from the Federal Office of Administration (BVA), you conclude a contract directly with the provider of authorization certificates for the technical procurement of the authorization certificate and the revocation lists.

    .

    Requirements

    Be able to apply for a certificate of authorization:

    • Service provider
    • Identification service provider
    • On-site service provider

    Other requirements:

    • Requirements for service providers for your credential acquisition:
      • Communicate and prove the identity of the service provider,
      • Description of the interest in authorization underlying the application, in particular for the planned organization-related use
      • Proof of data protection and security measures
      • There must be no indications that the authorization is being misused.
    • Separate requirements for identification service providers:
      • Certificate from the German Federal Office for Information Security (BSI) confirming compliance with the requirements
    • In addition, you need your own eID server for operation or a service provider as an eID service provider or
      • suitable software,
      • a reader for on-site reading, and
      • suitable integration of the credential application into your website or background system.

  • Procedure

    You must apply for the Certificate of Eligibility in writing or online to the Federal Office of Administration (BVA).

    Written application:

    • Go to the BVA website and fill out the application form electronically.
    • Print out the completed form and sign it.
    • Mail the completed and signed form, along with all other required documents, to the Certificate of Eligibility Awarding Office.
    • The awarding office will review your application.
    • You will then receive by mail
      • the proof of eligibility or
      • a notice of rejection
      • or a request for a new application

    mailed to you.

    Online application:

    • Go to the Federal Portal website and fill out the application form electronically there.
      • Note: For the online function, you will need your ID card with PIN number.
    • Attach the other requested documents as a scan.
    • Submit your application.
    • The awarding office will check your application.
    • You will then receive by mail
      • sent you the proof of eligibility or
      • a notice of rejection
      • (or a request to reapply)

    sent to you.

    • You must then select an authorization certificate provider for the provision of the authorization certificates and can then conclude a contract on the basis of the positive authorization notice.
    • Now you can operate your own eID server or select a service provider as your eID service provider.

    Note
    eID service providers can support you for a fee in obtaining the certificates and provide the complete infrastructure.

  • Necessary Documents
    • Privacy policy
    • Commercial register excerpt

      For e-business only

    • Description of the interest in entitlement underlying the application.
    • Flowchart of the business process

      To help you understand, you can depict your business process using a flowchart and attach it to the application.

    • Contract of the technical service provider

      If you use a technical service provider, please add the contract.

    • Certificate of the Federal Office for Information Security (BSI)

      Identification service providers only

  • Competent Department

  • Online Services

  • Forms

  • Fees / Costs

    102,00 EUR Issuance of an authorization
    80,00 EUR Rejected eligibility request
    115,00 EUR Withdrawal or revocation of an authorization

  • Deadlines & processing time

    What deadlines must be paid attention to?

    3 years Validity of the authorization certificate.

    How long does it take to process

    Issue of an authorization certificate: 1 to 2 weeks.
    Note: Contract negotiations between you as the service provider and the authorization certificate provider should begin early so that you can use the certificate in good time.

  • Legal Bases

  • More Information

Feedback on quality

Your feedback will help us to identify and solve problems. You will not receive a personal response. Please do not submit any personal data.

Did you find what you were looking for?

How do you rate this page?*

*Mandatory field

This page has been automatically translated by DeepL. We cannot guarantee that the translation is correct.

The official information in German is complete and correct. 03.12.2024

Dienstleistungen · syfq nzm