Paper 2017/880

Using the Estonian Electronic Identity Card for Authentication to a Machine (Extended Version)

Danielle Morgan and Arnis Parsovs


The electronic chip of the Estonian ID card is widely used in Estonia to identify the cardholder to a machine. For example, the electronic ID card can be used to collect rewards in customer loyalty programs, authenticate to public printers and self-checkout machines in libraries, and even unlock doors and gain access to restricted areas. This paper studies the security aspects of using the Estonian ID card for this purpose. The paper shows that the way the ID card is currently being used provides little to no assurance to the terminal about the identity of the cardholder. To demonstrate this, an ID card emulator is built, which emulates the electronic chip of the Estonian ID card as much as possible and is able to successfully impersonate the real ID card to the terminals deployed in practice. The exact mechanisms used by the terminals to authenticate the ID card are studied and possible security improvements for the Estonian ID card are discussed.

Available format(s)
Publication info
Published elsewhere. MAJOR revision.NordSec 2017
smart cardsimplementation
Contact author(s)
arnis @ ut ee
2017-09-19: revised
2017-09-17: received
See all versions
Short URL
Creative Commons Attribution


      author = {Danielle Morgan and Arnis Parsovs},
      title = {Using the Estonian Electronic Identity Card for Authentication to a Machine (Extended Version)},
      howpublished = {Cryptology ePrint Archive, Paper 2017/880},
      year = {2017},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.