Authentication and secure portal access
Municipal, state and federal portals, the large public bodies’ portals like the one of DRV (German acronym for Deutsche Rentenversicherung, the German pension insurance) and BA (German acronym for Bundesagentur für Arbeit, the German Federal Labour Office) as well as portals for civil service employees need access for citizens, organizations and employees which is up-to-date, secure and conform with data protection laws. Authentication solutions play a crucial role in this context.
Authentication is one of three important elements of identity management. Besides the collection of user’s identity data (identification) and assigning and administering roles as well as connecting them with responsibilities, privileges and rights (authorization), proof of identity is fundamental (authentication).
In the e-government sector a strict separation between authentication, identification and authorization is recommendable for security reasons. Security requirements on authentication solutions are especially high in the public sector and an integration of solutions in the heterogenous system landscape particularly challenging.
mgm has longstanding experience in the area of authentication in the public sector
- The ELSTER certificate is nationwide known and used and, thanks to mgm, secunet and the Regional Tax Authority of Bavaria, it guarantees secure authentication.
- authega® is a tried-and-trusted solution for secure authentication in e-government web applications and based on the same technology than the electronic tax declaration ELSTER.
Authentication in a portal network
The online access law suggests a simple, secure and user-friendly authentication for citizens and organizations not only in single portals but also in a portal network. The challenges of a portal network result from portal networks’ objectives:
- Interoperability of portal authentication
- Support of cross-functional administration processes
- Shared use of basic technologies
- Master data use
Manifold administration portals are available to single citizens and organizations. For example the municipal portal of the town of Munich, the state portal with BayernID, the portal of the pension insurance, that of the Federal Labour Office, that of the Federal State of Germany and many other more. The clear identification of users of administration processes plays an important role. The authentication of the digital identity is the precondition for the usage of the providers’ administrative services and can be classified according to the respective security level. Obviously, from a user perspective, there is the wish to be able to use as many administration services as possible via one or at least a few known authentication mechanisms independently of the service provider. Especially since the security levels “substantial” and “high” require far more than simply user name and password, hence are more complex. In this context, one can speak of interoperability of authentication solutions in a portal network.
It seems also desirable that a citizen’s master or registration data already known can be used for the population of administrative applications if explicitly wished for. But many administrative procedures have a farther-reaching information exchange between administrative bodies as precondition. Furthermore, administrative services, which go beyond a single authority’s responsibility, like e.g. child and parental allowance, can be only realized and simplified by an adequate, cross-administrative exchange of information which is approved and authorized by the citizen. In the case of the prefilled tax return, this exchange of information was exemplary solved with mgm’s support.
The interoperability of administration portals in the sense of using authentication solutions across portal boundaries as well as the cross-portal information exchange controlled by the citizen are preconditions for the usability and, thereby, for the acceptance of digital administration services.
mgm is a reliable partner in solving these essential challenges. mgm supports the quick, secure and user-friendly digitization of administrative services with expertise, pragmatism and solution experience.