Today I picked up my
Estonian ID card. Besides buying bus tickets, I can use it to vote over the Internet (though not immediately -- I have to wait until the next elections!), travel within the European Union, digitally sign documents, and get free refills on coffee, though I'm not sure about the last one. It is based on public
-private key encryption, which means that when combined with the data on the chip implanted in my head, I can keep my rants safe (not that I wouldn't share them on the blog, anyway).
OK, seriously. It is quite nifty. I did notice one
real problem. Hanza.net (Hansabank's online interface) still requires you to enter your code card or PIN calculator code, which seems to defeat the whole purpose. They've even produced a Fkash tutorial which explains what codes to enter. Sure enough, you have to get out your PIN calculator, which is a little code generating device, and enter the old code.
Despite knowing that the ID card is not actually some sort of slippery slope to a one-world plot as
some have alleged, I was a little nervous upon noticing that I had left the card in the reader and had been surfing on the Internet for 20 minutes. I wonder whether my browsing history was saved anywhere.
But who has time for monitoring citizens' every move. That's so, like, old.
4 comments:
. Hanza.net (Hansabank's online interface) still requires you to enter your code card or PIN calculator code, which seems to defeat the whole purpose.
Having 2 factor authentication is good security. If you lose you wallet with you cards in it you'll appreciate this feature.
Today I picked up my ID card.
What were you using for ID before?
It is kind of pointless and a waste of money to buy a card reader for Hanza.net when you still have to put in your PIN calculator code. Much easier just to type in your user ID number instead.
For ID, I used Estonian passport or US driver's license.
But the same bank's corporate client site requires only the ID card and PIN 1.
To log in, that is. Haven't done any transactions in either.
Your browsing history might have been saved by a spy-ware in your computer, should you computer host some... The public key authentication service is there purely for electronic authentication of a person, and does not gather information on websites visited. Hence, there's no need to take the card from the reader immediately after authentication. The authentication process itself is nifty, not only codes and info on the chip card are verified, the information is also verified with the info in population register - real time. Digital signatures are monitored as well, just like with credit cards - if anything unusual comes up, you will be notified. Very safe. Very cool, quite unique. :D
Post a Comment