The Estonian company B.EST Solutions Estonia developed a new generation eSIM-based crypto-agile mobile identity solution. Among other possibilities, it could provide a secure enough digital ID for people without official proof of identity to give access to various state or financial services.
The new product will be presented at the annual GSMA trade show GSMA in Barcelona, where B.EST Solutions will participate at the national Estonian pavilion with the support of the Estonian Business and Innovation Agency.
Jana Krimpe, the CEO and partner of B.EST Solutions, commented: „We have been the national mobile identity provider in a partnership with the State Tax Service under the Ministry of Economy of the Republic of Azerbaijan for the last 10 years. Therefore, we’ve got a significant practical experience in that field which makes us proud to announce that together with the Estonian and Azerbaijani specialists, we have developed the whole infrastructure of Mobile Identity management based on innovative technologies and best practices of our users’ experience. This will offer the potential users globally from capital cities to rural areas the fully digitized experiences they’re looking for.”
Encryption and decryption
The new innovative feature of e-Sim-based Mobile-ID is the function which enables to encrypt and decrypt of electronic documents or computer files for the secure transmission of information (via e-mail or other communication channels). The encrypted document can be opened only by an authorised person using their own Mobile-ID and PIN code. The solution is also a strong candidate to replace paper documents and passwords for secure identity verification.
An Estonian cryptography expert Arnis Parsovs, who was involved in the security assessment of the solution, stated: „We praise the authors of the Mobile-ID document decryption concept as they have come up with a smart solution that provides a secure way of decrypting documents using the Mobile-ID solution. Multiple security issues were found and fixed during the implementation, like susceptibility to active MITM attacks, linkability to the encrypted document, insufficient protection against mobile communication attacks, the usage of inappropriate cryptographic primitives and the sharing of authentication PIN for decryption. The authors of the solution put a great effort into fixing all discovered security issues. “
The service is widely used by businesses and regular citizens to protect and access sensitive data.
“It can give millions a safe enough digital identity without official proof of identity to open a bank account or business.”
As a start, B.Est Solutions plans to implement the in-house developed e-SIM-based Mobile-ID in Azerbaijan, where the population has widely used Mobile-ID for the last 10 years in more than 2000 e-services.