In our everyday life, we usually provide proof of our identity to someone with an ID card. For example, you would do this at the citizens' office, bank or reception of a hotel. You present your ID card and the person you are talking to identifies you based on your photo (visual proof).

General information

Things work a bit differently online: when you visit an online service, the provider can't see you directly. However, you can also identify yourself securely in the digital world with the bank card format electronic ID card that has been being issued to German citizens since 1 November 2010. This eID function is made possible by the chip inside the ID card. The chip contains your identity data in encrypted format and is protected by various security mechanisms.

The BSI provides information on the following pages on how you can use your ID card in the digital world via the eID function. For example, you can use it to carry out various official administrative procedures and business matters on your own computer, mobile device or even at special citizen terminals. Information is also available on the security mechanisms used to protect your personal data stored on the chip. This is particularly important because identity theft or misuse can often occur online.

The German ID card is a state-issued identity document. This means it is also the most reliable document for proving your real identity in the digital world. The Federal Ministry of the Interior, Building and Community provides detailed information online about the ID card. The ID card portal provides you with the latest information on the ID card and the eID function.

On-site reading

Since summer 2017, on-site reading of personal data from the ID card has been possible. It enables the seamless transfer of your personal data into an electronic form at authorised public authorities and companies. Instead of copying or typing in the ID card data, your ID card is simply placed on a reader and the data is read. This is a quick process and prevents typing errors. Your ID is first checked by photo comparison on site.

Providers that offer this service require government authorisation for on-site reading and a suitable reader. In instances where personal data such as name and address are to be transferred to an electronic form, on-site reading is a good solution.

How on-site reading works

1. You present your ID card at the counter and state your identity to the provider.
2. You place your ID card on the reader.
3. Transmission of the data only commences once you have entered the six-digit access number (CAN). The access number is indicated on the front of the ID card to the right of the date of expiry.
4. The chip in your ID card is used to check if the provider is authorised to read and retrieve your personal data on site.
5. If the provider is authorised, your data will then be securely transferred to the electronic form using end-to-end encryption and ensures there are no errors.
6. After the data transfer, please remember to remove your ID card from the reader or smartphone/tablet.
   Security of on-site reading

On-site reading of the data from the chip can only be performed once the identity of the physically present ID card holder has been verified using the ID card photo. The access number (CAN) printed on the front of the ID card is required to share the data during on-site reading. As is the case with the eID card function, this means the data cannot be read from the chip without the holder noticing with on-site reading.

Protective functions of the ID card

You can use the following protective functions to make a significant contribution to protecting your ID card against misuse:

Your transport PIN

After you have applied for your ID card, you will receive a letter by post with information about your ID card and the eID card function. Importantly, this PIN letter contains your five-digit transport PIN. You will need this to create a six-digit PIN that only you know. The eID card function will only be activated and ready for use once you have done this.

Your PIN

The six-digit PIN known only to you significantly increases the security of the ID card. Each data transmission that takes place via the eID card function must be confirmed by you entering your PIN.

If the card is lost or stolen, the eID card function can only be misused by others if they know the PIN. If the wrong PIN is entered three times, the eID function of your ID card is automatically blocked. However, if your ID card is stolen or lost, you should notify the responsible public authority immediately.

Your customer access number (CAN)

The access number, which also has six digits, is printed on the front of your ID card to the right of the date of expiry. If you enter the wrong PIN twice, you are only allowed a third attempt after successfully entering the access number for security purposes.

In addition, your access number is used to perform on-site reading of ID card data.

Your personal unblocking key (PUK)

If the wrong PIN is entered three times, the eID function of your ID card is automatically blocked. You can unblock it by entering your unblocking key. You will find the unblocking key for your ID card in the PIN letter sent to you by post.

However, if you have forgotten your PIN, the unblocking number won't be of any use to you. If you have also forgotten your PIN, you can only get it reset at the Citizens' Office.

Your blocking code

If your ID card has been stolen or it has been lost, you can block the eID card function at any time by calling the blocking hotline. To block your card, you will need your first name, surname and date of birth as well as your blocking code that was specified in your PIN letter.

You can find out what you need to know or do if your ID card is lost or stolen on the ID card portal.

How you can contribute to security

Please also read the security information for handling your ID card and PIN on the ID card portal.