According to the Online Access Act (OZG), user accounts can be used for identification and authentication when using digital administrative services. User identification is always fleeting, which is why consent to submitting an application cannot be verified in subsequent processes without further measures. Thanks to Governikus ID Crucis, verifiable consent from multiple applicants can now be given easily and conveniently at different times on different devices.
Project "Further development of ID Crucis"
Governikus ID Crucis is a central building block for verifiable consent to a digital application by one or more persons or companies. In the context of administrative digitization, ID Crucis is therefore an optimal addition for all EfA processes as well as other OZG services, especially in combination with the BundID or the company account. Consent represents the declaration of intent to submit an application. This can be given in writing by digitally replacing the manual signature, or for administrative services without a written form requirement.
As part of the "Further development of ID Crucis" project funded by the digitalization budget, the Governikus solution has been improved so that the approval of several applicants can also take place separately at different times on different devices. This significantly increases the user-friendliness of many OZG applications or even makes them usable digitally for the first time. With ID Crucis, the link between the application (form) and the written form-replacing identification required by the OZG and the technical guidelines of the BSI is realized. This ensures proof of the origin of the data (authenticity) and protection of the data against changes (integrity). For this purpose, the identity data and the consent data, including the identification method, are summarized in the application PDF and uniformly presented in a consent report for one or more applicants. It is therefore possible to check and permanently preserve the evidential value of the consents to the application in all subsequent processes.
Technical and data protection challenges
Ensuring the legally compliant consent of several people to an application, regardless of time and place, is probably the biggest challenge in the whole process. This is because, in addition to the legal basis for processing under data protection law, (data) security and information obligations must also be fulfilled. Together with the ID Crucis server application, data protection documents are provided that can be viewed, adapted as required and easily integrated by the operator's security management team.
Governikus ID Crucis is available free of charge to federal, state and local authorities as part of the IT-Planungsrat product "Governikus Application".