What is the electronic DNI? The electronic DNI is the document that physically and digitally accredits the identity of the holder, allowing the electronic signature of documents.
This means that said DNI not only fulfills the purpose of identifying natural persons against third parties in any area of common life, but will also serve to carry out all types of electronic transactions so that we are also reliably identified in this type of actions.
Does the above mean that any procedure can be carried out remotely? Indeed, any administrative or commercial process that we must carry out we can do through telematic means with the peace of mind of knowing that our identity will be confirmed through a certification that ensures that the person who performs the transaction is really who is authorized to carry it out.
So, won't you need to go to the different offices or shops to carry out these procedures? That's right, any procedure can be done remotely, forgetting about the uncomfortable movements and desperate queues, thus avoiding the waste of time that both entail. And not only that, but any of the foreseen procedures can be carried out 24 hours a day, seven days a week, so it will no longer depend on the time variable of public administrations. In the same way, we will save ourselves from the tedious bureaucratic work of presenting forms and more forms full of data to one Administration Unit, when that data already operates in another Unit. The Unit that carries out the procedure will provide said data, provided that the interested citizen so authorizes.
What characteristics does the electronic DNI have? To start, say that it is a card built in polycarbonate, which gives it greater robustness than the previous one. The expected duration of said card is ten years. The measures remain the same as those of the traditional DNI, similar to a credit card. It is also necessary to know that all the relevant information of the person is reflected in said document in two different ways.
On the one hand, we have the data related to the holder printed on the card as if it were a normal ID, which makes it easier to know the identity of a person for the purposes of a first affiliation, in the same way that a normal ID does.
On the other hand, the card includes a chip that reminds us of the one that is currently in danger of extinction, cards that were used to replace coins in telephone boxes. The same data that appears printed on the card (personal data, photograph, digitized handwritten signature and digitized fingerprint is included) along with the authentication and electronic signature certificates, which are the data that will be used in said chip. make possible electronic confirmation that the owner whose data appears on the card is who he says it is.
In addition to said personal data, on the chip we find the electronic certificate that the issuing authority for authentication and electronic signature is authorized to grant them. Likewise, the key pair of each electronic certificate, the public key and the private key have been included. This data is housed in two different areas of the chip and, as is logical, these areas are called the public part and the private part. The first contains the basic data of the certificates and the public key and there is no restriction to access it. In the second are the private keys of the citizen, his identity certificate and the corresponding signature certificate. This zone, unlike the first,It will only be accessible by password or through the biometric data of the owner of the same. Finally, we must make special mention of the security area, an area that is only accessible by citizens through their personal identification number or PIN, and there is also an access procedure available to the Administration. The following information is detected in that area: biometric data, citizen affiliation data (the same that are printed on the card) and the card's serial number.biometric data, citizen affiliation data (the same as those printed on the card) and the card's serial number.biometric data, citizen affiliation data (the same as those printed on the card) and the card's serial number.
At a previous time, mention has been made of the comforts that the introduction of the electronic DNI brings, but what other services can it give us? Apart from those indicated above, the possible uses of said document are vast. In principle, and as we have already indicated, the use of this document is completely valid for any type of procedure that is carried out electronically. It can be used both to apply for a scholarship and to present the Income Tax return, access our social security data, or personal information that appears in public databases, in addition to, of course, making secure transactions with companies or private entities that have adapted their systems to the new DNI. To this tenor,The legislation on this matter says that "all natural or legal persons, public or private, will recognize the effectiveness of the national electronic identity document to prove the identity and the other personal data of the owner that appear on it, and to prove the identity of the signatory and the integrity of the signed documents with the electronic signature devices included in it ».
In addition, and according to statements from the different parties involved in the development of the electronic DNI project, this novel identification system is virtually impossible to falsify, so many are the elements that constitute it. Physical security measures visible to the naked eye, such as optically variable inks, reliefs and security funds, or visible by optical and electronic means such as inks visible with ultraviolet light or micro-writing; as well as digital security measures such as encryption of chip data or access to it by PIN, ensure a level of protection of the chip until it is practically inviolable or falsifiable.
From what seems, the electronic DNI does not contribute but benefits, is not it? Well, to be fair, the reality is that it is not without its drawbacks. First of all, we all have a doubt when it comes to this document, how do we read the chip? Everything is apparently perfect, but how are we going to carry out procedures late at night from the comfort of our home if we do not have how to read the chip? Obviously, for this we need a series of elements that facilitate this task.
On the one hand we will need hardware elements that accept the new DNI. These elements would be: a personal computer (according to the National Police Corps, which informs us through the website created in order to provide guidance on the electronic DNI, must be Intel –after Pentium III- or similar technology) and Of course, a smart card reader that must comply with the ISO 7816 standard.
On the other hand, the software elements that the machine must gather are also specified in said portal. As for operating systems, it seems that it accepts everything, be it Windows, Unix, Linux or Mac. To carry out the necessary procedures, browsers may be Explorer (from version 6.0), Firefox (version 1.5) or Netscape (version 4.78).
Lastly, and as usually happens with cryptographic cards in general, and as it happens with the electronic DNI in particular, the equipment must have cryptographic modules installed. For Windows, the CSP service or “Cryptographic Service Provider” will be necessary and for the rest, the module will be PKCS # 11. Both modules are easily downloadable from the electronic DNI page that the Police have available to users.
We must also bear in mind that carrying out private procedures such as purchases with this document, will not always be possible, since this will depend on companies wanting to make an investment in this regard, and adapt their systems to the necessary security guidelines., for which it will be necessary to develop certain security tools that guarantee that the data flow is carried out through secure channels.
All of the above without prejudice to wondering what happens to our data? Are they really sure? In theory, the transactions are completely safe, and the Police databases are safe, but we can only hope that this is the case. Furthermore, what happens to the different entities that have intervened in the different phases of the development and implementation of this document? Entities such as the UTE formed by Indra, Telefónica and Software AG, Siemens, Telvent or Safelayer, could they have access to the data of those who have an electronic ID? All these questions arise from the growing wave of concern that has been unleashed regarding the privacy and security of our personal data, questions for which, at least for now, we have no answer.
Despite the “small” inconveniences that we face, it should be considered that the introduction of the new electronic DNI represents a step forward in terms of comfort and security in our day-to-day transactions, saving time, effort and frustration for individuals. that, sooner or later, we are obliged to face different procedures, either with the Administration or with companies that offer us their different products or services.
www.audea.com
Contributed by: Elena Ortega de Nicolás
