Mobile phone signature

Qualified electronic signatures carried out with the mobile phone.

  1. Architecture/Technology
  2. Procedure
  3. Impact
Digital signature

The citizen card concept offers functionality for the identification and authentication and – by using qualified electronic signatures – constitutes the foundation for legal security.

As the citizen card concept is built upon open standards, it allows all signature cards and storage mediums, which fulfil citizen card specifications and legal requirements to be used. The concept just determines certain standards in terms of functionality. There are no restrictions to the concrete, technical implementation as long as the legal requirements (such as usage of "secure signature creation devices") are met. This fosters solutions in different technology sectors such as the mobile phone sector.

Starting in the fourth Quarter 2009 the so-called mobile phone signature will offer a comfortable alternative to the current smartcards. This server-based citizen card solution for qualified electronic signatures means a further important step towards usability and dissemination of modern E-Government services.


The mobile phone signature builds upon the two factor authentication approach as it is known from the smartcard concept – knowledge and possession. The sole control of the signature keys by the signatory was implemented by combining "knowledge" (the knowledge of a PIN) with "possession" (holding the mobile phone).

The server (hardware security module) safely stores the cryptographic keys. Apart from private keys and the corresponding certificates, some personal data (identity link structure) that are needed for authentication - are securely stored on the server. After registration citizens have to define a secrecy PIN which is used to decrypt and trigger the private key for electronic signature. Each time the server carries out a signature on behalf of a citizen the specific secrecy PIN has to be entered to unlock (decrypt) the private key. The signatory's PIN (a chosen password) is used as a factor to encrypt the signature keys, possession of the corresponding mobile phone gets proven by an ephemeral transaction number (TAN) sent via text message. The ephemeral TAN is valid for a couple of minutes only. This procedure ensures that the private key is under the sole control of its owner.


A so-called security layer (interface between an application and the signature card/mobile phone) offers access to the citizen card functions for the purposes of identification and signature. The security layer is embedded in the citizen card environment software as middleware and fulfils the following requirements:

Hardware and technology-independence: The application only has access to the logical view of the functionality and does not see how the token is implemented. Therefore, the type of token which carries out the signature function, whether on a smartcard or any other usable device as it is the case with the mobile phone signature, should be irrelevant to the application.

Independence of cryptographic algorithms: Over time, scientific and technological advances lessen the security of cryptographic operations. Therefore, these algorithms must be able to be replaced without impacting the application.


Users benefit in several ways from the further development of the citizen card concept - they will save money and time.

As users do no longer have to install certain software on their PC, they don't need special computer skills or technical knowledge to use their mobile "citizen card", i.e.

  • to place their qualified electronic signature on contracts,
  • use it for official applications,
  • in the fields of electronic billing,
  • E-Banking,
  • E-Payment or
  • logon processes.

The use of familiar technology (mobile phone) helps to get confident with the new offer. Furthermore acquisition costs for smartcards or smartcard readers – so far a big hurdle in the rollout process – are a thing of the past. Everything at a proven, high security level.