A look back at the E-residency crisis
What is E-residency?
E-residency was a program launched in 2014 to give non-Estonians access to services that would be otherwise reserved for Estonians. Services such as banking and taxation. The individuals who applied for this service, after a lengthy process of meeting at an Estonian embassy, would get their smart card. This card would be used to log into their account, after a two-step verification, and then can be used to sign documents
The E-residency crisis
As of August 30th, it will be a year since a team of researchers told the Estonian system authority that there was a security flaw in their digital ID cards made between October 16, 2014, and November 25, 2017. The security flaw left 750 000 people at risk for identity theft. The Estonian government then froze all the potential affected cards until the cards were updated to a new security certificate. The owner’s had until March 2018 to do so. The government never released what the security flaw was, and no identity theft was confirmed during that time.
In Estonia, citizens can use their smart card to vote in elections. After the security flaw was revealed, politicians called for a postpone to elections. The fear of elections being hacked was of great concern following the security flaw news.
Where are they going from here?
In the first quarter of 2018 over 7 000 applications were sent in for E-residency, which makes people think 2018 will be the biggest year yet for E-residency. However, with so much information being held on a card: voting ballots, medical records, banking information, can it be trusted with security not much higher than, what we in Canada have, on our credit cards? The fear with the Estonian local elections being hacked I feel was a valid one, more so after what went on in the last federal election in the United States. In the digital age, more and more, information is being kept online and to adapt to the times' something more significant than a card with two-step verification I feel is needed. Credit cards that have a chip, and a pin number, are being abused all the time by those who would steal your identity. Would we trust something similar to hold also our medical records or to hold our voting ballot? We need to look to the future for something more secure; hopefully, it will come soon.
Written by James Hepburn