You are here
Chair of Information and Communication Business Management & Economics
TU Dresden involved in OPTIMOS 2.0 project: Secure eID services for the promotion of smart services.
Quite a few people have despaired of this at one time or another: complex and time-consuming registration processes for online or mobile services. One example is the registration for car-sharing services. According to the law in Germany, their providers must ensure that the car-sharing user is in possession of a valid driver's license. The associated validation process has been relatively complex to date, and handling it has been challenging and cumbersome for the user: The driver's license is checked either in person at a local service center or a Deutsche Post sales outlet, or via electronic video or photo identification processes.
An end-to-end digital solution to simplify these and similar processes in the eID, eGovernment, Internet of Things and mobility market sectors - and to ensure the highest security standards - is offered by the new OPTIMOS 2.0 technology. At its heart is an ecosystem that provides the technologies for secure electronic identities (eID). "This creates an essential basis for relevant service providers to now offer their customers mobile eID services with the protection level 'substantial' - in accordance with the EU Regulation on electronic identification and trust services for electronic transactions (eIDAS)," explains Prof. Ulrike Stopka, Head of the Chair of Information and Communication Business Management & Economics at the "Friedrich List” Faculty of Transport and Traffic Sciences at TU Dresden.
Main application: Transfer and secure storage of eID on mobile devices
A main application developed by the partners in the consortium project is to transfer the electronic identity from the ID card (PA data) to a personal mobile device and store it securely there. The new technology allows verified personal data from the derived eID to be entered directly into registration forms without using the physical ID card. "On the one hand, this enables registration processes for customers to be carried out much more quickly and conveniently in a one-step procedure without manual data entry. On the other hand, service providers using this technology receive verified data. This helps minimize time-consuming verification processes," explains Ulrike Stopka.
Access to stored data via newly developed Trusted Services Manager
The research and development work in the OPTIMOS 2.0 project focused on standardized hardware-based data storage on "Secure Elements" (SE). These are either permanently installed in a mobile device, "embedded Secure Elements" (eSE), or integrated on the Universal Integrated Circuit Card (UICC) or SIM cards. End device manufacturers such as Samsung and mobile network operators such as Vodafone or Deutsche Telekom as SE owners provide access to their SEs. For this purpose, the OPTIMOS 2.0 project developed the Trusted Service Manager (TSM). Service providers such as car sharers, public transport companies, hotels, public administrations can gain access to the SEs via the TSM. The TSM then acts as an intermediary and thus the only contractual partner that manages the data or applets stored on the SEs in the users' personal mobile devices.
Further deployment scenarios for safety-critical applications in mobile services
In addition to simplified registration processes, the OPTIMOS 2.0 technology with its central TSM platform offers a wide range of further application scenarios for security-critical applications in mobile services, such as the storage of car keys in car-sharing services, room keys in hotels, or the storage of high-priced tickets in public passenger transport.
As a result, the establishment of the OPTIMOS 2.0 infrastructure demonstrated that, on this basis, new application fields and usage scenarios for the use of the electronic ID card are possible and easy to use for citizens. This means that the use of online services in e-government can also be promoted in accordance with the German government's Online Access Improvement Act (OZG).
The OPTIMOS 2.0 project, in which the Chair of Information and Communication Business Management & Economics for the TU Dresden participated as a consortium partner, is embedded in the Smart Service World II technology programme of the German Federal Ministry for Economic Affairs and Energy. The project was started in 2018 and has now been completed in 2021.
Further information:
Studies: Within the project and the project duration, two project reports/studies have been produced at the Chair of Information and Communication Business Management & Economics, which are available as PDF versions (in German) at:
- Study: Registration processes of online and mobile services with a special focus on car sharing services
- Study: Usability test of the mobile TicketIssuance App using the OPTIMOS 2.0 technology
Consortium partners in the OPTIMOS 2.0 project
Bundesdruckerei GmbH (consortium leader), Cantamen GmbH, Freie Universität Berlin, Giesecke+Devrient Mobile Security GmbH, KAPRION Technologies GmbH, NXP Semiconductors Germany GmbH, Technische Universität Dresden, T-Systems International GmbH
Work areas of TU Dresden in the consortium project OPTIMOS 2.0
The sub-project of the TU Dresden, which was worked on by the Chair of Information and Communication Business Management & Economics, focused in the context of the accompanying scientific research on
- the development of business models, the role model of all partners in the open ecosystem of all partners in the open ecosystem as well as a billing model,
- acceptance studies in the area of registration processes and car sharing and
- usability tests of the TicketIssuance app developed in the project by KAPRION Technology GmbH.
Contact person for the OPTIMOS 2.0 project at TU Dresden
Prof. Dr. oec. habil. Ulrike Stopka
Leader oft he Chair of Information and Communication Business Management & Economics
"Friedrich List" Faculty of Transport and Traffic Sciences, TU Dresden
Mail: ulrike.stopka@tu-dresden.de
Phone: 0351 463-36820
This creates an essential basis for relevant service providers to now offer their customers mobile eID services with the protection level 'substantial'.