“Spiegel” report
Hacker uncovers security gap in online ID card
The eID function of the identity card is intended for identification – and apparently has a weak point. A hacker’s findings prompt authorities to investigate.
ID card hack is “realistic” scenario
A spokesman for the Chaos Computer Club (CCC) confirmed to “Spiegel” that the hacker had highlighted a critical point in the eID process on mobile devices. “This is a realistic attack scenario,” the spokesman told the news magazine. “It must be prevented that an ID app other than the officially approved one can register and connect to the cell phone for eID authentication.”
For iPhone and iPad
Apple gives insight: These were the Germans’ favorite apps this year
The hacker informed the responsible Federal Office for Information Security (BSI) about his findings on December 31st. However, the Federal Office told “Spiegel” that it saw no reason to “change the risk assessment when using the eID,” according to the report. This is therefore not an attack on the eID system, but on the users’ end devices. However, an adjustment will be examined.