Gemalto, PPA reach compromise over ID-card security weakness

Estonian ID-card.
Estonian ID-card. Source: Siim Lõvi/ERR

The Police and Border Guard Board (PPA) and Gemalto AG, now named Thales Group, have signed a compromise agreement, in which Gemalto will pay the state €2.2 million in compensation.

The compromise agreement resolves claims related to the potential weakness of the Estonian electronic identity card that emerged in 2017, the PPA said.

More than three years ago, the PPA and Gemalto AG addressed a potential security vulnerability identified in the electronic identity cards. The problem arose from cryptography libraries supplied by a chip manufacturer subcontracted to Gemalto AG. The joint solution developed to eliminate the threat prevented possible security breaches of citizens' ID-cards.

Krista Aas, deputy director general of the PPA, said several months of negotiations with the ID-card supplier have now been completed and the parties have reached a compromise agreement.

She added that the agreement enables them to avoid a lengthy and burdensome court dispute. "We can conclude this chapter and focus on offering new e-government solutions for the benefit of Estonian citizens," Aas said.

The Police and Border Guard Board's ID-card production agreement with Gemalto AG was valid until the end of 2018.


Follow ERR News on Facebook and Twitter and never miss an update!

Editor: Helen Wright

Hea lugeja, näeme et kasutate vanemat brauseri versiooni või vähelevinud brauserit.

Parema ja terviklikuma kasutajakogemuse tagamiseks soovitame alla laadida uusim versioon mõnest meie toetatud brauserist: