Thousands of ID cards not properly deactivated due to software glitch

Estonian ID Card and card reader.
Estonian ID Card and card reader. Source: Siim Lõvi/ERR

Authorities have discovered that some 15,000 ID cards due to be deactivated in 2014 remained usable for Estonia's e-services for more than a year.

An error in the systems of the Ministry of the Interior's IT and development center, SMIT, prevented the cards from getting fully deactivated, tech news portal reported on Wednesday.

While the physical cards were actually deactivated, their digital certificates remained valid, which means that any accounts of digital services connected to the cards were still accessible with the appropriate information.

As the Police and Border Guard Board (PPA) explained to, the glitch mainly concerned cards that expired automatically, thus affecting the certificates of deceased Estonian residents, cases of name changes e.g. through marriage, and so on.

Of all the cards that remained valid, the certificates of 353 were used after their expiration dates, 258 of which belonged to people that were no longer alive, the PPA told

Looking into the use of those 285 cards, the PPA ascertained illicit use only in a single case, resulting in a currently ongoing criminal investigation.

According to authorities, the problem has been solved, and all the remaining certificates cancelled. SMIT announced that they are preventing similar events from occurring in the future by adding checks to the system.


Download the ERR News app for Android and iOS now and never miss an update!

Editor: Dario Cavegn

Hea lugeja, näeme et kasutate vanemat brauseri versiooni või vähelevinud brauserit.

Parema ja terviklikuma kasutajakogemuse tagamiseks soovitame alla laadida uusim versioon mõnest meie toetatud brauserist: