locxter.net

A quick look at using eID in an open source environment

2024-07-17

Recently I had to use the new eID functionality of my German ID card to identify myself in order to open a new bank account and was amazed that I got it working in my open source environment with Linux as my desktop operating system and CalyxOS (or any other custom Android ROM without Google Play Services for that matter) on my phone after a bit of trial and error. We should certainly discuss whether we as a society want an online ID system and what implications it has (security vulnerabilities, public surveillance etc.), but this isn't the topic of today's article. Instead I want to share my tried and tested method of actually using eID in an open source environment...

First and foremost, huge props to the German government for developing the AusweisApp, which is the official eID client and reference implementation, as open source with all the code available on GitHub . Even crazier is that they haven't just published it in the popular desktop and mobile app stores, but also on F-Droid and in the package repositories of many Linux distributions as shown on their website . This really cross-platform approach also explains why it doesn't rely on any Google Play Services to run, which is a nice exception in a world where you have to live without many helpful apps if you are unwilling to use Google proprietary spy services and exactly how a public entity like a government should develop software. Since there still is some feature-breaking development of the app going on and not every way of installation as well as usage will work, here is what has proven to be reliable for me:

• Install the Android app via F-Droid and make sure that your smartphone supports NFC via the integrated self-check functionality ( Check device and ID card option).
• Install the desktop app via Flathub to ensure you have the newest version and disable your firewall (for UFW via sudo ufw disable ) if it is running for the duration of the eID identification process.
• Connect your smartphone to your desktop as a card reader with the following steps:
  • Select the Card reader tab in the mobile app and hit Enable NFC .
  • Then select Pair device on your phone and go into Settings and then the Smartphone as card reader menu on your desktop.
  • Select your device that's showing up under Add pairing and enter the pairing code displayed on your phone.
  • If you have restarted the phone app in between, make sure to select Allow connection in the Card reader tab before proceeding.
• Now check that everything works by selecting the See my personal data menu point on your desktop and following the instructions.
• Finally, navigate to your desired eID authentification use case, select the Use AusweisApp option or how it's called and follow the instructions. Everything should work now and once done you should be redirected back to where you started and get a success message.

With that said, I hope you found this article helpful even though the eID functionality is still rather rarely used. Feel free to share your thoughts and opinions in the comments down below and have a lovely day.

RSS feed