BAMF - Bundesamt für Migration und Flüchtlinge - Required equipment

Navigation and service

Required equipment

This is what you need to use all the functions of the new electronic residence title securely.

Using both the online identification function and the signature function is voluntary. You may decide if you wish to use these functions. For use at home, you will need the following components.

The reader

The most important component is a card reader that is equipped for cards with a contactless interface. A basic reader is sufficient for the online identification function. By contrast, for the signature function, a "premium reader" with its own display and a separate keypad (PIN pad) is required to input the signature PIN.

Readers are available in the shops. The Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik - BSI) recommends using certified card readers. A list of available readers is available on the Federal Network Agency’s website.

There are three types of reader:

  1. Basic card reader
  2. Standard card reader
  3. Premium card reader

Whereas standard and premium card readers have their own keyboard to input the PIN and their own display, you must input the PIN via your computer or screen keyboard when using a basic card reader.

display as attention: Note

Only premium card readers support the electronic signature function of the electronic residence title.

Security of readers

If you would like to use a reasonably-priced basic reader that does not have its own keyboard, you should preferably only use the "AusweisApp"' software's on-screen keyboard, which is operated using the mouse. If your computer is not protected with an up-to-date virus scanner, firewall and current operating system software and you are using a basic reader, it is possible for a "keylogger", a type of malware, to record your keystrokes, and sometimes even to record your PIN and pass the details on to third parties.

In this regard, standard or premium readers offer greater security because you input your confidential details (PIN) using a separate keypad.

However, it is not possible for someone to abuse the system simply by accessing your PIN. In addition to knowing the PIN, the attacker must also have access to the electronic residence title. The title should therefore always be kept safe. This means only placing it on the card reader if you want to use the card on the Internet.

The most important prerequisite for your security is that your computer is free of viruses and malware. If you follow the instructions in the Data protection and Data security sections, you do not need to worry when using the electronic residence title on the Internet.

The software

To achieve a connection between your computer and the identification, you need driver software, which has to be installed on your computer.

This software, called "AusweisApp" is available free of charge.

The AusweisApp is available for the following operating systems:

  • Windows XP, Windows Vista and Windows 7
  • Mac OS X (from 30 November 2010)
  • Linux for the Ubuntu, OpenSuse and Debian distributions

In the interest of your security

To protect your data when using these new electronic functions, you will receive a "PIN letter" from the Bundesdruckerei GmbH (Federal Printing Office).  This contains a confidential 5-digit number (transport PIN), a 10-digit unlock key (PUK) and a locking password.

PIN (confidential number)

The PIN is a confidential 6-digit code consisting solely of numbers.

display as attention: Note

When the electronic residence title is issued, a 5-digit transport PIN ensures access to the online identity function. After you have received the electronic residence title, you will need to replace the transport PIN by your personal 6-digit PIN. Only then can it be used for the online identity function.

You can change the transport PIN to a personal PIN either at home with the aid of the card reader or at your local immigration office. You should not use a combination of digits that would be easy to guess (e.g. 123456, a date of birth, or figures that are printed on the electronic residence title). You can change the PIN as many times as you like. The PIN is always required to use the online identity function.

In the event that you input the PIN incorrectly on two consecutive occasions, you will be required to input the access number on the front of your electronic residence title. If this attempt to access the system also fails, your PIN will be blocked. The block can only be removed by inputting the release number (PUK).

If you have forgotten your PIN, you can pay for a new PIN to be set at your local immigration office.

Signature PIN (only for the signature function)

You will require your own signature PIN to use the qualified electronic signature function. You set this yourself when you receive a signature certificate and store it on your electronic residence title.

PUK (release number)

The PUK is a 10-digit number. It is used to release a PIN that has been blocked after the wrong combination of numbers have been input three times in a row.

Please note that the PUK can only be used ten times. After this, a block can only be removed by resetting the PIN in the local immigration office. It is recommended that you only scratch off the film concealing the PUK when you need it to release a blocked PIN.

Locking password

If your electronic residence title is stolen or lost, you must have the online identity function blocked. To do this you will have to tell the blocking hotline staff or the local immigration office the locking password. It is useful to have a word that is easy to remember (e.g. locomotive).

Further information on blocking the online identity function or the signature function can be found under "Data protection".

display as attention: Protecting your information

Never write your PIN, PUK or locking password on the electronic residence title itself. Under no circumstances should you tell anyone else these secret codes. Keep the data in a safe place and never file them away beside the electronic residence title.

Date 17 December 2015

Additional Information

Frequently questions

Are fingerprints stored in the local immigration office permanently?

No. They are stored until the electronic residence title is given to the applicant. After this, the data are deleted irrevocably.

Are my data secure from hackers during transmission?

Your data are encrypted every time they are transmitted. All information and transmissions are protected with internationally recognised and established encryption processes.

Each provider wishing to use the electronic residence title for its services must apply for the relevant state authorisation certificate from the Issuing Office for Authorisation Certificates [Vergabestelle für Berechtigungszertifikate (VfB)] which is part of the Federal Office of Administration [Bundesverwaltungsamt]. The Issuing Office has strict rules about the data required to perform the service.

Are my data secure when using the internet?

Yes, your personal data are in fact more secure than if you were to use the internet without an electronic residence title when shopping or participating on social networking sites. The on-line identity function checks before each action whether the service provider really is the one it purports to be.

Are the old residence titles still valid?

The existing residence titles in passports and replacement passport documents retain the validity entered there until 31.08.2021 at the latest.