BAMF - Bundesamt für Migration und Flüchtlinge - Data protection and data security

Navigation and service

Go to:

to welcome page

Focus on people - support and integrate

Data protection and data security

The electronic residence title offers a very high level of security for your data. It improves protection from identity theft and ensures that your personal data are secure. Technical mechanisms ensure that information is not read, copied or amended without authorisation.

In contrast to simple radio chips that are used in key cards or ski passes, for example, the electronic residence title does not send the information stored on it to every data reader device. The distance between card reader and card is limited to just a few centimetres.
Before data are transmitted, the card checks if the office or authority making the enquiry has the right to consult the data.  It is not possible to read your data from a great distance without it being noticed.
In addition, all information and transmissions are securely protected with internationally recognised and established technical procedures (encryption and signature).

Biometric data

The electronic residence title contains a digital photograph and two digital finger prints. These features, known as "biometric features" are used exclusively by state authorities to securely establish the authenticity of the document and if it belongs to the holder. In accordance with legal conditions the biometric details may be viewed only by authorised state offices such as:

  • The Federal Office for Migration and Refugees (BAMF)
  • Local foreign affairs offices
  • Federal and Länder police
  • Offices of the Customs Administration for combating illegal employment of foreign nationals
  • Other Customs Administration departments
  • Federal Office for Goods Transport
  • Federal Employment Agency
  • Social services authorities (e.g. for welfare assistance)

The finger print data will remain stored at the local foreign affairs office until you collect your electronic residence title. They will then be permanently deleted when you receive your new document at the latest. Similarly, Bundesdruckerei GmbH, which produces the electronic residence title, will not store any of your data. As soon as you collect your new document, the finger print data will only be stored in the chip in your electronic residence title. It is not legally permitted to maintain a nationwide biometric database.

You can be asked to place your fingers on a relevant device at inspection points. This device will then compare the fingers on the device with the finger print data stored in the chip on your electronic residence title. The comparison will only take place between you and your electronic residence title.

Supplementary conditions (obligations)

If an electronic residence title is issued with supplementary conditions, these supplementary conditions will also be stored in the electronic residence title's chip. Only official authorities (e.g. police and customs) may access the supplementary conditions. To do this, the document must be available. It is not possible for the data to be read out via the internet.

You maintain full control – use of the on-line identity function

Your personal data are also secure on the internet. Only someone who has the electronic residence title in his possession and who knows the 6-digit secret number (PIN) can release information for electronic transmission.
To do this you will identify yourself with your electronic residence title to service providers who have been checked and authorised by the state Issuing Unit for Terminal Certificates (Vergabestelle für Berechtigungszertifikate) (VfB). Only these providers have the technical facility to read their customers' identity data. The Issuing Unit checks each individual service provider to see if it is complying with data protection conditions and to find out which data are actually required to develop the service.
Ultimately, you decide, by inputting your PIN, which data will be transmitted.

Your contribution to ensuring the security of your electronic residence title on the internet

The entire system that protects electronic residence title data from unauthorised access is set at an extremely high technical security level. The security level of the chip itself is of the highest possible standard. All the protocols and mechanisms used for the electronic residence title have been tested by specialists. The security is however also dependent on the security mechanisms of your computer.

Therefore you must also contribute towards maintaining permanent security. Please use your electronic residence title as carefully as you would your credit and debit cards. Take careful note of the following instructions:

  • Always keep your electronic residence title secure. Do not leave it unattended if another person could gain access to it.
  • A very important issue for protecting your personal data is protecting your PIN. Do not give your PIN to anyone else. If you write down your PIN, do not keep it with your electronic residence title (e.g. in your wallet)
  • Never write your PIN on your electronic residence title.
  • If you lose your electronic residence title, you must notify your local foreign affairs office immediately of the loss and have the on-line identity function blocked by the staff there or use the telephone emergency hotline to do so.

Signing contracts securely over the internet using electronic signatures

Your own signature written by hand can be replaced by a "signature certificate" for the legally binding conclusion of digital contracts over the internet. The electronic signature allows the recipient (contractual partner) of a document to see if documents have been altered after they have been digitally signed.

Protecting your data on the internet

  • Regularly update your virus protection programme, firewall, operating system and the AusweisApp (ID application). Use the security updates provided by the relevant software manufacturers.

  • Figure Keyboard AusweisApp

    If you use a basic reader without its own keyboard and you are not sure if your computer is free of malware, use the AusweisApp integrated screen keypad to input your PIN. You can use the mouse for this. You can find more information about reader devices and the AusweisApp under the heading Required equipment
  • Only lay the electronic residence title on the reader device when you want to use it on the internet.
  • Change your PIN regularly. You can do this free of charge and in just a few steps from your own PC. Do not use any combinations of numbers printed on the identity card (e.g. your date of birth or the access number) or sequences of numbers that are easy to guess (e.g. 123456).

You can find more information on this subject and how to use the internet securely on the webpages of the Federal Office for Information Security (BSI).

Date 18.01.2011

Additional Information

This article is available in these languages.

Links

Frequently questions

Are the old residence titles still valid?

The existing residence titles in passports and replacement passport documents retain the validity entered there until 31.08.2021 at the latest.

Why is the electronic residence title being introduced?

All EU member states were obliged to introduce the electronic residence title in order to create a unified residence title for third-country nationals entering the European Union. In addition, the connection between the document holder and the document is to be increased by using biometric data thereby reducing misuse.

Which data are stored on the electronic residence title chip?

The data stored are those printed on the card (e.g. first name/s, surname, address). In addition the chip contains biometric date (fingerprints and photo) and possibly other available incidental information (requirements).

May I see my data stored on the electronic residence title chip?

Every local foreign affairs office is equipped with readers. You can view the data stored on the chip there at any time. To do this, you must present your electronic residence title.

answer all questions