authega logo
More options
Your browser is not supported

Your browser or browser version is not (or no longer) supported by authega. This may lead to display or functional problems. In order to continue using authega, we therefore recommend to use a current and supported browser.

For more information, please see the Help under System requirements.

Warning

Help

Back to overview

IT-Security

Basic knowledge

To ensure that you are actually connected to authega via a secure connection, your browser checks whether the automatically transmitted electronic certificate is valid. This is how you determine that your communication partner is really authega or that it is the corresponding authega certificate. The authega certificate is used to bind a cryptographic, public key to authega. The binding of the key to authega is in turn cryptographically secured with an electronic signature from a trustworthy third party, an internationally recognized trust center.

  • The certificate of the trusted trust center is already included in all browsers, so this property can be checked automatically. In addition, the following two certificate properties are automatically checked:
  • The domain name for which the authega certificate used for the secure internet connection was issued must match the actual domain name of the web server (e.g. www.authega.bayern.de).
  • The certificate must be valid. For security reasons, server certificates are only issued for a certain period of time and are regularly renewed by the operator of the authega website.

If at least one of the three checks above fails, a browser warning is displayed to the user. In this case, authega should not be used, but the hotline should be contacted.

The encrypted electronic connection to authega is made via the recognized internet protocol HTTPS (TLS 1.2). The basis is a 3072 bit authentication from authega via the authega certificate to your computer according to the asymmetrical, cryptographic RSA procedure. The data transmission is encrypted using a symmetrical, cryptographic procedure that corresponds to the current state of security technology (see BSI Technical guidelines). The necessary symmetrical key is generated as a random number on your computer during registration and is communicated to authega, encrypted using the RSA method. Only your computer and authega know the symmetric key with which the communication can be decrypted.

Within the methods of authentication with certificate file, signature card or mobile device, asymmetrical cryptographic methods are used.

  • RSA for the login with certificate file and the associated certificate
  • RSA for the login with signature card and the associated certificate (elliptical curves planned)
  • RSA or ECC (elliptical curves) for the login with mobile device

In most browsers you can check the validity of the authega certificate via the lock symbol in the address bar. Compare the electronic fingerprint in the further explanations on the authega certificate. The valid electronic SHA256 fingerprint is: c0b796423dbae27f97c298adf71bf367d29de772a281e086d08254b1bd2e59c8.

The electronic fingerprint of a certificate uniquely identifies it; it cannot be forged or originate from another source. You can use the electronic fingerprint of the Root CA AuthegaRootCA certificate to verify that the certificate originates from authega.
The electronic fingerprint (SHA-1) of the current AuthegaRootCA certificate from 2023 is: 905bc19704acf4d4b9a8478a4a406a4c77335aea

The electronic fingerprint (SHA-1) of the previous AuthegaRootCA certificate from 2017 is: 4cbf6aa84b3a9119eb98e35398752ba191374234

The IdP certificate ensures the trustworthiness of authentication. The service provider uses the IdP certificate to verify that the authentication data originates from the IdP and has been signed by it. Expired or compromised certificates pose a significant security risk, therefore the certificate is regularly checked and renewed in a timely manner.

The currently used IdP certificate is:

Production:

-----BEGIN CERTIFICATE-----

MIIGazCCBB+gAwIBAgIDD05kMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZIAWUDBAIB
BQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIBBQCiAwIBIDBHMQswCQYDVQQG
EwJERTEQMA4GA1UEChMHQXV0aGVnYTELMAkGA1UECxMCQ0ExGTAXBgNVBAMTEEF1
dGhlZ2FEZXZpY2VzQ0EwHhcNMjQwNDE4MDg0NTUxWhcNMjkwNDE4MDg0NTUxWjA9
MQswCQYDVQQGEwJERTEQMA4GA1UEChMHYXV0aGVnYTEcMBoGA1UEAxMTYXV0aGVn
YSBJZFAgU2lnbmluZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKw2
e8Pt4sHEo1/zpY+WRyxOIrvfaNwle4S1/LuRpf7LRZvQKUstVfON/kkeEXQPtQiE
s1mqV75BfCbmdp1sXLzkkuzczzIGqHHUxI4I7BZVn87+YRwPo1RADzINfpeAU10n
jmGLEtEKRNolB6o+ROplFkM797Qy8mEZNhpVForEhqekVtvmmcOIF8yNXOZcApKK
NEFciZITY3r/t9fSNjgn4LBL7KPbdBpgYX1XoKIKY6Qz0bzeectzMIibv1mhmv6O
dk5PEWM2m3/s4zrphgPDdt4nudUxmTJKcHQeYPbPUvruuwll9dkAqTkCkksaUKTo
x9875QUPK4AfUS6T5jO5IICHdL3d57d6xXHAaO+H68+vWaO8OX2WLsIejnLBb2AK
LZVyKbtEkjyDwMEgWiE3TguaUow4NBc9WRlLgMyE+VklFssgwuL1FJhmdi8B0yF1
TMmhxK6++HOOky57WTEf+WdT6M8emoB7cqIjISiVn+1S7ncuBrG70iA3/Ihg6oyq
5jVpYs6kkNu0OL4y8eUuWT0K48ZKYzcLmXvPioBxhZ94fZYOgumeCY3Hp5Jc4oiP
qCAtRGLjW5l/4whvvwFLXIDvkZumnWaTAsbjtBs8IkBm58vhGkNbtH7tE56h9MhZ
G/PaRNpkXPJTd8jNG+b+ZWwZTdV1JV8C1Dg9h5erAgMBAAGjggEAMIH9MA4GA1Ud
DwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAAMEYGA1UdHwQ/MD0wO6A5oDeGNWh0dHA6
Ly93d3cuYXV0aGVnYS5iYXllcm4uZGUvY3JsL0F1dGhlZ2FEZXZpY2VzQ0EuY3Js
MB0GA1UdDgQWBBT2GDkeWqAxPc93ovKoaHlDvE/G5DB2BgNVHSMEbzBtgBROYn8h
5Ad/azn2H5RrK+TY2WX9/KFPpE0wSzELMAkGA1UEBhMCREUxEDAOBgNVBAoTB0F1
dGhlZ2ExEjAQBgNVBAsTCVJvb3RDQURldjEWMBQGA1UEAxMNQXV0aGVnYVJvb3RD
QYIEO5rKSzBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQCAQUAoRwwGgYJKoZI
hvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASADggIBACuXlVTWnVXCybN764bGNzbG
BBkz5dqU4UVqfg++Lf4BZvzduLj+6n1YcyyA/WKLHzExwGfuz5/7zmmGZNjJYaON
Svm7nQ828MPjW61dq5xw9+4+d+Ph2TyHswJtB1JgUk9Wjwy/pqSI84Ywq4iBWvFk
u/NCT7ZFHBoiBOQViR43iQIkwkvM8lxAXnPmgVnYHp65VFCkID4ujP8u1tjd9b2P
A8bZXabeVMy6kIgE+CzJM1axtER0gxgNGXjQsrTSyJcPsW9In/3vcuQA1ScAnjOR
sdI1V9plBmA5VzeodJqUnfVZvCyoB4vJWSKat5GKELBKqXl/e/iJfiY/BeY2U0QF
LSweftB6Gv4/01nYPWLU/VmbGi3tI0stq1OiyIDUwHPlDQ8eic/og8e9iLKJFb3X
Tt5ytcEA3Qw7Ft2Dk+HL4HhMWU4OJea0a/1fmovCkgDkoJZWxl+QtWTRsxPU2k1O
8TGejpE9Doxi1c9EBTQ7Pgjw1jsNDy1nP75p40fz47g4IaAu7Zw0fL0HP9kvJwPV
xlVuG7t+EOpUgt3nHfDae4LDW0lfQ5XqVUb1bmwzqp2RZj1IpWiAdOm0P/Mw/2Xb
uocyqgEJU+mpZbRfJIkYjGcO3an6aQ9QQnHwbXj10j1PpV+fCVNpX8JkkOH8qeRB
O2em/oBoGCi7wLoMn/G9

-----END CERTIFICATE-----

Reference System:

-----BEGIN CERTIFICATE-----

MIIGfDCCBDCgAwIBAgIEAJiabTBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQC
AQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASAwSjELMAkGA1UE
BhMCREUxEDAOBgNVBAoTB0F1dGhlZ2ExCzAJBgNVBAsTAkNBMRwwGgYDVQQDExNB
dXRoZWdhRGV2aWNlc0NBUmVmMB4XDTI0MTAwMjEzNTIwN1oXDTMwMTAwMjEzNTIw
N1owPDELMAkGA1UEBhMCREUxDzANBgNVBAoTBkVsc3RlcjEcMBoGA1UEAxMTYXV0
aGVnYSBJZFAgU2lnbmluZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
AMZZcBpkc5v2v9BjAujmfjeNJfXMmCvxTYtLJmxKTgeC6oHUu7F1SneM0FirWDEt
8197dgO6bxZ51/k3PWjvXL6N27PyDfa8qxJLaKb6vpG4FjRZLVJSJN9EsKrWCHbg
OUpT4sK2Ncet7m/ZJzP9vErYNOe9tyETUH2NdIIPe+lxsFV9fq0dGUnxiIDiq2ND
5FgwdR8QuuvA9ve5pB39Ow3MBCdEkff81U+QP8yS6OtYQsAuQ1rbUp2klUDxeHl3
vtR0DwE6SJu2/wnP2VGIirCTdECUJznjjYF1K8uO/9H8QELoijaYoLIHJfNj58X8
TQNgZPTwjdn1B/N64pkJxUcwzw1dfx8sCajYmImmrUdvZbtPEZK39bv41wh0FG3b
xmlucQkD0ouFzQa6yXCPs6EgD8oT4j6imwQc0I0js8F16svoHi8ayl8WIo+9JGOR
3qFAz0f7bj+IsD1/pwvN0BPBT3rIJpiCfALlQjMXyF2O+SyL4Okh1lJbQlwECpm4
5nbyLBzQSJhWAalq3uJqrJZSIpRXbtdfXpyd+0Trya39z2PmiwjLYCcJk/wqE54Z
Q1oWm0rjgEAXuSLWBVK7YtRbpHasOSJb1/SBcCMD87jrIwnUwowgNvbPKXjWqxK+
Wrd0lkNHfwZvP3CIoT5haV0bNKeRKhosNHHPWnBljdlJAgMBAAGjggEOMIIBCjAO
BgNVHQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIwADBPBgNVHR8ESDBGMESgQqBAhj5o
dHRwczovL3JlZmVyZW56LmF1dGhlZ2EuYmF5ZXJuLmRlL2NybC9BdXRoZWdhRGV2
aWNlc0NBUmVmLmNybDAdBgNVHQ4EFgQUgg86AkIrIP6bTfVKt3/taA+WSpAwegYD
VR0jBHMwcYAU+qiU+SbOG75DR0Mm6lhN9v/9MbKhU6RRME8xCzAJBgNVBAYTAkRF
MRAwDgYDVQQKEwdBdXRoZWdhMRMwEQYDVQQLEwpSb290Q0FUZXN0MRkwFwYDVQQD
ExBBdXRoZWdhUm9vdENBUmVmggQ7ms3sMEEGCSqGSIb3DQEBCjA0oA8wDQYJYIZI
AWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIBBQCiAwIBIAOCAgEA
O3satbE+SwG/P8YzVJXTo//WBKnW2r9yE0nbBLIEa/1N4aPqh6KxbYD01yBb6Q06
HHq5NoxHNYF+PTqF7tiACFUXvSyoeFOGyc+3GcjGCkr/759yzsVIUyX6dkSyr7kt
HwJenq9UaiaFdtG390UT4vKnC2k7uQ+ekJBp5HuE/1YIQeRWDXDkPczE9HvJ0OPM
CiZiJCVlwyvPAtOBt/Ny1Nx1oJD6sSWt6QIIlYCavNquUnr2u0jh3JRigajs8yRJ
Y2thR2Z1OMV0M9sIOrFZoPpWOg217AffnruirTC9KGqxm+45Jva+f0Mu0jexeQc+
wDmPRM+9PTHi+VIYZzuSh53RZ1JoGNQlP/wTaNZJmvip9qOtbAtkQnQrVakfN6zY
78iP1IU7mNF8pE87tWb1FC+fai704fGo505BebjCUr0hae5x6odSmIQK1l3dKQyd
ceWzOq9qbFcqPNNR93FvP7zuq5JmQsfkvbWsZKLLZG32wtEYU0GZ+x3k3bVxhl4d
E3OS7ldwHOehAGTTtkWXUa62kp1f4gZkkfqkzWxeo41VH615yPY4DtSdSLFmOJUw
Ly0gevstahzy8RIL55TM0d5zqNQM32bHWG8zXBQIEsCK77xrg8PHVWOgOViF5SXy
o5E3MQYDVvhcYdzoMb89RGkCFD+FI0ztTaQIMrDGWlc=

-----END CERTIFICATE-----

Integration System:

-----BEGIN CERTIFICATE-----

MIIGfzCCBDOgAwIBAgIEAJiabTBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQC
AQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASAwSjELMAkGA1UE
BhMCREUxEDAOBgNVBAoTB0F1dGhlZ2ExCzAJBgNVBAsTAkNBMRwwGgYDVQQDExNB
dXRoZWdhRGV2aWNlc0NBSW50MB4XDTI0MTAwMjEzNTIwN1oXDTMwMTAwMjEzNTIw
N1owPDELMAkGA1UEBhMCREUxDzANBgNVBAoTBkVsc3RlcjEcMBoGA1UEAxMTYXV0
aGVnYSBJZFAgU2lnbmluZzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
ALGP8gHC9NBPrGU5vgMnGg4eAPu24clWqsXgmK8n9lF+WdqoxQGbePQQx4XmjJ2G
3/S9e00yuHvywPaxO5LdBX6AnSRzPJtAaWKcgiL8DSEwm+eoXIUGr0t5aKkZtsYS
cD1RA+Xb24gBytX76R7Nr8g9MfJxtcLBn85DNcZ90YGVhzR6BtOJ+P/WRWVQGq2z
bHoBIj5XIFtPjRqX/+KZsddLVEDRC7X3NDz1yZPD6qK/cCiNiC2NUC/NYJI16BTB
/F7SZ9cLD2Fwks9KYC8FII/pyCdC5N2u26N4mM9u7CYCrJtyoQxQMUVNwE+WcA9B
DibHuWcCDpyE4GEg3/8bo1snLHPZAS19GsiQu+b4mV96mTwNmLtCee7+Qwx0FSQz
kYwZEYENm0MhPV74gqYOw1hy9Teq3tWkbtio5g3rjGq+jMLKHhHoZgyuUGTu5hlc
JjiZ5c26n8Q3ymeNAj1f3GxwTJpfxZsCEb8BerLpytkSfQlaoFQKlAQOIkvhwJK0
qUfyaNuZYRiXEdotlC1qyV/SAR+DVpFSenEyXAIr97GigiRUH2pDq25hhw9E0KPV
/DwgAs8oUTzvsn19A5pV+RWUqYPOR/uAyvCb/TZx0nJv0pn0vd1xxmFNH5vonH6P
FYUEkGc6lHlRpfYHv6R4sKndrRElCPDnYJo0Wpi5YMY7AgMBAAGjggERMIIBDTAO
BgNVHQ8BAf8EBAMCB4AwDAYDVR0TAQH/BAIwADBSBgNVHR8ESzBJMEegRaBDhkFo
dHRwczovL2ludGVncmF0aW9uLmF1dGhlZ2EuYmF5ZXJuLmRlL2NybC9BdXRoZWdh
RGV2aWNlc0NBSW50LmNybDAdBgNVHQ4EFgQUVLkGPiSd5gVYA4ZaKm1xH48S9Ckw
egYDVR0jBHMwcYAU8DQYv86uk1h9btCB+L67aGMLq4ehU6RRME8xCzAJBgNVBAYT
AkRFMRAwDgYDVQQKEwdBdXRoZWdhMRMwEQYDVQQLEwpSb290Q0FUZXN0MRkwFwYD
VQQDExBBdXRoZWdhUm9vdENBSW50ggQ7ms3sMEEGCSqGSIb3DQEBCjA0oA8wDQYJ
YIZIAWUDBAIBBQChHDAaBgkqhkiG9w0BAQgwDQYJYIZIAWUDBAIBBQCiAwIBIAOC
AgEAC7sjPllfJrDGCZ/ENjIlh62D6nSC1xgYcTkXfV5pn/Ye/29JMHrkSe3j+AVL
ra3cGKVRqGUkHqHx0JWTIpPOA2XQQzHiVZG0DA4Qjy0ywBoQGO3sJeCkP1W0N2Yz
BlH/AHuWdUlb1xHXj/SPupUKSa5VbkRvDhYwHn9+pTI128eEfVgIjIGSr7lLwIGm
zTX2mwWVQ+NjjUSPJR9PjbKEuAM2d9deeE/wH3yWPyvZdyzbJOcSOKBca8knVxUj
WpJ3FIkJNp8n/CiASAV2lL83qhca7aEiY7jfKP06Yx+KDrM8EiEdu+b9KLQBcnsS
aAYjXzVFUCOolW88JMNZGtPwLfpoGGXTVitVekllWHP+fGtijjRZ61QyshYgUqln
z/xCPu6Znd7IungAtdT6GGW1nb84Eq8SNIbaOYugDnvXLbQSgnyA3VtSBnA6yoJ/
hKcVs7OSryYBH86lO1+Zd4xGj0G4GLb+rsYQNAD9C8/osCm6A8XdMSYrIyE08SKU
cgy5Nufo9XuK3OkvJ8OhDR3NGNXK6E6lJnggrukiylJh8594CkSFDje9DN8HvGUw
674TebYM4dPDyNERHYKNn/ZVf2eNjBUl4qBt+cg7ERK3CRbe3UK8faFDCiPzGQu6
g3zPV5bpC3jV4KAeQb2ysotR6HtJI5+g7BUH4yM11ipXdak=

-----END CERTIFICATE-----

Registration

From a security perspective, you will receive two separate asymmetrical key pairs for your personal access, each with a personal certificate issued by the authega trust center (authega with certificate file), or the existing asymmetrical key pairs on your signature card will be used for authentication. One of your key pairs is used for your personal electronic authentication at authega.

For your personal access you need a software certificate or a signature card:

  • Software certificate
    The asymmetrical key pairs are generated on your computer and saved in a file to be protected by an individual password in accordance with the security standard PKCS # 12 in a special security environment (PSE) of the computer. Each pair consists of a private and a public key. The respective private key of the asymmetrical key pairs is cryptographically protected and can only be decrypted using the password you have assigned. The authega trust center issues a certificate for the associated public keys.

  • Signature card for authentication
    If you have an authega-supported signature card for authentication, you can use it. The asymmetrical key pairs contained on your signature card for authentication are usually protected by an individual password and stored and usable in a special security environment. The respective private key of the asymmetrical key pairs is cryptographically protected and can only be used by yourself via the password. The certificates for the associated public keys on the signature card for authentication are transferred from your computer to the authega trust center so that their validity can be confirmed for authega. In the positive case, your certificates will be integrated into authega.
    The currently supported signature cards for authentication are on the website of the Bayern-PKI visible.

The private keys of the asymmetrical key pairs can only be decrypted for use by entering an individual password of your choice. This security is also generally referred to as security based on "knowledge (password) and possession (means of authentication)". You are responsible for the secure handling of your authentication medium and the associated password!
Please note that simply, especially if unauthorized copying of the certificate file is suspected, simply changing the password of the certificate file is not sufficient. In this case, as a precaution, you should delete your user account or carry out a certificate renewal. When you renew your user account, your existing certificate file will become invalid and you will receive a new certificate file with a new password.

authega with certificate file

The certificate file is a file in a special format in which the generated keys are securely stored. The data is cryptographically protected and can only be decrypted using a password. A certificate file can be stored on different storage media (e.g. hard disk, USB stick) and copied as often as required.

Your computer's operating system treats the certificate file as a normal file. It can therefore be stored on different storage media (e.g. hard disk, USB stick). It contains cryptographic keys and certificates. The certificate file creates a link to an authega user account. Since the certificate file can be copied as often as any other file, a backup copy can be created easily. Since copying can also take place unnoticed, e.g. B. when stored on a network drive or by malicious software - so-called malware, the certificate file entails risks that the user should take into account. It is technically possible to use the same authega user account from several workplaces. However, this possibility poses security risks. Securing a user account is based on a combination of knowledge (password for the certificate file) and possession of the certificate file. If the certificate file is passed on, the owner of the user account gives up this security property on his own responsibility. If authega access is misused by copying the certificate file, the original owner can be identified and held responsible.
authega user accounts are designed to be personal. The parallel (in the sense of simultaneous) use of a user account by severalWhen passing the file on, please note that

  • the number of copies cannot be limited,
  • all copies of the certificate file are equivalent,
  • it is not possible to trace the copy of a certificate file with which a transaction was carried out,
  • if a user account is blocked / extended, all copies of the certificate file are affected,
  • and it is not possible to lock a single misused copy.

There is a possible source of error when updating the certificate file. For security reasons, the validity of the certificate file is limited (currently 3 years). With a certain time interval after the end of the validity period, the user will be informed by email about the expiry of their certificate. The extended software certificate is a new file for your computer. The "old" certificate file and its copies will therefore become invalid and can no longer be used to register with authega.

You should keep the answer to the security question and the lock code required to delete your user account safe and separate from your means of authentication. Since registration with a certificate file is saved on your hard drive, you must also ensure that your computer is adequately secured. If someone else is using your computer, the file could be read or copied unnoticed. In such an attack, your certificate would only be secured with your personal password. You can find support for securing your computer on the website of the Bundesamtes für Sicherheit in der Informationstechnik receive.

If you have not received an email from authega within a certain time after sending the registration data, you have to start the registration process again. The most common cause of this can be a typo, such as the unintentional entry of an incorrect or invalid email address. The recommended waiting time before you can assume an error in the delivery of the e-mail depends on many parameters, such as the current load at authega or the selected portal, the load on your Internet provider and the quality of your connection Your provider. The email is usually delivered within minutes to a few hours. For waiting times over several days, we recommend the Hotline to contact.

There is an indirect proof of identity by sending the activation code by letter and sending the activation ID by email. Your identity is verified by only the authentic person receiving both information and thus being able to activate the authega user account.

The activation code is an essential security mechanism when activating a user account with authega. Initiated by authega, it will be sent to you in a closed letter.

The authega trust center is a dedicated key and certificate manager. It is used to create and manage certificates that enable individual authentication for users at authega. The trust center is operated on the basis of its own operating, organizational and security concept based on globally recognized guidelines.

You can only use the personalized services at authega in the future by logging in if you authenticate yourself in your software certificate. Your software certificate contains the necessary private key, which authega can use to verify your electronic identity. When using portals that are connected to authega, personal authentication data is transmitted electronically.

Your software certificate has two asymmetrical key pairs and a corresponding certificate. The data is encrypted.

The security of your authentication is based on the recognized RSA procedure. The key length of your certificate corresponds to a key length of 3072 bits. The data transmission is encrypted using a symmetrical cryptographic procedure that corresponds to the current state of security technology. The necessary symmetric key is generated as a random number and communicated to authega in encrypted form.

Only you can access your personalized services. The security here is based on your knowledge (password) and your possession (certificate file). Without knowledge of the password and possession of the individual certificate file, access to your personalized services is not possible. You are responsible for the safe storage of the two crypto products! Unauthorized persons may not have access to these funds. Only then will the security of your connection to authega be guaranteed.

Signature cards for authentication

If the user has a signature card for authentication supported by authega, he can also use it.
Signature cards for authentication represent the electronic replacement of your handwritten signature and are used by Bayern-PKI spent. A document signed with a signature card for authentication is considered legally binding.

If you have not received an email from authega within a certain time after sending the registration data, you have to start the registration process again. The most common cause of this can be a typo, such as the unintentional entry of an incorrect or invalid email address. The recommended waiting time before you can assume an error in the delivery of the e-mail depends on many parameters, such as the current load at authega or the selected portal, the load on your Internet provider and the quality of your connection Your provider. The email is usually delivered within minutes to a few hours. For waiting times over several days, we recommend the Hotline to contact.

There is an indirect proof of identity by sending the activation code by standard mail and sending the activation ID by email. Your identity is verified by only the authentic person receiving both information and thus being able to activate the authega user account.

The activation code is an essential security mechanism when activating a user account with authega. Initiated by authega, it will be sent to you in a closed letter.

The authega trust center is a dedicated key and certificate manager. It is used to create and manage certificates that enable individual authentication for users at authega. The trust center is operated on the basis of its own operating, organizational and security concept based on globally recognized guidelines.

The trust center of  Bayern-PKI is through that IT-DLZ operated.

In future, you can only use authega's personalized services via login if you authenticate yourself with your signature card for authentication. Your signature card for authentication contains the necessary private key and the associated certificate, which authega can use to verify your electronic identity. When using portals that are connected to authega, personal authentication data is transmitted electronically.

Your signature card for authentication has two asymmetrical key pairs and a corresponding certificate. One key pair each for authentication and encryption.

The security of your authentication is fundamentally based on the recognized RSA procedure. The data transmission is encrypted using a symmetrical cryptographic procedure that corresponds to the current state of security technology. The necessary symmetric key is generated as a random number and authega, encrypted.

Only you can access your personalized services. The security here is based on your knowledge (password) and your possession (signature card). Without knowledge of the password and possession of the signature card, access to your personalized services is not possible. You are responsible for the safe storage of the two crypto products! Unauthorized persons may not have access to these funds. Only then is the security of your connection to authega guaranteed.