ISSA European Network Technical Seminar on efficient e-services in Social Security Warsaw, 24 th of May 2012 Dr. Jens Bruhn Deutsche Rentenversicherung Bund Datenstelle der Rentenversicherungsträger Coordinator for A1 Data Exchange DRV e-services for Individuals and Institutions
20
Embed
ISSA European Network Technical Seminar on efficient e-services in Social Security
DRV e-services for Individuals and Institutions. ISSA European Network Technical Seminar on efficient e-services in Social Security. Warsaw, 24 th of May 2012 Dr. Jens Bruhn Deutsche Rentenversicherung Bund Datenstelle der Rentenversicherungsträger Coordinator for A1 Data Exchange. - PowerPoint PPT Presentation
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
ISSA European Network Technical Seminar on
efficient e-services in Social Security
Warsaw, 24th of May 2012
Dr. Jens BruhnDeutsche Rentenversicherung BundDatenstelle der RentenversicherungsträgerCoordinator for A1 Data Exchange
DRV e-services forIndividuals and
Institutions
DRV e-services Overview
1. Introduction
2. Requirements on e-services for Individuals
3. e-services for Individuals
4. Services for Institutions
5. Summary
Overview
Dr. Jens Bruhn – DRV e-services for Individuals and Institutions – ISSA European Network Technical Seminar on efficient e-services in Social Security – Warsaw , 24th of May 2012
2
1. Introduction
3
The demand for e-services for individuals and institutions at Deutsche Rentenversicherung (DRV) arises from the high number of customers and the deep integration into the German social security system.
Approx. 57 million customers (2012)
Various relationships with national and international partner institutions
Advantages of e-services for
Customers: Time saving, convenience, availability
Institutions: Quality improvement, runtime- and cost reduction
DRV: Quality improvement, runtime- and cost reduction
DRV e-services 1. Introduction
Dr. Jens Bruhn – DRV e-services for Individuals and Institutions – ISSA European Network Technical Seminar on efficient e-services in Social Security – Warsaw , 24th of May 2012
2. Requirements on e-Serivces
4
Success factors of e-services for individuals must be addressed in order to reach acceptance and usage by customers.
Security
Understandability & Usability
Barrier-free Implementation
DRV e-services 2. Requirements on e-Serivces for Individuals
Trust
Convenience
Access & Participation
Dr. Jens Bruhn – DRV e-services for Individuals and Institutions – ISSA European Network Technical Seminar on efficient e-services in Social Security – Warsaw , 24th of May 2012
Security
5
Security is a critical success criteria which needs to be fulfilled as necessary requirement first.
Confidentiality
Integrity
Availability
DRV e-services 2. Requirements on e-Serivces Security
Trust
Trust
Acceptance
Confidentiality requires user authentication as precondition! Legal regulations and guidelines must be fulfilled!
Dr. Jens Bruhn – DRV e-services for Individuals and Institutions – ISSA European Network Technical Seminar on efficient e-services in Social Security – Warsaw , 24th of May 2012
The German nPA
6
German personal identity card supports digital authentication.
Available since Nov. 2010
6 to 8 million issues per year
Valid for 10 years 2020 complete replacement of former PA
Electronic elements
Digital biometric information Photo Fingerprints (optional)
Qualified electronic signature Prepared, but not yet available
Electronic identity (eID) Deactivation possible
DRV e-services 3.The German nPA
Accessible by dedicated German institutions
Dr. Jens Bruhn – DRV e-services for Individuals and Institutions – ISSA European Network Technical Seminar on efficient e-services in Social Security – Warsaw , 24th of May 2012
Authentication with eID
7
Core aspects of eID-application.
Requirements
Activation of eID on nPA
Availability of card reader
AusweisApp (Win, Linux, OSX)
Browser with internet access
Authentication functionality
Provision of personal information
Service provider-specific pseudonym
Basic principle: Possession and Knowledge
DRV e-services 3.The German nPA Authentication with eID
Dr. Jens Bruhn – DRV e-services for Individuals and Institutions – ISSA European Network Technical Seminar on efficient e-services in Social Security – Warsaw , 24th of May 2012
Authentication with eID (2)
Overview of eID-based authentication process.
DRV e-services 3.The German nPA Authentication with eID
8
TLS-based communication TLS-based communication
12
56
3
4
eID-Service User Service Provider
Dr. Jens Bruhn – DRV e-services for Individuals and Institutions – ISSA European Network Technical Seminar on efficient e-services in Social Security – Warsaw , 24th of May 2012
BrowserAusweisApp
4. DRV e-Services for Individuals
9
DRV provides a set of e-services as part of its website.
No electronic authentication
Appointment scheduling
eID-based authentication
Information services
Signature-based authentication
Information services
Application services
DRV e-services 4. DRV e-Services for Individuals
Dr. Jens Bruhn – DRV e-services for Individuals and Institutions – ISSA European Network Technical Seminar on efficient e-services in Social Security – Warsaw , 24th of May 2012
Appointment Scheduling (eTermin)
10
Appointment scheduling service provided without any authentication requirements.
Electronic request for appointment
Agreement on date and time
Personal information requested by service
Authentication during appointment
Available as mobile application
No security risks regarding personal data No demand for digital authentication
DRV e-services 4. DRV e-Services for Individuals Information Services
Dr. Jens Bruhn – DRV e-services for Individuals and Institutions – ISSA European Network Technical Seminar on efficient e-services in Social Security – Warsaw , 24th of May 2012
Information Services
11
Information services require user authentication as they provide read access to personal information.
Information on retirement account
State and forecast
Information provided in PDF
Renteninformation
Rentenauskunft
…
Access to personal information
Confidentiality must be guaranteed
eID- or signature-based authentication supported
No data manipulation
DRV e-services 4. DRV e-Services for Individuals Information Services
Dr. Jens Bruhn – DRV e-services for Individuals and Institutions – ISSA European Network Technical Seminar on efficient e-services in Social Security – Warsaw , 24th of May 2012
Application Services (eAntrag)
12
DRV e-services 4. DRV e-Services for Individuals Application Services
Application services require authentication and declarations of intent as their usage will have legal impact (e.g., application for a pension).
Various types of applications supported
Legal impact of application submission
Declaration of intent required
Declaration of intent through signature
Currently not possible with nPA
Support for third-party signature cards
Dr. Jens Bruhn – DRV e-services for Individuals and Institutions – ISSA European Network Technical Seminar on efficient e-services in Social Security – Warsaw , 24th of May 2012
Personal Data
13
Change of residence information eID required
Change of bank account information
Direct debit
eID required
Pension payment
Signature required
DRV e-services 4. DRV e-Services for Individuals Personal Data
Personal data services require user authentication. Additionally, a signature could be required.
Dr. Jens Bruhn – DRV e-services for Individuals and Institutions – ISSA European Network Technical Seminar on efficient e-services in Social Security – Warsaw , 24th of May 2012
5. Services for Institutions
14
DRV provides various types of services to different partner institutions.
Advantages
Time- and cost efficiency Process automation Enhanced data quality through avoidance of media disruption
General policy
Access through German governmental networks or other secure networks Account management by master user at partner institution
Selected service examples
Infrastructure services: DSRV-Web-Postfach Generic information services for multiple institutions: eSolution Special information services for multiple institutions: E101-/A1-database Dedicated services: Familiengerichte
DRV e-services 5. Services for Institutions
Dr. Jens Bruhn – DRV e-services for Individuals and Institutions – ISSA European Network Technical Seminar on efficient e-services in Social Security – Warsaw , 24th of May 2012
Infrastructure Services
15
Infrastructure services are provided in order to enable the collaboration of institutions, e.g., through the support for file transfer.
Example: DSRV-Web-Postfach
File transfer service
Web-based user interface
Foundation for higher-level services
Usage on national and international level
DRV e-services 5. Services for Institutions Infrastructure Services
Dr. Jens Bruhn – DRV e-services for Individuals and Institutions – ISSA European Network Technical Seminar on efficient e-services in Social Security – Warsaw , 24th of May 2012
Generic Information Services
16
Generic information services provide information on insured persons to authorized institutions.
Example: eSolution
Directory service for basic information on insured persons Insurance number Name Address Responsible pension insurance institute
Accessible for German administration
Available since Sep. 2010
Approx. 90k lookups per month, upward trend
DRV e-services 5. Services for Institutions Generic Information Services
Subject of lookups
Dr. Jens Bruhn – DRV e-services for Individuals and Institutions – ISSA European Network Technical Seminar on efficient e-services in Social Security – Warsaw , 24th of May 2012
Special Information Services
17
Special information services fulfill information demands in a specific context or application domains.
Example: E101-/A1-database
Storage of information on E101-/A1-forms where German legislation is not applicable
Goals avoid and disclose abuse of social benefits fight illegal employment
Access limited to dedicated institutions
Web-based user interface
Information transfer by European partners through DSRV-Web-Postfach possible
DRV e-services 5. Services for Institutions Special Information Services
Dr. Jens Bruhn – DRV e-services for Individuals and Institutions – ISSA European Network Technical Seminar on efficient e-services in Social Security – Warsaw , 24th of May 2012
Dedicated Services
18
Dedicated services are realized and provided to address individual needs of collaborations with partner institutions.
Example: Interface for family court
Pension rights adjustment in case of divorce
Information need of court during divorce proceeding
Provision of programmatic interface to DRV for
Submission of information requests
Transfer of information
Deep integration into court software
Outlook: Transfer of court decision to DRV
DRV e-services 5. Services for Institutions Dedicated Services
Dr. Jens Bruhn – DRV e-services for Individuals and Institutions – ISSA European Network Technical Seminar on efficient e-services in Social Security – Warsaw , 24th of May 2012
6. Summary
19
High potential of e-services due to high number of individual customers and collaborations with partner institutions
Requirements on e-services for individuals Critical factor: Security
Authentication through eID and qualified digital signature
Declaration of intent through qualified digital signature
DRV e-services for individuals
DRV e-services for institutions
DRV e-services 6. Summary
Dr. Jens Bruhn – DRV e-services for Individuals and Institutions – ISSA European Network Technical Seminar on efficient e-services in Social Security – Warsaw , 24th of May 2012