Latvia to up cybersecurity of national e-services

Take note – story published 1 year and 1 month ago

The National Health Service has already warned that e-Health will no longer be accessed by online banking identification tools from next year. The ministerial representatives responsible for IT systems say that online banking identification will also gradually disappear from other national e-services, the De Facto broadcast of Latvian Television, aired May 14, reported.

E-Health services access only by e-signature has been planned since January 1, 2017. However, as the identification tools created by banks have proved to be more popular, the deadline has been postponed many times. Also this year, the deadline has shifted again, now to the beginning of 2024.

“This ID card is safer, and at the same time we also drew attention to the fact that it is not yet available to everyone,” explained Health Minister Līga Meņģelsone, while stating that the public will be informed about the changes.

“There is a whole project and a program that will inform, help to make it easier and less painful to switch to this system. Although, of course, it should be acknowledged that online banking is a very convenient way,” Meņģelsone said.

Since the beginning of the year, online banking tools are no longer valid for the 'e-lieta' justice system document portal. The main reason is that the national e-signature tools have the status of a "qualified means of identification", but the banking tools do not have one.

The national cybersecurity authority Cert.lv expert Kristiāns Teters said that it would not be right to argue that the status granted by the state means more security. However, it provides a guarantee that the national identification tool will be regularly audited and monitored to ensure that it complies with the safety requirements.

“If I had to respond as an expert, I think we should go in the direction of qualified identification. But the decision is for the e-service provider, evaluating the risks for its e-service, respectively,” said Teters.

Although in recent years more and more people have been using the “eParaksts” and “eParaksts mobile” national identification tools, statistics show that online banking tools are still being used more frequently.

In January this year, users picked online banking 2.6 million times to access state electronic services and just 500 thousand used the types of e-signature.

Some banks aren't happy about such popularity. The Finance Latvia Association stated that the use of online banking tools on national portals was planned to be only a temporary solution.

“Banks are financial services providers, and at the moment we also partly provide identification services, which are not exactly bank-specific activities. Meanwhile, there are already legal entities in parallel that offer these services, and it would only be logical for the country to transition,” said Armands Onzuls, adviser to the Finance Latvia Association.

The Ministry of Environmental Protection and Regional Development, responsible for digital administration, acknowledged that signals were received from banks that the country's reliance on their identification tools was becoming a burden. Deputy Secretary of State Gatis Ozols indicated that the transition to qualified means of identification will take place, but the process will be gradual.

The Ministry's spokesman also pointed out that for a large part of Internet banking users, the transition might not cause significant problems if the Smart ID obtains the status of a qualified means of identification. It is used by some of the largest banks – Swedbank, SEB, and Luminor. The developer of the Smart ID, SK ID Solutions, has been seeking the status for more than three years. Once it is obtained, the Smart ID will have access to public services without banks as an intermediary.

The Defense Ministry's Secretary of State Jānis Garisons said the changes in the way residents have accessed e-services so far will also be accompanied by tougher cybersecurity policies. Soon, the government will see a new National Cybersecurity Law based on a recently adopted European Union directive on network security.

As a result, areas whose IT infrastructure should be specifically protected will be expanded. And the Ministry of Defense, together with other competent authorities, will also evaluate solutions for strengthening the monitoring of electronic identification means specified for national e-services.

Seen a mistake?

Select text and press Ctrl+Enter to send a suggested correction to the editor

Select text and press Report a mistake to send a suggested correction to the editor

Related articles

More

Most important