Sector-specific personal identifier (ssPIN)
The abbreviation ssPIN stands for sector-specific personal identifier (bPK – bereichsspezifische Personenkennzeichen). This is a way of maintaining data protection within the Citizen Card concept. The ssPIN is derived from the sourcePIN, which must not be stored by the authorities as an identifying feature. In reverse, however, it is not possible to derive the sourcePIN from the ssPIN. An administrative agency can only use the sector-specific personal identifier for a different sector in encrypted form (vbPK). Citizens may request their ssPIN by signing an application using their ID Austria account. The authority responsible for the SourcePIN Register may only determine the ssPIN itself in exceptional circumstances.
Determining the ssPIN (bPK)
The SourcePIN Register Authority requires the relevant authority's public key.
The following two steps are carried out to determine the ssPIN:
- A character string is generated based on the sourcePIN and the procedural sector
- A hash algorithm works out the secure cryptographic single-use decoder
Special cases
Legal representatives
Business
Configuration of all data processing using the ssPIN within the public administration service
Public servants can agree with the authority responsible for the SourcePIN Register to carry out data processing using the ssPIN. This enables administrative procedures to be carried out more efficiently while saving resources. The following requirements must be met when making such an application:
- The individual must work in the public sector and be under a legal obligation to record other people’s identifying data
- They must know their own administration service identifier
- They must send their public key to the SourcePIN Register Authority
- They must submit an application to configure data using sector-specific personal identifiers