E-Government modules & services

Very many online services offered by the public administration agencies can be used securely with an electronic identity. The ELAKimBund (federal electronic filing system, EiB) enables seamless communication between government authorities, offices, administrative bodies and businesses.
Digital services are increasingly being offered by the public administration agencies via websites and/or mobile applications such as oesterreich.gv.at and the Digitales Amt (Digital Office) app, usp.gv.at, FinanzOnline and the Transparency Portal.
More about Digital web services provided by the administrative agencies for citizens and businesses.
Users identify and authenticate themselves when accessing digital services by using their digital identity (ID Austria)

E-Government Act

The E-Government Act is the legal basis for e-government tools and modules. For data protection purposes, the personal identification number (sourcePIN) of natural persons (private individuals) must not be stored by the authorities.

Identity management in accordance with data protection requirements
(the ssPIN (bPK) concept)

For data protection purposes, the personal identification number (sourcePIN) of natural persons (private individuals) must not be stored by the authorities.
Under the Citizen Card concept, natural persons may only be identified by the authorities using sector-specific personal identifiers (ssPINs).
These are derived from the sourcePIN of the person in question.
It must not be possible to reverse the process or trace the derivation.
A sector-specific personal identifier applies only to the area of activity of the authority responsible for the process that has been initiated.
A sector-specific personal identifier from a different area may only be used in encrypted form.
The sourcePIN may only be used to work out the ssPIN with the cooperation of the person in question – by them using their Citizen Card.

Personal identification number (Stammzahl)

Every natural person (private individual) registered in Austria is assigned a unique identification number (sourcePIN/Stammzahl). It is an encrypted version from their number in the Central Register of Residents (ZMR).

Personal identification number (Stammzahl)

The reference number for other natural persons comes from the Supplementary Register. The sourcePIN (Stammzahl) of natural persons is only stored on their Citizen Card. For legal entities, their number in the Companies Register, Central Register of Associations or in the Supplementary Register is used.

SourcePin Register

The SourcePIN Register is used to work out the personal identification numbers (sourcePINs) which uniquely identify individuals. The SourcePin Register is a virtual register. The sourcePIN is only worked out as required and then deleted again.

Supplementary Register

All natural persons who are not registered in Austria and legal entities which are not entered in the Companies Register or Central Register of Associations can be registered in the Supplementary Register so that they, too, are able to participate in online administrative processes; this includes regional authorities and other authorities.

Digital services provided by the administrative agencies

ELAKimBund (EiB)

The ELAK electronic filing system has been enabling fully electronic file management, automated handling of business processes, archiving and seamless cooperation between the administrative authorities since 2004. It optimises cooperation between all the organisations which take part in the federal electronic filing system (EiB) and also enables them to work with external partners.
In addition to facilitating formal tasks (processing business transactions), the EiB also offers ways of working together informally. It gives people a reliable, secure way of working, at any time and wherever they are.
The federal electronic filing system is available to all federal departments. The system is currently used by about 40 organisations with around 14,000 individual users. The EiB has been working reliably for the last 20 years and is regularly upgraded.

The objective is to develop the EiB into a universal solution which offers a central digital workspace for the Austrian federal government, the supreme courts and other subordinate and subcontracted organisations.

The advantages of electronic file processing are obvious: ELAK significantly reduces the time it takes to process requests, because procedures can run in parallel and in standardised formats at different authorities. Time in the post and paper printouts are both eliminated. Officials can carry out research at their desks. The work process is transparent – you can find out the status of a file at any time at the click of a mouse.

Benefits

Information can be provided more quickly, because ELAK allows quicker access to files and more efficient searching
Documents can be sent to their recipients electronically
Business transactions and documents can be accessed irrespective of time and place
Automation reduces the number of work stages
Transactions are documented and easy to trace
Files can be processed more easily and forwarded to the relevant departments
High security standards give protection from unauthorised access
A fully electronic process – from the initial request to final document delivery

Intelligent assistants, simplified menu structures, clear forms, faster working on mobile end devices - these are some of the challenges facing ELAK next.

Reporting Platform

The Reporting Platform collects, visualises and explains datasets from federal organisations, public institutions and regional authorities to provide a basis for decision-making by Austrian politicians.

Portal Group

This is a collaborative infrastructure enabling different administrative agencies to work together by connecting their individual portals together to form the Portal Group.
Digital public administration can only function efficiently if there is close inter-agency cooperation between different authorities.
Portals have the advantage of making several applications accessible via a single entry point. A user's identity is only checked once during the process of logging in to the portal. They only need to identify themselves once (single sign-on) to be able to access multiple resources, sources of information and "digital departments" – provided they are authorised to do so.
Participation in the Portal Group is regulated by the Portal Group Agreement, which sets out the rights and obligations that have to be observed by participating portal operators.
This creates a basis of trust between the operators of the master portals that the users administer and the operators of the applications. In technical and organisational terms, communication within the Portal Group is regulated by the Portal Group Protocol (PVP) and by the definition of different security levels.
Application operators specify – in compliance with all data protection requirements – which of their applications are accessible to whom via which application portal. They define roles which have corresponding access rights to their applications, depending on the task being performed.
Over 1,300 services are now available via the Portal Group, making it an established standard. Information and a form for applying to join can be found here: Portal Group and Published information.

Policies

The Internet is playing an increasingly important role in our lives. It is easy to download information from all over the world.

The Internet also makes it much easier to contact government authorities.
To keep people safe on the Internet, it is important to have policies on email, accessibility and ICT security.

Policies: Email and Internet

To fully exploit the potential of digital public administration services, not only are technical standards and compatible software solutions needed but also precise rules about how digital communication should work. Such provisions are called policies.

The Internet Policy is the basis for Internet communication between the authorities on the one hand and citizens and businesses on the other. This convention describes in general terms possible ways of harmonising such communication.

The Transfer Policy determines the procedure for administrative agencies when they send data electronically via a file transfer process.

The Email Policy gives suggestions for how officials in the public administration agencies should behave when sending electronic data by email. The aim is to define minimum requirements for how the administrative agencies use email as a communication medium. Wherever possible, contact should be established via a web interface (e.g. an online form).

The aim of the Domain Policy is for the public administration agencies – i.e. the websites of the individual authorities – to present a uniform image on the Internet, and to guarantee that they comply with various security requirements and organisational expectations. Websites must include a legal notice, contact address and search function. Optional functions include electronic forms and site maps. Special importance is also attached to complying with the standards of the Web Accessibility Initiative.

The gv.at Domain Registration Policy means that the government websites all appear under the same domain name (.gv.at). This measure is designed to build trust. Users can be confident that they are looking at official information and services. The name of the administrative agency should be visible in the address bar.

Domain names are assigned, and the "gv.at" domain is administered, by the Federal Ministry of Finance. Technical administration is the responsibility of Vienna's municipal authority. As well as increasing trust, the "gv.at" domain names also offer protection from domain grabbing.
Any enquiries to and requests from the authorities should be sent to this email address: post.ikt@bmf.gv.at. Using the request form shown below makes processing easier but is not compulsory. Requests can normally be dealt with in less than 48 hours of completing the form with details of your request.

Naming and Domain Registration Policy Information about registering domain names under "gv.at"
Request form and information about "gv.at" domains can be found on the websites of Vienna's municipal authority, under wien.gv.at
Reference list of municipality names provided by the Austrian Association of Cities and Towns

Policy: Accessibility – barrier-free access to the Internet for all

The Internet also makes it much simpler to contact government authorities. People with disabilities can communicate easily online with the authorities, or obtain information from the various information portals.
Austria has committed itself to complying with the guidelines in the Web Accessibility Initiative (WAI).
More information here: Barrier-free web – Internet access for all.

Policy: ICT security

The Austrian Strategy for Cyber Security (ÖSCS) establishes the foundations for working together safely nationwide. More information can be found on the BMI website: Austrian Strategy for Cyber Security (ÖSCS)

The National ICT Security Strategy is the result of a collaboration between 130 representatives of Austrian stakeholders, who produced a concept for protecting Austria's cyberspace and the people who use it. More information can be found on the BKA website: Austrian Strategy for Cyber Security

The Austrian ICT Security Portal offers extensive information for everyone about the "Security of Information and Communications Technologies (ICT)". More information can be found on the BMF website: ICT Security Portal

Government-CERT (GovCERT or Government Computer Emergency Response Team) – the public administration CERT team is a central operational cybersecurity unit that supports the administrative agencies and critical infrastructure by providing operational and technical expertise and a national and international network for sharing experience and information.
It was also set up to be a strategic national Point of Contact (POC) for international CERT cooperation. GovCERT supports the setting up of sector-specific CERTs (contact: CERT.at).
Critical infrastructure organisations are only part of the GovCERT target group until they have their own sector CERT. It is an explicit objective of GovCERT to support the setting up of CERTs in all sectors.

More information

CERT.at
GovCERT
Annual reports on Austria's Internet security from GovCERT and CERT.at
ENISA (European Union Agency for Cybersecurity)
Inventory of CERT activities in Europe
Forum for Incident Response and Security Teams (FIRST)
Trusted Introducer

Digitally networked services

Online processes enable citizens and businesses to conduct certain official transactions partially or wholly electronically.

Electronic payments

The opening up of procedures and their largely automated handling by the digital public administration agencies includes the necessary payment transactions. Apps and digital processes should be compatible with all existing payment systems and also all those that are likely to appear on the market in the future. The range of payment systems extends from payment in cash at a cash desk to bank transfers, credit cards and payments by mobile phone.

The requirement for openness leads directly to a need for individual apps to be separate from the actual mode of payment. The way in which the payment is made must be transparent to the app.

This is achieved by introducing and specifying an open interface between the app and the payment system (for example an interim clearing house). That is why the EPS2 specification (e-payment standard – Version 2) has been developed for online payment transactions.

Processes that are requested and handled online must also be properly recorded. Information about any fees incurred and about the payment is passed on.

Electronic document delivery

Electronic document delivery is an important component of service-oriented public administration. It saves time and is more convenient. There is no longer any need to collect registered letters from the post office. It brings significant cost savings for the administrative agencies.
Users need only register once for an electronic mailbox called My Mailbox, in order to be able to receive official documents at any time and wherever they are. They are notified by email when a new document arrives. More here: Electronic document delivery

Dual delivery
The dual delivery system offers government authorities the advantage of presenting the same interface for electronic and paper deliveries. Whether the document is delivered electronically or conventionally in the end depends on whether the recipient can be contacted electronically.

Electronic invoicing of the administrative agencies

Since January 2014, contractual partners providing government bodies with goods or services have been obliged to invoice them only in a structured electronic format. This can be done via the Business Service Portal and speeds up administrative processes and helps to cut costs. It not only saves the postage charges but also reduces CO² footprints.

Electronic invoices are first checked for formatting errors and then forwarded to the relevant office.

A copy of the invoice in PDF format is generated automatically and sent to the email address(es) given on the electronic invoice as confirmation of receipt. If the invoicing process did not work, the system informs the sender.

More information here: eRechnung – erb.gv.at

Standards

Jointly developed standards serve as a basis for the work of different regional authorities and are applied consistently across them.
Developments in this context in relation to Austria's current E-Government Strategy can be found here: E-Government standards.

Electronic signatures

Electronic signatures provide maximum information and data security and simplify the processing of online administrative procedures.

Electronic signatures

The signatory can only be a natural person, so even qualified electronic signatures can only be created by natural persons. Qualified electronic signatures are essentially the equivalent of handwritten signatures. For legal entities, the eIDAS Regulation (Regulation on electronic identification and trust services for electronic transactions in the internal market) provides for the use of electronic seals.

Electronic signatures – data protection & security

The advantage of being able to contact the authorities with your personal identity confirmed is that it makes processing your request easier and more convenient. Electronic signatures provide certainty that people without authorisation are not allowed access. Electronic signatures can only be activated by entering your PIN (Personal Identification Number). This confirms to the authorities that you are the same person who contacted them originally.

Official electronic signatures, electronic seals

Official electronic signatures are advanced electronic signatures or seals which are applied electronically to a ruling or document by an administrative authority. They also appear in visualised form as a figurative mark confirming that the official signature has been checked. An official electronic signature can be used to check that an electronic document is genuine and intact. A printout of a document from an administrative authority has the same evidential value as an official document.

More information

SourcePIN Register Authority (Stammzahlenregisterbehörde)