Picture this: A quantum computer hums to life in some high-tech lab, and within moments, decades of encryption techniques — the ones we trust to protect sensitive information like bank transfers and eID systems — become useless. It’s not a sci-fi scenario; it’s the future we’re racing to avoid.

The solution? Post-quantum cryptography (PQC). These are cutting-edge algorithms designed to withstand quantum attacks. But designing them is only half the battle. The real challenge lies in deploying them, especially on systems with tight constraints, like eID cards. With recent breakthroughs in PQC standardization, it’s time to explore how these advancements shape the future of secure digital identities.

Post-quantum winners: NIST’s picks for the future

A Balancing Act for the Future

Preparing for quantum computing isn’t just about better math; it’s about adapting infrastructure, hardware, and policies. The move to post-quantum cryptography is a marathon, not a sprint, requiring collaboration across industries and governments.

The stakes are high. Whether it’s securing eID cards or protecting global networks, the decisions we make today will determine how resilient we’ll be in a quantum-powered world.

As Ben Drisch puts it, “Cryptovision’s commitment has always been to provide the best cryptography available, and that won’t change in the post-quantum era.”

Quantum computers are rapidly moving toward a level where they could break today’s standard cryptographic systems — like RSA, Diffie-Hellman, and ECC — that currently protect everything from web browsing to corporate email. While quantum machines aren’t yet powerful enough to pose an immediate danger, the technology is evolving faster than many expect, making quantum-resistant (post-quantum) cryptography (PQC) more urgent than ever. Promising methods such as CRYSTALS-Kyber (for key exchange) and CRYSTALS-Dilithium (for digital signatures) have been standardizedare on track for standardization, signaling they ar’ll soon be ready for practical use.

For businesses, adopting PQC introduces new complexities: algorithms often require greater computing resources, keys can be substantially larger (especially challenging for devices like smart cards), and crypto agility — the ability to switch out algorithms without revamping entire systems — becomes crucial. The practical path forward lies in a phased migration strategy: map out your existing cryptographic landscape, assess your risks, secure buy-in from leadership, and then implement changes in stages. Hybrid solutions (combining classical and post-quantum approaches) may also help smooth the transition.

Mühlbauer has been a cornerstone in the international eID space, and we are proud to have been your trusted partner. How would you describe the synergy between our two organizations in delivering cutting-edge solutions for electronic identity projects?

LR: “The partnership between Mühlbauer and Eviden has been built on shared expertise, innovation, and a commitment to delivering secure, high-performance eID solutions. By combining Mühlbauer’s experience as a leading system integrator and personalization solution provider with Eviden’s cryptovision application software and PKI solutions, we have successfully implemented cutting-edge solutions that empower governments worldwide.”

As a leading system integrator, Mühlbauer has implemented projects worldwide. Can you share insights into the unique challenges of deploying electronic document solutions across diverse regions, and how you tailor your approach to meet these challenges?

LR: “Every country has its own regulatory framework, infrastructure landscape, and societal needs. Deploying electronic identity solutions globally requires a deep understanding of these regional differences. In some cases, we face challenges like connectivity limitations, data protection laws, or the need for biometric verification in remote areas. Our approach is always tailored—whether it’s customizing enrollment workflows, ensuring compliance with local security standards, or integrating our solutions with existing infrastructures. By working closely with partners like Eviden, we ensure a smooth, secure, and efficient rollout of eID projects. One of the major challenges is the migration of existing eID systems to a new modernized platform based on the latest standards of cybersecurity and interoperability”

Mühlbauer is renowned for its innovation in secure identity solutions. How does your company stay ahead of technological advancements, and what are some innovations you are most proud of?

LR: “Mühlbauer is committed to continuous innovation in secure identity solutions. We invest heavily in R&D to stay ahead of emerging trends such as biometric advancements, quantum-resistant encryption, and AI-driven identity verification. One of our proudest innovations is our fully automated ePassport and eID personalization solutions, which enhance efficiency and security. In addition, we are continuously developing our solutions for complete identity management systems. These solutions include software applications for enrollment, verification and approval of each application for a national ID document, the assignment of a unique national ID, the personalization of the documents and the use of the ID documents in daily life.”

With your global footprint, you’ve likely seen firsthand how eID systems transform lives. Can you share a success story where Mühlbauer’s solutions, coupled with our software, made a significant impact on a country or community?

LR: “One standout example is the successfully transformation of the national ID in Algeria to the new platform, where Mühlbauer and Eviden collaborated to implement a nationwide eID system. The project not only enhanced citizen access to government services but also strengthened national security and streamlined border control. Thanks to the seamless integration of our secure document production with Eviden’s cryptovision ePasslet Suite and middleware, the country now enjoys a highly secure, interoperable, and scalable digital identity ecosystem.”

Trust and security are paramount in eID projects. How does Mühlbauer ensure the highest standards of quality and reliability across its systems?

LR: “Security is at the core of everything we do. Our systems adhere to the strictest international security standards, including ICAO and ISO certifications such as ISO 9001, ISO27001, Intergraph security printer and Intergraph security supplier. From secure chip encoding to end-to-end encryption in document issuance, we implement multi-layered security measures. We also conduct rigorous testing and quality assurance protocols to ensure the highest reliability across our solutions, safeguarding the trust placed in us by governments worldwide.”

With the rapid evolution of technology, what emerging trends do you foresee shaping the future of eID systems, and how is Mühlbauer preparing to meet these new demands?

LR: “The future of eID systems is being shaped by cloud based identity solutions, AI-enhanced fraud detection, and post-quantum cryptography. As governments move towards more digital and mobile-first approaches, we are developing solutions that support mobile IDs, self-sovereign identity (SSI), and biometric authentication advancements.

 

That said, while digital and mobile derivatives of identity documents bring great improvements in usability and accessibility to government services, we strongly believe that the physical document will remain an essential representation of national identity and sovereignty. A secure physical travel document is indispensable for international border crossing and will not be replaced by digital alternatives anytime soon. Instead, the future lies in a hybrid approach where physical and digital identities complement each other, providing citizens with maximum security, flexibility, and convenience.

The biggest challenge for the next decade is to offer solutions that have a high degree of interoperability in order to expand existing systems with new solution modules. Furthermore, it is important to offer authorities the opportunity to choose from a variety of solutions and to create a new solution in the digital transformation.”

Reflecting on our longstanding collaboration, what do you think has been the most significant achievement of our partnership?

LR: “One of the greatest achievements of our partnership has been our ability to deliver secure, large-scale eID projects that enhance trust and efficiency in digital identity ecosystems worldwide. Together, we have successfully deployed systems that serve millions of citizens, providing them with secure digital identities that enable access to essential services, facilitate travel, and improve financial inclusion. An important aspect for successful collaboration is quick coordination and close cooperation at all levels.”

As we continue to work together, what message would you like to share with our teams, whose collective efforts ensure the success of eID projects globally?

LR: To all the dedicated teams working on eID projects worldwide—your expertise, innovation, and commitment are what make these solutions a reality. The future of secure digital identities is in our hands, and through continued collaboration, we will drive new innovations, overcome challenges, and make a lasting impact on digital identity ecosystems across the globe. Thank you for your efforts in making identity solutions safer, interoperable, and more accessible!

Envision a world where you are the master of your own identity. You decide who sees your name, age, or even your shopping history. That is the promise of self-sovereign identity (SSI)—you control your personal data, while others have no authority over it. This concept directly challenges the traditional model, where governments manage your identity through electronic identity documents (eIDs). But what if these two worlds didn’t need to clash? What if, instead, they could work together to create a more secure digital future?

Let’s dive into the dynamic world of digital identities and explore how SSI and eIDs could become unexpected allies in the fight for data privacy and control.

But wait! Here comes self-sovereign identity (SSI), a game-changer. With SSI, the power shifts back to the individual. Through software wallets, people can control their digital identity, adding or removing pieces of personal data as they choose. Want to share your university degree with an employer but keep your grocery list private? Done. Even better, your data can be verified by trusted third parties using blockchain or digital signatures, making it tamper-proof and secure.

SSI: the power of control, now in your pocket

While SSI is still in its early stages, exciting projects are making waves. Take the European Blockchain Services Infrastructure (EBSI), for instance. This initiative is working on the European self-sovereign identity framework (ESSIF). Essentially, this system will allow users to manage their identities according to European regulations. Think of it as a digital ID playground, where decentralized identifiers (DIDs) give users complete control over who can access their information.

And it’s not just the EU making moves. The IDunion project, led by a group of German companies, is building a global, open SSI infrastructure. Meanwhile, GAIA-X, another EU-backed initiative, is working on a secure, cloud-based data infrastructure independent of U.S. tech giants. Welcome to the new era of identity management, where control is finally shifting back to individuals.

The ID wallet: Germany’s experiment with SSI

Germany is already exploring SSI with the ID Wallet, a smartphone app that allows users to manage and share their identity data digitally. The first big test? A digital driving license. If you’re a German citizen with a valid driver’s license, you can use your phone to access car-sharing services and rentals. Simple, right?

However, like any new technology, it faced early challenges. Overwhelmed servers and security flaws led to the app being temporarily removed from stores. But setbacks are part of progress. Despite the hurdles, the ID Wallet remains a promising glimpse into the future of SSI.

Can eID and SSI work together? Absolutely!

Here’s the plot twist: SSI and eIDs aren’t necessarily enemies. Despite their different approaches, these systems have significant potential when combined. Ben Drisch, a cybersecurity expert at cryptovision, believes eIDs could actually enhance SSI. “For example, an eID can serve as a secure, convenient way for users to authenticate themselves when accessing their digital wallet,” says Drisch. “No more fumbling with passwords.”

Moreover, an eID can contribute valuable data to an SSI system. The details on your eID—such as your name, date of birth, or health records—can be securely transferred into your SSI wallet. The advantage? Since the eID is digitally signed by the government, it provides a built-in authenticity check for the transferred data. Talk about a win-win!

What’s next for eID and SSI?

The real question is: will governments allow individuals to take control of their digital identities? If they do, the fusion of SSI and eID could revolutionize personal data management. The EU, through initiatives like EBSI, is showing genuine interest in making this vision a reality. Some governments are even beginning to empower citizens with identity management tools.

However, if governments hesitate, progress may be slower. That said, Europe is currently leading the way in exploring these possibilities. As digital identity continues to evolve, we can expect more initiatives to emerge in the near future.

The takeaway

At first glance, SSI and eID may seem like opposing forces. However, when combined, they could create a more secure, flexible, and user-friendly digital identity system. The real magic will happen if governments fully embrace the shift and empower their citizens with control. Digital identity is evolving rapidly, and we’re just getting started.

National identity projects increasingly combine physical chip-based eID cards with digital credentials. By pairing both forms of ID, governments can expand citizen services and improve accessibility. One growing trend in identity management is integrating multiple functions—such as citizen identification, authentication, and electronic signatures—into a single eID document. To achieve this, specialized cryptographic software, known as smart card middleware, is essential. This middleware acts as a bridge between the eID card’s digital certificate and key material, ensuring secure access to sensitive citizen data stored on the card.

Platform support: Why is it crucial?

Unlike corporate environments, where hardware and software are tightly controlled, governments must accommodate a variety of personal devices used by citizens. Therefore, ensuring compatibility across multiple platforms—such as Microsoft Windows, Apple macOS, and Linux—is critical for eID projects. Broad compatibility guarantees that citizens can use their eID cards on any device, regardless of their operating system.

Managing the variety of smart cards

With numerous smart card manufacturers worldwide, each offering different specifications, eID middleware must ensure broad compatibility. PKCS#11—a widely accepted cryptographic standard—serves as the foundation for most manufacturers, enabling interoperability across various hardware. For example, middleware solutions like cryptovision’s SCinterface support over 100 different smart card profiles, providing a universal solution for eID projects.

Card replacement and middleware

When governments introduce new generations of eID cards, they do not have to replace all old cards immediately. Middleware that supports both legacy and newer cards allows a gradual transition. Older cards can remain in use until they expire, while new cards integrate seamlessly into the system. This approach maximizes investment in previous eID generations while adopting newer technologies.

Why do middleware solutions matter, even for non-card manufacturers?

Companies like Eviden, although not card manufacturers, provide specialized middleware solutions such as CardOS API and cryptovision’s SCinterface. These solutions support both legacy and modern smart cards, ensuring seamless interoperability in eID projects that use cards from multiple manufacturers.

Protocols and smart card integration

Unlike traditional devices, eID cards lack device drivers, making smart card middleware necessary to connect the card with the operating system. Different operating systems require specific cryptographic interfaces, such as Microsoft’s Cryptographic Service Provider (CSP) and Minidrivers, Apple’s CryptoTokenKit, and PKCS#11 for Linux. Middleware ensures that eID cards function smoothly with both the OS and other PKI (Public Key Infrastructure)-enabled applications. Once middleware is installed and the eID card is connected, most PKI-enabled applications automatically detect the digital certificate stored on the card. Additionally, middleware solutions often include utilities that simplify setup, making the process easier for first-time users. Governments can start with basic use cases—such as two-factor authentication—and gradually implement more advanced features like digital signatures. By integrating secure middleware solutions, governments enhance eID card usability, security, and interoperability.

Conclusion

In an era where digital identity is becoming increasingly complex, smart card middleware plays a crucial role in ensuring security, usability, and interoperability. By bridging the gap between eID cards and various operating systems, middleware enables seamless authentication, encryption, and digital signatures across different platforms. Governments looking to enhance national identity projects must prioritize flexible and scalable middleware solutions to accommodate evolving security standards and technological advancements. As the landscape of digital identity continues to evolve, investing in robust middleware will be key to maintaining secure and efficient eID ecosystems.