Modules for Online Applications (MOA) are a set of software tools which provide implementation and integration support for the functions and procedures mandated by the Austrian e-Government strategy. The MOA components within this project provided the support for functions such as creation and verification of electronic signatures, and identification and authentication of citizens in online procedures.
This module is used to uniquely identify and authenticate users securely who want to conduct online procedures with their citizen cards. The server-side MOA and the client-side citizen card software interact with each other to carry out identification and authentication using the identity link and the signature on the citizen card. This logon process ensures the highest level of security for accessing records and accounts, carrying out bank transactions, and for all branches in which personal information and data is stored.
The MOA ID links a session to specific user data from the identity link, such as the sector-specific personal identifier, which the MOA ID calculates from the sourcePIN on the citizen card.
The MOA ID includes functionality for
- accessing the citizen card environment (smart card or mobile phone signature),
- communicating with the browser and citizen card environment,
- single sign-on support
- authenticating and identifying citizens, businesses and authorities using the digital signature and identity link,
- connecting to the Supplementary Register for Natural Persons to support foreign
- connecting to online-mandate service
- coupling to STORK 2 infrastructure
- calculating the ssPIN and forwarding the user’s login information to the subsequent application.
- can be used with different authentication protocols (PVP 2.1, OpenID Connect, SAML 1)
- configuration can be done by using a graphical configuration interface
The layout of the web pages that are used in these processes can be changed to match the organisation’s corporate design.
To have a common look and feel, a "template" for selecting the citizen card login is provided. Recognition of common logos, buttons, and appearance shall ease using the citizen card in teh various applications.
After authentication is successfully carried out, the application requests the login data from the MOA ID over a web service or a Java interface. Through the use of sector-specific personal identifiers in business applications, the eGovernment Act allows the citizen card to be used for identification purposes in the private sector.
The MOA-SPSS module, which encapsulates all functionality for server-side signature creation and verification, is moved to a new JoinUp project. All further information for MOA-SPSS will be provided in the MOA-SPSS project.