Certification of Means of Electronic Identification (MIE)
What is MIE certification?
Certification of Means of Electronic Identification (MIE) is an assessment and conformity attestation process governed by the European eIDAS regulation (regulation $n^\circ910/2014$). It aims to guarantee the security, reliability and cross-border interoperability of devices or systems used for electronic identification (such as electronic identity cards, mobile applications, or authentication systems). This certification is essential to achieve one of the four levels of assurance (low, substantial or high) required for the use of EID in public or private services in the European Union, thus ensuring mutual trust in the digital identity of citizens and businesses.
What are the challenges of MIE certification?
- Regulatory and Legal Compliance: A legal requirement to operate within the European Union in compliance with the eIDAS regulation. Formal validation by an accredited third-party organization (such as LSTI) that the solution achieves the required level of assurance (substantial or high) for trust services is required.
- Increased Trust and Security: Validation of the solution's robustness against fraud, identity theft and cyber-attacks.
- Openness and Access to the European Single Market : Cross-border recognition of the means of identification in the 27 Member States, facilitating access to public and private online services for European users.
- Competitive advantage : Market differentiation by offering a trusted solution certified at European level.
- Interoperability and simplification : Guarantee that MIE can be easily integrated with other European digital systems and infrastructures.
How does MIE certification work?
MIE certification is based on article L. 102 of the French Post and Electronic Communications Code, which introduces the notion of presumption of reliability. This text also incorporates references from the eIDAS regulation on security requirements for electronic identification media.
The specifications for the evaluation of these MIEs, as well as their presumption of reliability, were determined by ANSSI in July 2022.
This certification is aimed at any company providing an electronic identification service or product.
It attests to the certified company's compliance with :
- Compliance with the requirements of the specifications defined by decree n°2022-1004, in accordance with III of article L.102 of the CPCE;
- Compliance with ANSSI requirements for the chosen level (substantial or high), in accordance with IV of article L. 102 of the CPCE.
This certification is issued for 2 years, without surveillance. To maintain it, a new full audit is required.
Why choose LSTI?
Recognized expertise
With over twenty years' experience, LSTI supports more than 300 organizations in France and Europe as a certification body and benchmark assessment center in the fields of cybersecurity, digital trust and information security.assessment center, working in the fields of cybersecurity, digital trust and information security.
Specialized auditors
Our teams of auditors are made up of experienced professionals who are fully conversant with the ANSSI's cybersecurity standards, information security management practices and European digital trust frameworks.curity standards, information security management practices and European digital trust frameworks. Their approach guarantees assessments that are demanding, balanced and adapted to the operational contexts of each organization.
Independent third party and dedicated support
Authorized by ANSSI, LSTI guarantees impartiality, transparency and consistency throughout the entire cycle: preparation, audits, monitoring and renewals. A dedicated contact ensures continuity and clarity throughout the certification process.