{"id":4991,"date":"2026-05-20T11:56:11","date_gmt":"2026-05-20T09:56:11","guid":{"rendered":"https:\/\/www.kipmi.com\/?page_id=4991"},"modified":"2026-05-20T11:56:11","modified_gmt":"2026-05-20T09:56:11","slug":"electronic-identification-scheme-policy","status":"publish","type":"page","link":"https:\/\/www.kipmi.com\/index.php\/electronic-identification-scheme-policy\/","title":{"rendered":"Electronic Identification Scheme Policy"},"content":{"rendered":"<div class=\"header-bar\">\n<div class=\"container\">\n<div class=\"oid\">\n<div class=\"header-bar\">\n<div class=\"container\">\n<div class=\"oid\">\n<div class=\"header-bar\">\n<div class=\"container\">\n<div class=\"oid\">OID: [1.3.6.1.4.1.62466.87.1.1.3.1.0]<\/div>\n<\/div>\n<\/div>\n<div class=\"meta-block\">\n<div class=\"container\">\n<table class=\"meta-table\">\n<tbody>\n<tr>\n<th>Organization<\/th>\n<td>BE YS TRUSTED SOLUTIONS FRANCE<\/td>\n<\/tr>\n<tr>\n<th>Dissemination<\/th>\n<td>D3 \u2013 Free distribution<\/td>\n<\/tr>\n<tr>\n<th>Location<\/th>\n<td>BE YS TRUSTED SOLUTIONS FRANCE<\/td>\n<\/tr>\n<tr>\n<th>Version<\/th>\n<td>1.4 \u2014 November 11, 2025<\/td>\n<\/tr>\n<tr>\n<th>Expiration<\/th>\n<td>2 years<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<\/div>\n<p><main><\/p>\n<div class=\"container\">\n<h2>Version History<\/h2>\n<table class=\"doc-table\">\n<thead>\n<tr>\n<th>Version<\/th>\n<th>Date<\/th>\n<th>Modifications<\/th>\n<th>Author<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>1.0<\/td>\n<td>04\/14\/2025<\/td>\n<td>Creation<\/td>\n<td>Gergina Kyoseva<\/td>\n<\/tr>\n<tr>\n<td>1.1<\/td>\n<td>06\/03\/2025<\/td>\n<td>Addition of OID<\/td>\n<td>Lidiya Ivanova<\/td>\n<\/tr>\n<tr>\n<td>1.2<\/td>\n<td>07\/04\/2025<\/td>\n<td>Addition of legal entity registration data<\/td>\n<td>Lidiya Ivanova<\/td>\n<\/tr>\n<tr>\n<td>1.3<\/td>\n<td>10\/16\/2025<\/td>\n<td>Addition of commonly used name<\/td>\n<td>Lidiya Ivanova<\/td>\n<\/tr>\n<tr>\n<td>1.4<\/td>\n<td>11\/11\/2025<\/td>\n<td>Suspension not available<\/td>\n<td>Mihael Stoyanov<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>Glossary<\/h2>\n<table class=\"doc-table\">\n<thead>\n<tr>\n<th>Term \/ Acronym<\/th>\n<th>Definition<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>ANSSI<\/td>\n<td>National Agency for Information Systems Security<\/td>\n<\/tr>\n<tr>\n<td>C2SC<\/td>\n<td>Trusted Services Monitoring Committee<\/td>\n<\/tr>\n<tr>\n<td>GTC<\/td>\n<td>General Terms and Conditions<\/td>\n<\/tr>\n<tr>\n<td>CSPN<\/td>\n<td>First Level Security Certification<\/td>\n<\/tr>\n<tr>\n<td>CNIL<\/td>\n<td>French Data Protection Authority<\/td>\n<\/tr>\n<tr>\n<td>EIMP<\/td>\n<td>Electronic Identification Means Provider<\/td>\n<\/tr>\n<tr>\n<td>EIM<\/td>\n<td>Electronic Identification Means<\/td>\n<\/tr>\n<tr>\n<td>OID<\/td>\n<td>Object Identifier<\/td>\n<\/tr>\n<tr>\n<td>RIVP<\/td>\n<td>Remote Identity Verification Provider<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>Definitions<\/h2>\n<table class=\"doc-table\">\n<thead>\n<tr>\n<th>Term<\/th>\n<th>Definition<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>KIPMI Application<\/td>\n<td>KIPMI is a mobile application that is part of BE YS TRUSTED SOLUTIONS FRANCE&rsquo;s digital trust services, enabling access to various services and the issuance of an electronic mean of identification.<\/td>\n<\/tr>\n<tr>\n<td>User application<\/td>\n<td>Application service, online or offline, requiring the electronic identification of its users via an electronic mean of identification issued by an EIMP.<\/td>\n<\/tr>\n<tr>\n<td>Authentication<\/td>\n<td>The act of verifying the identity of a natural or legal person or the origin of communication.<\/td>\n<\/tr>\n<tr>\n<td>Client<\/td>\n<td>Client entity that has decided to subscribe to the Service, which it uses for its own needs or makes available to users.<\/td>\n<\/tr>\n<tr>\n<td>Electronic Identification Means (EIM)<\/td>\n<td>A physical and\/or intangible element containing personal identification data and used to authenticate oneself to an online service. The EIM issued by BE YS TRUSTED SOLUTIONS FRANCE is integrated into a mobile application called \u00ab\u00a0KIPMI\u00a0\u00bb. The Electronic Identification Mean is issued after an initial identity verification and its lifetime is as defined in this Policy.<\/td>\n<\/tr>\n<tr>\n<td>Electronic Identification Scheme Policy<\/td>\n<td>A set of rules, identified by a name and an identifier (OID), defining the requirements with which an FIE complies in the implementation and provision of its services. A policy may also, if necessary, identify the obligations and requirements relating to other parties, in particular Users and User Applications.<\/td>\n<\/tr>\n<tr>\n<td>Service<\/td>\n<td>The service for issuing and managing Electronic Identification Means issued by BE YS TRUSTED SOLUTIONS FRANCE as an FIE.<\/td>\n<\/tr>\n<tr>\n<td>User<\/td>\n<td>A natural person who uses the certified EIM issuance service offered by the FIE.<\/td>\n<\/tr>\n<tr>\n<td>Stakeholders<\/td>\n<td>Person, machine, or service involved in the EIM issuance process.<\/td>\n<\/tr>\n<tr>\n<td>Trusted role<\/td>\n<td>Formally identified trusted persons who participate in the performance of sensitive actions related to the certified service.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2>Validation<\/h2>\n<table class=\"doc-table\">\n<thead>\n<tr>\n<th>Role<\/th>\n<th>Name<\/th>\n<th>Function<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>Proofreader<\/td>\n<td>Lidiya Ivanova<\/td>\n<td>Service manager<\/td>\n<\/tr>\n<tr>\n<td>Approver<\/td>\n<td>Younes El Gui<\/td>\n<td>President<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<div class=\"toc\">\n<div class=\"toc-title\">Table of Contents<\/div>\n<ol>\n<li><a href=\"#s1\">1. Introduction<\/a>\n<ol>\n<li><a href=\"#s1-1\">1.1 General overview<\/a><\/li>\n<li><a href=\"#s1-2\">1.2 Identification of the EIMP<\/a><\/li>\n<li><a href=\"#s1-3\">1.3 Electronic Identification Scheme Policy<\/a><\/li>\n<li><a href=\"#s1-4\">1.4 Document identification<\/a><\/li>\n<li><a href=\"#s1-5\">1.5 Effective date<\/a><\/li>\n<li><a href=\"#s1-6\">1.6 Duration and early termination of the Policy<\/a><\/li>\n<li><a href=\"#s1-7\">1.7 Policy Management<\/a><\/li>\n<li><a href=\"#s1-8\">1.8 Published information<\/a><\/li>\n<li><a href=\"#s1-9\">1.9 Document amendment<\/a><\/li>\n<\/ol>\n<\/li>\n<li><a href=\"#s2\">2. Related documents<\/a><\/li>\n<li><a href=\"#s3\">3. Stakeholders and obligations<\/a><\/li>\n<li><a href=\"#s4\">4. Operational requirements for the MIE lifecycle<\/a><\/li>\n<li><a href=\"#s5\">5. Non-technical security measures<\/a><\/li>\n<li><a href=\"#s6\">6. Technical security measures<\/a><\/li>\n<li><a href=\"#s7\">7. Operational requirements<\/a><\/li>\n<li><a href=\"#s8\">8. Risk management<\/a><\/li>\n<li><a href=\"#s9\">9. Management and operation<\/a><\/li>\n<\/ol>\n<\/div>\n<h2 id=\"s1\">1. Introduction<\/h2>\n<h3 id=\"s1-1\">1.1 General overview<\/h3>\n<p>As part of its dematerialization and trust services, BE YS TRUSTED SOLUTIONS FRANCE provides its Service to its Clients. BE YS TRUSTED SOLUTIONS FRANCE acts as an Electronic Identification Means Provider (EIMP) on behalf of the Users of its Clients&rsquo; services.<\/p>\n<p>This document constitutes the Electronic Identification Scheme Policy (EISP) of BE YS TRUSTED SOLUTIONS FRANCE as an EIMP for the issuance to Users of Electronic identification means (EIM) with a substantial assurance level under the eIDAS Regulation.<\/p>\n<p>The purpose of this Policy is to define the requirements for Electronic Identification Means throughout all phases of their life cycle, as well as to set out the commitments expected from the various Service Stakeholders.<\/p>\n<p>The electronic identification scheme implemented complies with the technical specifications and minimum procedures defined for the substantial level by:<\/p>\n<ul>\n<li>Regulation (EU) No. 910\/2014 of the European Parliament and of the Council of July 23, 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999\/93\/EC, amended by Regulation (EU) 2024\/1183 of the European Parliament and of the Council of April 11, 2024, amending Regulation (EU) No. 910\/2014 as regards the establishment of the European Digital Identity Framework;<\/li>\n<li>Commission Implementing Regulation (EU) 2015\/1501 of September 8, 2015;<\/li>\n<li>Commission Implementing Regulation (EU) 2015\/1502 of September 8, 2015;<\/li>\n<li>Security requirements reference framework for electronic identification means, version 1.2, dated August 11, 2022, issued by ANSSI;<\/li>\n<li>ETSI EN 319 401 Electronic Signatures and Infrastructures (ESI); General Policy Requirements for Trust Service Providers;<\/li>\n<li>ETSI EN 319 411-1 General requirements.<\/li>\n<\/ul>\n<p>Electronic Identification Means enable, among other things, the User to identify and authenticate themselves to an EIMP partner user application that delegates this electronic identification to the Service. Electronic Identification Means are intended for natural persons acting in a private capacity.<\/p>\n<h3 id=\"s1-2\">1.2 Identification of the EIMP<\/h3>\n<p>The Electronic Identification Means Provider, responsible for the Service and the Electronic Identification Means, is the following company:<\/p>\n<p><strong>BE YS TRUSTED SOLUTIONS FRANCE<\/strong><br \/>\n10 Boulevard Haussmann 75009 PARIS<br \/>\nContact address:\u00a0<a href=\"mailto:kipmi.customer.service@be-ys.com\">kipmi.customer.service@be-ys.com<\/a><br \/>\nWebsite:\u00a0<a href=\"https:\/\/www.kipmi.com\/\" target=\"_blank\" rel=\"noopener\">https:\/\/www.kipmi.com\/<\/a><\/p>\n<h3 id=\"s1-3\">1.3 Electronic Identification Scheme Policy<\/h3>\n<p>This document represents the EIMP&rsquo;s Electronic Identification Scheme Policy (Policy). It sets out rules defining the requirements with which the EIMP complies, as well as the standards it applies in setting up and providing the Service.<\/p>\n<p>The Policy also specifies the security measures, obligations, and requirements applicable to other parties, in particular Users and Clients, and forms an integral part of the GTC.<\/p>\n<h3 id=\"s1-4\">1.4 Document identification<\/h3>\n<p>This document has been prepared in accordance with Regulation (EU) 2016\/679 (GDPR) and applicable French legislation. The Policy is public and may be amended by the EIMP at any time.<\/p>\n<p>This Policy is identified by the following object identification number (OID):\u00a0<code>[1.3.6.1.4.1.62466.87.1.1.3.1.0]<\/code><\/p>\n<h3 id=\"s1-5\">1.5 Effective date<\/h3>\n<p>The Policy shall enter into force after approval by the EIMP&rsquo;s C2SC and on the date set by that Committee. The Policy shall be published on the website\u00a0<a href=\"https:\/\/www.kipmi.com\/\" target=\"_blank\" rel=\"noopener\">https:\/\/www.kipmi.com\/<\/a>\u00a0at least 72 hours before its effective date.<\/p>\n<h3 id=\"s1-6\">1.6 Duration and early termination of the Policy<\/h3>\n<p>This document remains in force until a new version is published.<\/p>\n<h3 id=\"s1-7\">1.7 Policy Management<\/h3>\n<h4>1.7.1 Entity managing the Policy<\/h4>\n<p>This Policy is managed by the members of the EIMP&rsquo;s C2SC.<\/p>\n<h4>1.7.2 Point of contact<\/h4>\n<p>The contact point for any questions about the Policy is:<\/p>\n<p>Mailing address: BE YS TRUSTED SOLUTIONS FRANCE \u2014 VID Department<br \/>\n10 Boulevard Haussmann, 75009 PARIS<br \/>\nEmail address:\u00a0<a href=\"mailto:kipmi.customer.service@be-ys.com\">kipmi.customer.service@be-ys.com<\/a><\/p>\n<h4>1.7.3 Policy Approval Procedure<\/h4>\n<p>The Policy is approved by the C2SC after review and proofreading of the document by the members of the Committee and by the persons designated by it.<\/p>\n<p>The purpose of this review is to ensure that:<\/p>\n<ul>\n<li>The Policy complies with regulatory and normative requirements relating to the provision of the certified service;<\/li>\n<li>The consistency of the Policy with other documents published in connection with the service, such as the General Terms and Conditions;<\/li>\n<li>The commitments expressed in the Policy are consistent with the technical and organizational resources implemented by the EIMP and its partners;<\/li>\n<li>The supervisory body is effectively notified of any significant changes in the provision of the Service in accordance with the procedures described in the certification procedures. This includes, but is not limited to: changes resulting from a modification of the Service Policy or the associated General Terms and Conditions; changes to the hosting conditions; changes to cryptographic equipment; changes to the technical architecture; changes to procedures for issuing, re-issuing, revoking, suspending, or reactivating EIM; changes in the governance of the Service.<\/li>\n<\/ul>\n<p>The C2SC shall ensure that the effective date of the new Policy allows, as far as possible, sufficient time for Clients to familiarize themselves with the new provisions and adapt their practices if necessary.<\/p>\n<h3 id=\"s1-8\">1.8 Published information<\/h3>\n<h4>1.8.1 Entities responsible for providing information<\/h4>\n<p>The EIMP shall publish information for Clients and Users on its website:\u00a0<a href=\"https:\/\/www.kipmi.com\/\" target=\"_blank\" rel=\"noopener\">https:\/\/www.kipmi.com\/<\/a><\/p>\n<h4>1.8.2 Information to be published<\/h4>\n<p>The EIMP undertakes to publish at least the following information:<\/p>\n<ul>\n<li>This document, describing the Electronic Identification Scheme Policy;<\/li>\n<li>The General Terms and Conditions of the Service;<\/li>\n<li>The points of publication of information associated with partner services.<\/li>\n<\/ul>\n<h4>1.8.3 Publication deadlines and frequency<\/h4>\n<p>Information relating to the Service (changes, new versions of the Policy, etc.) is published as soon as needed to ensure continuous consistency between the published information and the EIMP&rsquo;s actual commitments, resources, and procedures.<\/p>\n<p>The information publication point is available 24\/7\/365.<\/p>\n<h4>1.8.4 Control of access to published information<\/h4>\n<p>All published information is freely accessible for reading and can be consulted here:\u00a0<a href=\"https:\/\/www.kipmi.com\/\" target=\"_blank\" rel=\"noopener\">https:\/\/www.kipmi.com\/<\/a><\/p>\n<p>Modification access to the publication systems for other information is strictly limited to the authorized internal functions of the EIMP. These individuals are defined in trusted roles and have a strong authentication method for logging into the publication systems.<\/p>\n<h3 id=\"s1-9\">1.9 Document amendment<\/h3>\n<h4>1.9.1 Update procedure<\/h4>\n<p>The EIMP ensures that any proposed amendments to its Policy remain compliant with applicable regulatory and normative requirements. The C2SC is always involved in the validation of any amendments. Any request for change is therefore placed on the agenda of a future committee meeting and the decision is recorded in the corresponding minutes.<\/p>\n<p>Any proposed changes to the Service are subject to an impact analysis to determine their potential impact on:<\/p>\n<ul>\n<li>The quality or security of the Service;<\/li>\n<li>The compliance of the certified offer with ANSSI requirements;<\/li>\n<li>The need to update other published documents;<\/li>\n<li>The internal practices of the EIMP or its partners and suppliers.<\/li>\n<\/ul>\n<h4>1.9.2 Circumstances under which the Policy must be changed<\/h4>\n<p>Amendments to this Policy may be made during the lifetime of the Service, for example for:<\/p>\n<ul>\n<li>Minor corrections (errors, additional clarifications, etc.);<\/li>\n<li>Developments or extensions to the service;<\/li>\n<li>The acceptance or implementation of new Means of Electronic Identification;<\/li>\n<li>Technical changes (implementation, partners, suppliers, etc.);<\/li>\n<li>Corrections resulting from audits of the Service.<\/li>\n<\/ul>\n<h4>1.9.3 Circumstances under which the OID must be changed<\/h4>\n<p>In the event of a major impact, a change to the Policy OID is planned, and the change and its impact analysis are submitted to the supervisory body and the conformity assessment body for their opinion or comments.<\/p>\n<p>The impact analysis is reviewed by the C2SC, which decides whether or not to approve the change. If approved, the new Policy will be submitted to the C2SC for approval.<\/p>\n<h4>1.9.4 Entry into force of the amended Policy<\/h4>\n<p>The date of entry into force of the new version of the document is determined by the C2SC in its validation decision, taking into account the nature and complexity of the changes and, where applicable, the time needed for Stakeholders in the Service to implement the related adjustments.<\/p>\n<h4>1.9.5 Mechanism and period for providing information on amendments<\/h4>\n<p>Once the change to the Service has been validated by the C2SC, the new Policy is communicated:<\/p>\n<ul>\n<li>Without delay to the EIMP&rsquo;s staff and all Stakeholders in the provision of the Service \u2014 by email. The time allowed for them to familiarize themselves with the new provisions and adapt (if necessary) their practices and procedures, as well as the date of entry into force, are explicitly indicated.<\/li>\n<li>At least 72 hours (seventy-two hours) before its effective date \u2014 to Clients and Users \u2014 by publication on the website:\u00a0<a href=\"https:\/\/www.kipmi.com\/\" target=\"_blank\" rel=\"noopener\">https:\/\/www.kipmi.com\/<\/a><\/li>\n<\/ul>\n<p>The EIMP sends the supervisory body an annual summary of all changes made to the provision of its Service.<\/p>\n<h2 id=\"s2\">2. Related Documents<\/h2>\n<h3>2.1 General Terms and Conditions<\/h3>\n<p>The applicable GTC (and their previous versions) are available on the EIMP website:\u00a0<a href=\"https:\/\/www.kipmi.com\/\" target=\"_blank\" rel=\"noopener\">https:\/\/www.kipmi.com\/<\/a>\u00a0and on the KIPMI application.<\/p>\n<h3>2.2 Normative documents<\/h3>\n<table class=\"doc-table\">\n<thead>\n<tr>\n<th>Reference<\/th>\n<th>Document<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td>[EIDAS]<\/td>\n<td>Regulation (EU) No. 910\/2014 of the European Parliament and of the Council of July 23, 2014 on electronic identification and trust services for electronic transactions in the internal market<\/td>\n<\/tr>\n<tr>\n<td>[ANSSI_MIE]<\/td>\n<td>Requirements framework for electronic identification means \u2014 General Security Framework<\/td>\n<\/tr>\n<tr>\n<td>[HYGIENE]<\/td>\n<td>IT hygiene guide<\/td>\n<\/tr>\n<tr>\n<td>[CERT_SERV_PROCESS]<\/td>\n<td>Service certification process<\/td>\n<\/tr>\n<tr>\n<td>[GDPR]<\/td>\n<td>Regulation (EU) 2016\/679 \u2014 General Data Protection Regulation<\/td>\n<\/tr>\n<tr>\n<td>[EN_319_401]<\/td>\n<td>ETSI EN 319 401 \u2014 Electronic Signatures and Infrastructures (ESI); General Policy Requirements for Trust Service Providers<\/td>\n<\/tr>\n<tr>\n<td>[EN_319_411-1]<\/td>\n<td>ETSI EN 319 411-1 \u2014 Electronic Signatures and Infrastructures (ESI); Policy and security requirements for Trust Service Providers issuing certificates<\/td>\n<\/tr>\n<tr>\n<td>[2015\/1501]<\/td>\n<td>Commission Implementing Regulation (EU) 2015\/1501 on the interoperability framework<\/td>\n<\/tr>\n<tr>\n<td>[2015\/1502]<\/td>\n<td>Commission Implementing Regulation (EU) 2015\/1502 laying down technical specifications and minimum procedures relating to the assurance levels of electronic identification means<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<h2 id=\"s3\">3. Stakeholders and Obligations<\/h2>\n<h3>3.1 EIM provider<\/h3>\n<p>The EIMP is responsible for the Service and performs the EIM management function. It ensures the implementation and oversight of the various functions necessary for the provision of the Service.<\/p>\n<p>The EIMP has established an organization that is fully operational in all aspects relevant to the provision of the Service. In particular, the EIMP maintains an effective information security management system to manage and control information security risks. The EIMP remains responsible for the performance of any tasks outsourced to third parties, as well as for compliance with the scheme policy, as if those tasks had been performed internally.<\/p>\n<p>The EIMP complies with all legal requirements incumbent upon it in connection with the operation and performance of the Service, including the categories of information that may be collected, the procedures for establishing proof of identity, the types of data that may be retained, and the duration of their retention.<\/p>\n<h3>3.2 Remote Identity Verification Provider<\/h3>\n<p>The RIVP is an entity that provides a service for verifying Users&rsquo; identification data through a remote face-to-face meeting (as opposed to a physical face-to-face meeting).<\/p>\n<p>The Service uses only RIVPs certified at the substantial or high assurance level by ANSSI, depending on the reference framework, for its User registration function. As such, the RIVP guarantees the reliability of its service, creates and keeps a record of evidence for each verification carried out, and regularly reports metrics relating to the operation of its service to the EIMP.<\/p>\n<h3>3.3 Users<\/h3>\n<p>The User, holder or applicant for an EIM, can only be a natural person, who is issued with an EIM after verification of their identity. The Service does not manage any link between the User and legal entities in the context of EIM identification data. The User declares that they have read and accept the GTC of the KIPMI Application.<\/p>\n<p>The User uses their EIM to identify and authenticate themselves to the User Parties that delegate this electronic identification to the Service.<\/p>\n<h3>3.4 User Applications<\/h3>\n<p>User Applications are digital services, whether online or offline, managed by User Parties, which must identify (know the identity attributes such as first and last name, etc.) and authenticate (ensure that the user is actually the person designated by the identity attributes) their users in a reliable manner, and which delegate this electronic identification to the Service.<\/p>\n<p>To do this, the user application asks the Service&rsquo;s electronic identification function to perform electronic identification using the EIM that its user must have obtained beforehand.<\/p>\n<p>The person responsible for a User Application must ensure that the level of assurance provided by the Service is appropriate for the requirements of their application.<\/p>\n<h3>3.5 User Parties<\/h3>\n<p>A User Party is a natural or legal person who relies on electronic identification. Within the KIPMI Application, the User has the option of sharing documents and attributes with User Parties who request them. User Parties may include the User&rsquo;s employer, banks, insurance companies, government organizations, mobile phone operators, etc. The User Parties are Clients of the EIMP and rely on the Service to establish commercial, professional, administrative, and other relationships or to carry out various operations or transactions.<\/p>\n<h2 id=\"s4\">4. Operational Requirements for the MIE Lifecycle<\/h2>\n<h3>4.1 Functional breakdown of the Service and characteristics<\/h3>\n<p>The functional breakdown of the Service used in this document is as follows:<\/p>\n<ul>\n<li><strong>EIM management function:<\/strong>\u00a0This function ensures the overall management of the MIE lifecycle. It relies on the functions of registering Users, issuing and revoking EIM, and also manages the re-issuance and expiration of EIM, as well as the use of EIM by the electronic identification function.<\/li>\n<li><strong>User registration function:<\/strong>\u00a0This function verifies the identity information of a prospective EIM User before they can obtain an EIM. It is used during the initial issuance of an EIM to a new User, as well as during the reactivation of an EIM or after the expiration of a User&rsquo;s previous EIM.<\/li>\n<li><strong>EIM issuance function:<\/strong>\u00a0This function initializes and issues an EIM to a User who has been successfully registered. This phase includes the generation of User cryptographic elements and their secure implementation in the User&rsquo;s EIM. The User chooses their personal PIN code and creates their account.<\/li>\n<li><strong>EIM revocation function:<\/strong>\u00a0This function processes MIE revocation requests in order to determine the actions to be taken and, where applicable, terminate the validity of the MIE.<\/li>\n<li><strong>Electronic identification function:<\/strong>\u00a0This function disseminates and shares a User&rsquo;s identity information with User Parties that have requested it, after identifying and authenticating the User through their EIM and verifying the EIM&rsquo;s validity.<\/li>\n<\/ul>\n<p>The EIM is designed so that it can only be used under the control or in the possession of the person to whom it belongs.<\/p>\n<p>The cryptographic means constituting the EIM must, as a minimum, be qualified at the basic level of the [RGS] based on a First Level Security Certification (CSPN), on the basis of a security target validated by ANSSI.<\/p>\n<h3>4.2 Registration and application for an EIM<\/h3>\n<p>To use the Service, the User must download the KIPMI Application to their smartphone. When the User opens the KIPMI Application for the first time, they go through the registration process, which consists of several steps: account creation, identity verification, and issuance of EIM.<\/p>\n<p>To create an account, the User provides: their email address, their first name and last name, and their phone number.<\/p>\n<p>The User must then accept the KIPMI Application&rsquo;s general terms and conditions and click on the \u00ab\u00a0Register\u00a0\u00bb button. In order to create their account, the User must set up a PIN code during registration. The PIN code consists of 6 digits and is advised to follow with the recommendations below:<\/p>\n<ul>\n<li>Do not include repeated digits (e.g., 111111)<\/li>\n<li>Do not include sequential numbers (e.g., 123456 or 654321)<\/li>\n<\/ul>\n<p>Once the PIN code has been created, the User must validate their email address and phone number. The User verifies their email address using the 6-digit code sent to their email address. The phone number is verified using a 6-digit code sent by SMS to the phone number provided by the User.<\/p>\n<h3>4.3 Proof and verification of identity for individuals<\/h3>\n<p>Before being issued with an EIM, the User must have their identity verified by a remote identity verification service certified by a remote identity verification provider (RIVP) with a minimum substantial level of assurance. The User must present a valid official ID, and their face will be compared to the photo on the ID. Following a positive verdict from this verification service, the following identity attributes are associated with the account created and considered reliable with a substantial level of assurance:<\/p>\n<ul>\n<li>Last name;<\/li>\n<li>First names;<\/li>\n<li>Date of birth;<\/li>\n<li>Place of birth (city or country when the person was not born in France);<\/li>\n<li>Gender.<\/li>\n<\/ul>\n<p>A request for the issuance of an EIM to the User is then automatically initiated.<\/p>\n<h3>4.4 Issuance of the EIM<\/h3>\n<p>Once identity verification has been successfully completed, the User will have 72 hours to activate their account by validating the verified credentials extracted from the identity document used for verification.<\/p>\n<p>If an account is not activated by accepting the credentials within 72 hours, the User is required to go through the identity verification process again.<\/p>\n<p>If identity verification fails, the User is notified and asked to restart the process. There is no limit to the number of times a user can attempt to verify their identity.<\/p>\n<p>An EIM is issued when the account is activated, after a previous EIM has been revoked.<\/p>\n<p>A notification in the KIPMI Application informs the User that their EIM has been successfully issued on the phone used.<\/p>\n<p>An EIM is valid for the duration of validity of the identity document used for its issuance, but may not exceed five years. It must be re-issued before this expiry date, otherwise it will expire.<\/p>\n<h3>4.5 Use of the EIM<\/h3>\n<p>The use of an EIM is restricted to the electronic identification of its User on the Service&rsquo;s electronic identification function.\u00a0<strong>Any other use is prohibited.<\/strong><\/p>\n<h4>4.5.1 Use of EIM for electronic identification requested by a User Application<\/h4>\n<p>The User&rsquo;s electronic identification is requested by a User Application (including the Service itself). This User Application displays a QR code which requests the information necessary to authenticate the User. The User opens their KIPMI mobile application. The User authenticates themselves on their mobile application using their PIN code. The User scans the QR code. The KIPMI mobile application asks the User to confirm the sharing of personal data requested by the User Application. The User agrees (or refuses) to provide the data. Upon acceptance, KIPMI shares the User&rsquo;s data with the User Application.<\/p>\n<p>The User must ensure that authentication is requested by a legitimate application, and if this is not the case, must not enter their PIN code and must report this incident to the Service.<\/p>\n<h4>4.5.2 Use of EIM for electronic identification requested by company systems directly integrated with the KIPMI application<\/h4>\n<p>The User&rsquo;s electronic identification may also be requested by User Parties that have direct integration with the KIPMI Application. In this case, the User receives a notification in the application containing information about the legal entity requesting their electronic identification. The User has the option to accept or decline the request. To accept or decline the request, the User must authenticate themselves using their PIN.<\/p>\n<h4>4.5.3 Use of EIM for document sharing<\/h4>\n<p>EIM can be used for document sharing between Users and User Parties. The KIPMI Application has a feature that allows Users who are also members of the organization&rsquo;s space to receive document sharing requests from the organizations of which they are members. The User has the option to accept or reject the request. To accept or reject the request, the User must authenticate themselves using their PIN code.<\/p>\n<h4>4.5.4 Use of EIM for sharing attributes<\/h4>\n<p>The KIPMI Application offers the functionality of sharing identity attributes as defined by the eIDAS 2 regulation between Users and User Parties. The User has the option to decide whether to accept or refuse the request to share attributes. To accept or refuse the request, the user must authenticate themselves using their PIN code.<\/p>\n<h3>4.6 Revocation or suspension of the EIM<\/h3>\n<p>The revocation of an EIM may be requested by the User themselves (after the loss or theft of their phone or ID card, for example) on the KIPMI Application or directly by the EIMP via email to\u00a0<a href=\"mailto:kipmi.customer.service@be-ys.com\">kipmi.customer.service@be-ys.com<\/a>.<\/p>\n<p>The KIPMI Application does not support Suspension of the MIE.<\/p>\n<h4>4.6.1 Request for revocation by the User from the KIPMI application<\/h4>\n<p>The User may request the revocation of their EIM from the KIPMI mobile application, after authentication with their PIN code.<\/p>\n<p>The revocation management function on the KIPMI application is available 24 hours a day, 7 days a week. Any request for revocation of an EIM is processed within 24 hours. This period begins upon receipt of the request and ends when information about the revocation is made available to third parties.<\/p>\n<p>Revocation prohibits any further use of the EIM. The User may request a new EIM following revocation, under the same conditions as for an initial request.<\/p>\n<h4>4.6.2 Request for revocation by the EIMP<\/h4>\n<p>The revocation of an EIM may be decided by the EIMP in the following cases:<\/p>\n<ul>\n<li>The User does not meet or no longer complies with the general terms and conditions of use;<\/li>\n<li>An error (intentional or unintentional) has been detected in the registration file;<\/li>\n<li>The EIM or associated activation data is suspected of being compromised, is compromised, lost, or stolen;<\/li>\n<li>The User has died;<\/li>\n<li>The User has filed a complaint for identity theft.<\/li>\n<\/ul>\n<p>Based on a validated decision, an administrator logs into the service, searches for the EIM of the User concerned, and revokes it.<\/p>\n<h4>4.6.3 Re-Issuance of EIM<\/h4>\n<p>In order to re-issue the EIM, the User must go through identity verification procedure.<\/p>\n<h3>4.7 EIM re-issuance<\/h3>\n<p>EIM re-issuance consists of requesting an EIM when the User already has a valid EIM that has not expired or been revoked. Otherwise, it is considered a new request and is treated as an initial request.<\/p>\n<p>Re-issuance may be requested by the User or proposed by the Service.<\/p>\n<p>The Service automatically sends a notification to Users whose EIM is about to expire. When they wish, and before their EIM expires, Users open the KIPMI application on their mobile phone and authenticate themselves by entering their confidential PIN code.<\/p>\n<p>If the ID document registered when the EIM was previously issued is no longer valid, the User must complete the RIVP process as the first step in the re-issuance process.<\/p>\n<p>After the User has been authenticated and their identity has been verified, the KIPMI application initiates the EIM re-issuance process. It generates new cryptographic elements and asks the User to set a confidential PIN code.<\/p>\n<p>The application informs the User that the re-issuance has been successful. The previous EIM on the same device is revoked.<\/p>\n<h2 id=\"s5\">5. Non-Technical Security Measures<\/h2>\n<h3>5.1 Physical security measures<\/h3>\n<p>The EIMP undertakes to implement and maintain the level of physical security required for the premises where the Service components are operated.<\/p>\n<h4>5.1.1 Geographical location and construction of sites<\/h4>\n<p>Depending on the sensitivity of the Service components, the sites are defined at level 1 of the security policy: vital impact (major for the company). As such, the security of the building site complies with level 1 physical security measures for peripheral, perimeter, and interior protection, in particular measures relating to power supply and air conditioning, vulnerability to water damage, and fire prevention and protection.<\/p>\n<h4>5.1.2 Physical access<\/h4>\n<p>In order to prevent any loss, damage, or compromise of EIMP&rsquo;s resources, access to the premises is controlled in accordance with the Level 1 zoning of the premises: \u00ab\u00a0very restricted access.\u00a0\u00bb<\/p>\n<p>For the User&rsquo;s EIM delivery functions, access is strictly limited to persons specifically authorized to enter the premises, and access is traceable. Outside business hours, security is reinforced by the implementation of physical and logical intrusion detection measures. In addition, entry and exit control is permanent during non-business hours (NBH).<\/p>\n<p>Each entry and exit to the secure area is subject to independent monitoring and traceability. All unauthorized personnel must be accompanied by an authorized person.<\/p>\n<h4>5.1.3 Power supply and air conditioning<\/h4>\n<p>The characteristics of the power supply and air conditioning equipment enable compliance with the conditions of use of the EIMP equipment as specified by their suppliers. They also comply with the requirements of the specifications provided by the EIMP in terms of the availability of its functions.<\/p>\n<h4>5.1.4 Vulnerability to water damage<\/h4>\n<p>The protective measures put in place by the EIMP protect its infrastructure against water damage.<\/p>\n<h4>5.1.5 Fire prevention and protection<\/h4>\n<p>The EIMP implements fire protection and firefighting measures.<\/p>\n<h4>5.1.6 Media storage<\/h4>\n<p>Media (paper, hard drives, floppy disks, CDs, etc.) used within the EIMP are processed and stored in accordance with the security requirements defined for sensitive assets (in terms of confidentiality, integrity, and availability).<\/p>\n<h4>5.1.7 Decommissioning of media<\/h4>\n<p>At the end of their life, media will either be destroyed or reset for reuse, depending on the level of confidentiality of the information they contain. The procedures and means of destruction and reset comply with EIMP&rsquo;s Security Policy.<\/p>\n<h4>5.1.8 Off-site backup<\/h4>\n<p>In addition to on-site backups, the Service components implement off-site backups of their applications and information. These backups are organized to ensure the fastest possible recovery of services after an incident. Backups are tested regularly.<\/p>\n<h3>5.2 Procedural security measures<\/h3>\n<p>Security procedures and policies are communicated to employees on a need-to-know basis. Procedures are established and enforced for all operations performed by personnel in positions of trust that may impact service delivery.<\/p>\n<h4>5.2.1 Trusted Roles<\/h4>\n<ul>\n<li><strong>Service Security Officer:<\/strong>\u00a0Responsible for implementing the Service&rsquo;s security policy and analyzing event logs.<\/li>\n<li><strong>Application Manager:<\/strong>\u00a0Responsible for implementing the various EIMP policies within the relevant Service component.<\/li>\n<li><strong>Compliance Manager:<\/strong>\u00a0Responsible for ensuring compliance with ANSSI regulations and European digital wallet regulations (eIDAS and eIDAS2).<\/li>\n<li><strong>Systems Engineer:<\/strong>\u00a0Responsible for the start-up, configuration, and technical maintenance of IT equipment.<\/li>\n<li><strong>Operator:<\/strong>\u00a0Carries out the operation of the applications used to deliver the services.<\/li>\n<li><strong>Controller:<\/strong>\u00a0Regularly checks that the services comply with EIMP policies.<\/li>\n<li><strong>Revocation operator:<\/strong>\u00a0Responsible for applying the EIM revocation procedure.<\/li>\n<\/ul>\n<h4>5.2.2 Number of people required per task<\/h4>\n<p>Internal documentation specifies which operations require the involvement of several persons and which constraints these persons must comply with.<\/p>\n<h4>5.2.3 Identification and authentication for each role<\/h4>\n<p>Each entity operating a component of the Service verifies the identity and authorizations of all members of its staff before assigning them a role and the corresponding rights.<\/p>\n<h4>5.2.4 Roles requiring separation of duties<\/h4>\n<p>Several roles may be assigned to the same person, provided that this does not compromise the security of the services offered. The following combinations are prohibited:<\/p>\n<ul>\n<li>Security officer and system engineer\/operator;<\/li>\n<li>System engineer and operator.<\/li>\n<\/ul>\n<h3>5.3 Security measures for the personnel<\/h3>\n<h4>5.3.1 Required qualifications, skills, and authorizations<\/h4>\n<p>All personnel assigned to work within the Service components are subject to a confidentiality agreement. The EIMP manager must ensure that the duties assigned to personnel correspond to their professional competencies. Access rights and authorizations are granted in accordance with the principle of least privilege.<\/p>\n<h4>5.3.2 Background check procedures<\/h4>\n<p>Personnel working within a component of the Service are required to submit a sworn statement of no criminal convictions, a criminal record extract, or a confidentiality agreement. Persons in trusted roles must not have any conflicts of interest.<\/p>\n<h4>5.3.3 Initial training requirements<\/h4>\n<p>Personnel receive prior training on the software, hardware, and internal operational and security procedures that they implement.<\/p>\n<h4>5.3.4 Continuing training requirements and frequency<\/h4>\n<p>Continuing training includes annual training on new threats and security procedures.<\/p>\n<h4>5.3.5 Penalties for unauthorized actions<\/h4>\n<p>Appropriate sanctions shall be applied to personnel who fail to comply with applicable security procedures and policies.<\/p>\n<h4>5.3.6 Requirements for external service provider personnel<\/h4>\n<p>External service provider personnel shall also comply with the requirements of this Policy and the Security Policy. This must be reflected in appropriate clauses in the relevant contracts.<\/p>\n<h4>5.3.7 Documentation provided to staff<\/h4>\n<p>All staff shall have access to at least the relevant documentation concerning the operational procedures and specific tools they use.<\/p>\n<h3>5.4 Audit data collection procedures<\/h3>\n<h4>5.4.1 Types of events to be recorded<\/h4>\n<p>Each entity operating a component of the Service logs at least the following events automatically upon system startup:<\/p>\n<ul>\n<li>Creation\/modification\/deletion of user accounts and corresponding authentication data;<\/li>\n<li>Startup and shutdown of computer systems and applications;<\/li>\n<li>Events related to logging: start-up and shutdown of the logging function, modification of logging settings;<\/li>\n<li>Logging in\/out of users with trusted roles, and corresponding unsuccessful attempts.<\/li>\n<\/ul>\n<p>Additional security-related events collected include: physical access, maintenance actions, changes to personnel, destruction and reset actions on media, receipt and approval\/rejection of MIE requests, events related to cryptographic materials, publication and updating of GTC, and receipt\/validation of revocation requests.<\/p>\n<h4>5.4.2 Frequency of event log processing<\/h4>\n<p>The Service&rsquo;s event logs are analyzed on average 2 to 3 times each week. Event logs are also automatically analyzed to identify abnormal activity and alert staff to potential critical security events.<\/p>\n<h4>5.4.3 Event log retention period<\/h4>\n<p>Event logs are retained on site for at least one month. Logs are retained and archived for the period required by applicable law, even if the Service ceases to operate.<\/p>\n<h4>5.4.4\u20135.4.7 Event log protection, backup, collection, and notification<\/h4>\n<p>The EIMP implements protection and backup processes for event logs appropriate to their sensitivity level. The EIMP implements an event logging system that includes date stamping.<\/p>\n<h4>5.4.8 Vulnerability assessment<\/h4>\n<p>The EIMP implements vulnerability management for EIMP systems. Any critical vulnerabilities are addressed within 48 hours of their discovery.<\/p>\n<h3>5.5 Data archiving<\/h3>\n<h4>5.5.1 Types of data to be archived<\/h4>\n<p>Data to be archived includes: software and configuration files, policies, internal documentation, and receipts or notifications.<\/p>\n<h4>5.5.2 Archive retention period<\/h4>\n<p>Personnel, traffic, connection, and billing information is not archived for more than one year. Policies and internal documentation are kept for the lifetime of the EIMP. EIM application files and event logs are retained for five years after the expiration of the EIM.<\/p>\n<h4>5.5.3 Protection of archives<\/h4>\n<p>Archives and their backups must be protected in terms of integrity, be accessible to authorized persons, and be able to be read and used.<\/p>\n<h4>5.5.4\u20135.5.6 Archive backup, collection, and recovery<\/h4>\n<p>Archives can be retrieved within two business days. The level of protection for backups must be at least equivalent to the level of protection for archives.<\/p>\n<h3>5.6 Recovery following a compromise and\/or disaster<\/h3>\n<h4>5.6.1 Incident and compromise reporting<\/h4>\n<p>In the event of a major security incident or loss of integrity, the EIMP will notify the parties concerned, including the supervisory body and the CNIL, within 24 hours of identifying the incident.<\/p>\n<h4>5.6.2 Recovery procedures<\/h4>\n<p>The EIMP has implemented a business continuity plan. This plan is tested at least once every three (3) years.<\/p>\n<h4>5.6.3 Recovery in the event of compromise of a component&rsquo;s private key<\/h4>\n<p>In the event of compromise of an algorithm, the EIMP will schedule a planned revocation in accordance with the state of the art regarding the weaknesses of the compromised algorithm.<\/p>\n<h4>5.6.4 Business continuity capabilities<\/h4>\n<p>The EIMP has an up-to-date business continuity plan in order to respond effectively in the event of a disaster.<\/p>\n<h3>5.7 End of life of the scheme<\/h3>\n<p>In the event of a cessation of activity, the EIMP shall ensure the revocation of the EIM in accordance with its policy commitments. Before terminating services, the EIMP must inform all Users and entities, terminate subcontractor authorizations, transfer obligations to a reliable party, destroy private keys, and make arrangements to transfer services to another provider.<\/p>\n<h2 id=\"s6\">6. Technical Security Measures<\/h2>\n<h3>6.1 Authentication function security<\/h3>\n<p>The authentication mechanism uses two factors from distinct categories:<\/p>\n<ul>\n<li>Possession of the phone on which the KIPMI mobile application instance is installed, initialized with user-specific secrets;<\/li>\n<li>Knowledge of the User&rsquo;s PIN code.<\/li>\n<\/ul>\n<p>The authentication protocol uses a challenge generated by the authentication service, which is then sent to the user&rsquo;s phone for signing. The validation happens by signing and validating the signed challenge with the FIDO2 keypair generated on registration.<\/p>\n<p>The mobile application incorporates several security features against threats such as phone theft, compromise of encryption keys, and brute force attacks, including secure PIN code management and confidentiality of encryption keys and secrets throughout their entire lifecycle.<\/p>\n<h3>6.2 Security of distribution of identity attributes<\/h3>\n<p>This covers authentication of customer digital services, signing of tokens, token lifetime, and security level of components.<\/p>\n<h3>6.3 IT system security measures<\/h3>\n<p>Security objectives include: strong user identification and authentication, management of user rights, management of user sessions, protection against computer viruses, user account management, network protection against intrusion, audit functions, and error recovery management.<\/p>\n<h3>6.4 System security measures during their lifecycle<\/h3>\n<h4>6.4.1 Security measures related to system development<\/h4>\n<p>The implementation and configuration of Service components shall be documented. Change control procedures are implemented and applied to each modification.<\/p>\n<h4>6.4.2 Security management measures<\/h4>\n<p>The EIMP has procedures for managing security updates, performs risk analysis reviewed at least annually, regularly performs vulnerability scans, and performs penetration tests when new infrastructure is implemented.<\/p>\n<h3>6.5 Network security measures<\/h3>\n<p>The EIMP has segmented its network into separate zones. Interconnections are protected by security gateways. Only personnel in trusted roles have access to secure network areas. All systems are configured to delete or disable unused accounts, applications, services, and ports.<\/p>\n<h3>6.6 Time Stamping\/Dating System<\/h3>\n<p>The dating systems are synchronized with a reliable source of universal time (UTC) and a time synchronization system (NTP) with an accuracy of at least one minute.<\/p>\n<h3>6.7 Personal data protection<\/h3>\n<p>The provision of EIM involves the processing of personal data within the meaning of Article 4-2 of the GDPR. The EIMP complies with the essential principles of personal data protection set out in the GDPR and Law No. 78-17 of January 6, 1978.<\/p>\n<h2 id=\"s7\">7. Operational Requirements<\/h2>\n<p>To obtain and use EIM, the User must have a smartphone with an Internet connection, a valid email address, a phone number, and an identity document.<\/p>\n<h2 id=\"s8\">8. Risk Management<\/h2>\n<h3>8.1 Risk analysis<\/h3>\n<p>Before launching the qualified service, the EIMP conducted a risk assessment. The risk analysis is reviewed and revised on an annual basis and whenever there is a significant change that impacts the service.<\/p>\n<h3>8.2 General information security policy<\/h3>\n<p>The EIMP has an information system security policy (ISSP) for the service. The ISSP covers the security measures and procedures applied to the service&rsquo;s physical and technical infrastructure and sensitive assets. The information systems configuration is audited at least once a year.<\/p>\n<h3>8.3 Security Accreditation of the Service<\/h3>\n<p>Before being put into production, the EIMP carries out a security accreditation of its service. The accreditation decision is formally issued by the EIMP and reviewed prior to each renewal of its service qualification.<\/p>\n<h2 id=\"s9\">9. Management and Operation<\/h2>\n<h3>9.1 Internal organization<\/h3>\n<h4>9.1.1 Reliability<\/h4>\n<p>The EIMP shall establish a reliable organization structure for the delivery of the Service. Subcontractors involved in the delivery of the Service are bound by contractual obligations that enable the EIMP to retain overall responsibility.<\/p>\n<p>The practices implemented by the EIMP are non-discriminatory. The EIM service is accessible to any natural or legal person targeted by the service.<\/p>\n<p>The EIMP has sufficient material, human, and financial resources to ensure the operation of the Service in accordance with this Policy, including the ability to cover the financial consequences of its liability resulting from damage that may be caused to Users.<\/p>\n<\/div>\n<p><\/main><\/p>\n<div class=\"footer\"><em>Exclusive property of Be Ys Trusted Solutions France \u2014 Free reproduction<\/em><br \/>\nBE YS TRUSTED SOLUTIONS FRANCE \u2014 Headquarters: 10 Boulevard Haussmann 75009 PARIS<br \/>\nRCS Paris 850 954 074 \u2014 SIRET No. 85095407400017<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>OID: [1.3.6.1.4.1.62466.87.1.1.3.1.0] Organization BE YS TRUSTED SOLUTIONS FRANCE Dissemination D3 \u2013 Free distribution Location BE YS TRUSTED SOLUTIONS FRANCE Version 1.4 \u2014 November 11, 2025 Expiration 2 years Version History Version Date Modifications Author 1.0 04\/14\/2025 Creation Gergina Kyoseva 1.1 06\/03\/2025 Addition of OID Lidiya Ivanova 1.2 07\/04\/2025 Addition of legal entity registration data Lidiya [&hellip;]<\/p>\n","protected":false},"author":10,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-4991","page","type-page","status-publish","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Electronic Identification Scheme Policy - Kipmi<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.kipmi.com\/index.php\/electronic-identification-scheme-policy\/\" \/>\n<meta property=\"og:locale\" content=\"fr_FR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Electronic Identification Scheme Policy - Kipmi\" \/>\n<meta property=\"og:description\" content=\"OID: [1.3.6.1.4.1.62466.87.1.1.3.1.0] Organization BE YS TRUSTED SOLUTIONS FRANCE Dissemination D3 \u2013 Free distribution Location BE YS TRUSTED SOLUTIONS FRANCE Version 1.4 \u2014 November 11, 2025 Expiration 2 years Version History Version Date Modifications Author 1.0 04\/14\/2025 Creation Gergina Kyoseva 1.1 06\/03\/2025 Addition of OID Lidiya Ivanova 1.2 07\/04\/2025 Addition of legal entity registration data Lidiya [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.kipmi.com\/index.php\/electronic-identification-scheme-policy\/\" \/>\n<meta property=\"og:site_name\" content=\"Kipmi\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data1\" content=\"32 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.kipmi.com\/index.php\/electronic-identification-scheme-policy\/\",\"url\":\"https:\/\/www.kipmi.com\/index.php\/electronic-identification-scheme-policy\/\",\"name\":\"Electronic Identification Scheme Policy - Kipmi\",\"isPartOf\":{\"@id\":\"https:\/\/www.kipmi.com\/#website\"},\"datePublished\":\"2026-05-20T09:56:11+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.kipmi.com\/index.php\/electronic-identification-scheme-policy\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.kipmi.com\/index.php\/electronic-identification-scheme-policy\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.kipmi.com\/index.php\/electronic-identification-scheme-policy\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.kipmi.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Electronic Identification Scheme Policy\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.kipmi.com\/#website\",\"url\":\"https:\/\/www.kipmi.com\/\",\"name\":\"Kipmi\",\"description\":\"Digital Trust Continuity\",\"publisher\":{\"@id\":\"https:\/\/www.kipmi.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.kipmi.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"fr-FR\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.kipmi.com\/#organization\",\"name\":\"Kipmi\",\"url\":\"https:\/\/www.kipmi.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"https:\/\/www.kipmi.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.kipmi.com\/wp-content\/uploads\/2025\/07\/logo-kipmi.svg\",\"contentUrl\":\"https:\/\/www.kipmi.com\/wp-content\/uploads\/2025\/07\/logo-kipmi.svg\",\"width\":636,\"height\":135,\"caption\":\"Kipmi\"},\"image\":{\"@id\":\"https:\/\/www.kipmi.com\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Electronic Identification Scheme Policy - Kipmi","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.kipmi.com\/index.php\/electronic-identification-scheme-policy\/","og_locale":"fr_FR","og_type":"article","og_title":"Electronic Identification Scheme Policy - Kipmi","og_description":"OID: [1.3.6.1.4.1.62466.87.1.1.3.1.0] Organization BE YS TRUSTED SOLUTIONS FRANCE Dissemination D3 \u2013 Free distribution Location BE YS TRUSTED SOLUTIONS FRANCE Version 1.4 \u2014 November 11, 2025 Expiration 2 years Version History Version Date Modifications Author 1.0 04\/14\/2025 Creation Gergina Kyoseva 1.1 06\/03\/2025 Addition of OID Lidiya Ivanova 1.2 07\/04\/2025 Addition of legal entity registration data Lidiya [&hellip;]","og_url":"https:\/\/www.kipmi.com\/index.php\/electronic-identification-scheme-policy\/","og_site_name":"Kipmi","twitter_card":"summary_large_image","twitter_misc":{"Dur\u00e9e de lecture estim\u00e9e":"32 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.kipmi.com\/index.php\/electronic-identification-scheme-policy\/","url":"https:\/\/www.kipmi.com\/index.php\/electronic-identification-scheme-policy\/","name":"Electronic Identification Scheme Policy - Kipmi","isPartOf":{"@id":"https:\/\/www.kipmi.com\/#website"},"datePublished":"2026-05-20T09:56:11+00:00","breadcrumb":{"@id":"https:\/\/www.kipmi.com\/index.php\/electronic-identification-scheme-policy\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.kipmi.com\/index.php\/electronic-identification-scheme-policy\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.kipmi.com\/index.php\/electronic-identification-scheme-policy\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.kipmi.com\/"},{"@type":"ListItem","position":2,"name":"Electronic Identification Scheme Policy"}]},{"@type":"WebSite","@id":"https:\/\/www.kipmi.com\/#website","url":"https:\/\/www.kipmi.com\/","name":"Kipmi","description":"Digital Trust Continuity","publisher":{"@id":"https:\/\/www.kipmi.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.kipmi.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"fr-FR"},{"@type":"Organization","@id":"https:\/\/www.kipmi.com\/#organization","name":"Kipmi","url":"https:\/\/www.kipmi.com\/","logo":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"https:\/\/www.kipmi.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.kipmi.com\/wp-content\/uploads\/2025\/07\/logo-kipmi.svg","contentUrl":"https:\/\/www.kipmi.com\/wp-content\/uploads\/2025\/07\/logo-kipmi.svg","width":636,"height":135,"caption":"Kipmi"},"image":{"@id":"https:\/\/www.kipmi.com\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/www.kipmi.com\/index.php\/wp-json\/wp\/v2\/pages\/4991","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kipmi.com\/index.php\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.kipmi.com\/index.php\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.kipmi.com\/index.php\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kipmi.com\/index.php\/wp-json\/wp\/v2\/comments?post=4991"}],"version-history":[{"count":1,"href":"https:\/\/www.kipmi.com\/index.php\/wp-json\/wp\/v2\/pages\/4991\/revisions"}],"predecessor-version":[{"id":4992,"href":"https:\/\/www.kipmi.com\/index.php\/wp-json\/wp\/v2\/pages\/4991\/revisions\/4992"}],"wp:attachment":[{"href":"https:\/\/www.kipmi.com\/index.php\/wp-json\/wp\/v2\/media?parent=4991"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}