Misconfiguration: Further chaos with electronic professional health cards

By mid-2026, the encryption of all electronic professional health cards (elektronischer Heilberufsausweis, eHBA) must be converted from RSA to Elliptic Curve Cryptography (ECC). Following delivery difficulties with trust service providers, a security vulnerability, and other issues, the provider Medisign is now recalling the electronic professional health cards produced since the beginning of the year.

"To ensure the interoperability of its electronic professional health cards (eHBA) within the telematics infrastructure, Medisign will exchange all cards," the company announced. Medisign intends to inform the affected doctors and pharmacists via email. Since there is no security problem, the cards can continue to be used.

It is still unclear whether the misconfiguration also affects other providers. However, the editorial team has also received indications of questionable exchange processes with other providers. heise online's inquiries to those involved have not yet been answered. For those affected, it is difficult to discern whether the informational emails about the eHBA exchange are phishing or genuine emails.

According to Medisign, electronic professional health cards that exclusively feature ECC certificates (ECC-only) and have been issued since early January are affected. Generation 2.1 cards, which have both RSA and ECC certificates and were produced by the end of 2025, are not affected by the card exchange. A misconfiguration in the personalization process was identified during a technical analysis.

"Interoperability Problems"

As Medisign reports, the exchange is being carried out in coordination with Gematik. "The RSA key, which is mandatorily generated by the card operating system during personalization, is not deactivated on the ECC-only cards and could potentially lead to interoperability problems with some connectors," Medisign stated, apologizing to its customers. Affected individuals do not need to do anything, as they will receive their new card without additional identification procedures. The next steps will also be explained in a letter. Once the new eHBA is activated, the old card will be blocked.

Series of Glitches in the eHBA Transition

The current recall is part of a series of issues surrounding the transition from RSA to ECC encryption. It became known in January that Generation 2.1 eHBAs from certain providers had to be exchanged due to a vulnerability in the ECDSA implementation of an Infineon chip. Gematik had revoked the approval for the affected cards in early 2025. Although authorities stated there was no acute danger to the telematics infrastructure, the cards must be replaced by the end of June 2026 at the latest. The parties involved are unwilling to disclose how many need to be replaced, with one provider citing trade secrets.

Organizational aspects of the transition of eHBAs and other components in the healthcare system also did not run smoothly. In November 2025, Gematik was forced to extend the deadline for the mandatory ECC transition after it became clear that thousands of doctors and pharmacists would not receive their new cards on time. This was due to production and issuance difficulties, primarily with the provider Medisign, but also with D‑Trust.

D‑Trust also experienced shipping errors: In some cases, eHBAs were sent to the wrong recipients. The company cited a malfunction in the assignment of cards and delivery documents. Although the cards were unusable without a PIN and were immediately blocked, affected doctors sometimes had to return the shipments at their own expense.

(mack)