Further step towards TI 2.0: D-Trust shows card-less institutional identity
With D-Trust, a first trust service provider demonstrated how card-less login to the healthcare network could work – initially for institutions.
The Bundesdruckerei presented card-less login in the telematics infrastructure at DMEA.
(Image: heise medien)
At DMEA 2026, Bundesdruckerei, with its subsidiary D‑Trust, presented the SM‑B as the first trust service provider – a card-less institutional identity for the telematics infrastructure (TI). With virtual identities, it represents a further step towards the further development of the telematics infrastructure, TI 2.0.
Instead of weeks of delivery times, the digital identity can be provided directly online. In the future, this should be possible not only for institutional cards but also for electronic health professional cards (eHBA), for example. In the past, there have repeatedly been problems surrounding the exchange and delivery of eHBAs. Currently, tests are being conducted under real conditions; there is no approval yet.
Tests are running
“With the new procedure – the HSM-B solution – this physical card is no longer necessary: Instead, the digital institutional identity is integrated directly into a particularly secure module within the high-speed connector. This Hardware Security Module (HSM) automatically handles the secure identification of the institution – completely without additional hardware or PIN entry,” according to Gematik. The HSM‑B infrastructure can be provided via TI Gateways.
(Image:Â Bundesdruckerei)
Ordering process for physical cards takes a long time
For the previous physical institutional card of type SMC-B (Secure Module Card Type B), service providers such as doctors or pharmacists had to go through a complex ordering and delivery process. This process often took six weeks or longer and frequently led to delays in the TI connection. This was particularly critical, for example, when card validity expired. HSM stands for “Hardware Security Module,” which generates, stores, and processes key material. The identity itself still exists as a certificate (SM‑B), while the HSM‑B provides the secure operating environment for it.
On the occasion of DMEA, the provider ehex also announced that it will be testing HSM‑B in productive operation with selected partners and connecting the first institutions via a TI gateway. This reduces a process that previously took weeks to just a few minutes. D‑Trust also names other TI gateway providers such as Worldline, Akquinet, and Rise and Telekom as potential infrastructure partners.
(mack)
