FAQ about the Mobile Phone Signature

General Questions

• Are there any costs involved?
  The Mobile Phone Signature is completely free. This includes activation as well as use. Receiving the SMS with the TAN is also free (in country). While out of country, you will be charged the normal roaming charges from your mobile provider.
• My certificate will expire soon. What should I do?

  Your certificate is valid for five years and must be renewed afterwards.

  If you have entered your e-mail address during your first activation, you will get an e-mail reminder for the online renewal procedure of your certificate 30 days before its expiration. Take the opportunity to extend your certificate within a few minutes. Please note that this option can only be used 30 days after getting the e-mail reminder.

  It is also possible, that you get a reminder to re-activate your certificate while using the mobile phone signature within 30 days before expiration. Please keep in mind that you might have less than 30 days left for the renewal of your certificate.

  If your certificate has already expired (after the period of 30 days), it will be necessary to newly activate your mobile phone signature as usual.

  In case you know the expiration date of your certificate (you can get the information in your Handy-Signatur Konto: https://www.handy-signatur.at/login) you will be able to renew your certificate online before getting the e-mail reminder or being reminded while using the mobile phone signature. Please use the following online service https://www.handy-signatur.at/mobile/verlaengerung.aspx.

• Can I activate multiple mobile phones as Mobile Phone Signature?
  Yes. You may activate as many mobile phone signatures as desired. If you are already holding a mobile phone signature, you can activate another one (on a further mobile phone) on your own. Please use the following online service https://www.handy-signatur.at/Aktivierung/Selbst/Handy/
• Can I be registered with more than one electronic delivery service at the same time?
  Yes. In this case, the delivery service will be selected at random.
• What is the minimum age for getting a Mobile Phone Signature? 
  The minimum age is 14 years.
• Are only Austrian citizens allowed to get a Mobile Phone Signature?
  No. In order to obtain a Citizen Card, you must fulfil one of the following requirements:

  • You are registered in the Central Register of Residents (i.e., you are or have been a resident in Austria). For Austrians currently out of country: Your entry in the Central Register of Residents is only deleted after 30 years.
  • All others are able to be registered in the Supplementary Register for Natural Persons.
    Attention: For registration into the Supplementary Register for Natural Persons – contact the Source PIN Register Authority.
• Does the Mobile Phone Signature work with my mobile phone model?
  Yes. The only requirement is to be able to receive text messages, which every mobile phone is able to do.
• Can I add multiple e-mail addresses to the same certificate?
  Currently you cannot add multiple e-mail addresses upon e-card activation.
• Can I use my own Mobile Phone Signature for my underage children?
  Yes. As long as you have the legal authority to sign for your children, you may use your own Mobile Phone Signature to sign for them. For login at applications electronic representation by the parents as legal guardian is, however, not supported.
• Are legal persons also allowed to obtain a Citizen Card?
  No. However, natural persons (e.g., business owners) can register a mandate for a company on their own Citizen Card. – see mandates
• Can I use my Citizen Card to sign for someone else (with a mandate)?
  It is possible to grant a mandate to another person using the Source PIN Register Authority. The mandate can subsequently be used to act for the other person in applications supporting the Mobile Phone Signature. Amongst others, the mandate is currently accepted by delivery service providers.
• Which data are stored for the Mobil Phone Signature?
  The Mobil Phone Signature uses a qualified certificate and an Identity Link, with hold the following information:

  • The certificate includes:
    • Academic degree
    • First name, possibly second first name
    • Last Name
    • E-mail address (optional)
    • Date of birth for minors
  • The Identity Link includes:
    • First name, possibly second first name
    • Last name
    • Date of birth
    • Source PIN

  The high security infrastructure of the Mobil Phone Signature only stores these data for the Citizen-Card function.
• How are data protected by the Mobil Phone Signature?

  The Mobil Phone Signature prevents central access to sensitive, personal data. Therefore, sophisticated cryptographic methods are in place. When using the Mobile Phone Signature, the various administrative sectors - such as construction and housing, health, agriculture, taxation, ... – are strictly separated from each other. This prevents, for example, the tax authorities to take insight into processes of the health sector. It also ensures that each administrative area may have access to data from their own area of responsibility only.

  More information

• How can I sign a PDF-File with the Mobile Phone Signature?

  The Mobile Phone Signature allows legally secure electronic signing of documents such as contracts, receipts, cancellation notices or forms (in PDF format). These files can then be sent via e-mail. For instructions and more information visit the menu item Sign PDFs.

  Please note: The new PDF-based signature format PAdES does not require a Manifest ("M") any more. The Manifest is relevant for PDF signatures according to the PDF-AS format only. When verifying PAdES signatures, the Manifest field is therefore greyed out in the displayed result page (see screenshot below). This will change with the upcoming release of the signature-verification tool, which will omit the Manifest field at all. PDF documents signed according to PAdES are valid.

  

  Starting with the beginning of November 2014, PAdES will be gradually integrated into existing e-government components. This affects mainly PDF signing-software such as PDF-AS, PDF-Over, the Austrian Mobile Phone Signature, as well as the citizen card software (CCS) MOCCA/Online-BKU and a.sign client.

  Conversion to the new signature format is another step towards standardization, interoperability, and sustainability of signed documents and significantly facilitates their verification with tools such as Adobe Reader. Furthermore, Austria is well-prepared for the EU Regulation on trust services (eIDAS Regulation), which will be enforced in less than two years.

Help for Problems

• I started my mobile signature activation through FinanzOnline, but did not receive the letter
  Delivery of the letter containing the activation code usually takes between 7 and 14 days. If you did not receive the letter, you can contact the FinanzOnline Hotline (Tel. +43 50 233 790), or can activate a mobile signature at any registration office even if you started the process at FinanzOnline.
• I have forgotten the signature password of my Mobile Phone Signature
  Re-activate your Mobile Phone Signature as usual. You can choose the signature password for yourself again. This way, your previous Mobile Phone Signature will be revoked automatically.
• Error message: Your signature has been locked! (Citizen Card on your mobile phone)
  If you enter the signature password wrong 10 times in a row, the following message appears: Mobile phone number or password is incorrect. Your signature has been locked!.
  

  It is not necessary to revoke your Mobile Phone Signature. Easily you can re-activate your Mobile Phone Signature as usual, once more.

• I have a new mobile phone number
  If you change your mobile phone number, we recommend the following procedure: Activate your new mobile phone number with your previous Mobile Phone Signature using the online activation service. Afterwards, revoke your old Mobile Phone Signature.
  Information on revoking your Citizen Card
  You can also use alternative methods to activate the Mobile Phone Signature for your new mobile phone number.
• Error message: A valid certificate already exists for this mobile phone number. (Error 2005)
  This message appears when you try to activate a mobile phone that has already been activated. Contact the revocation service at A-Trust 24 hours: Telephone: 01 715 20 60
  See also:

  • How can I change my signature password for the Citizen Card functionality on my mobile phone?
  • I get the error message: Your signature has been locked!
• How can I change my signature password for the Citizen Card functionality on my mobile phone?
  Sign in with your account at mobile signature portal https://www.handy-signatur.at/. Following the menu to the point "my data” you will be able to change your password.
• How can I suspend or revoke my Mobile Phone Signature?
  Contact the revocation service at A-Trust- 24 hours:
  Telephone 01 715 20 60
  Note the difference between suspending and revoking:

  • It is only possible to revoke (permanently deactivate the Citizen Card) if you know your revocation password. If you revoke the Citizen Card on your mobile phone, you will still be able to reactivate it using the same mobile phone number. Instead of calling the revocation service, you can also fax a form:
    • Form for revoking Citizen Card on a mobile phone
  • A suspension is used in cases where you have misplaced your mobile phone, but expect to find it again (e.g. you forgot your mobile phone at your friend’s home). The lock deactivates the Citizen Card functionality immediately. You have 10 days time to cancel the suspension. Suspension and cancellation of suspension is possible via telephone under the number 01 715 20 60 only. After 10 days have passed, the suspension turns automatically into a revocation. If you have more than one Mobile Phone Signature, a suspension or revocation will only affect the respective Mobile Phone Signature.
• I have a new change of address
  You do not need to do anything.
• My name has changed
  Revoke your current Citizen Card on your mobile phone Afterwards, activate your mobile phone as usual.
• How can I change my revocation password?
  Unfortunately, that is not possible.
• I have forgotten my revocation password
  If you do not remember your revocation password you can still suspend your Citizen Card: Information on suspending/revoking the Citizen Card.
  
• My mobile phone was lost/stolen
  Revoke your Citizen Card on your mobile phone: Information on revoking your Citizen Card.
• Can I sign/encrypt e-mails using the Mobile Phone Signature?
  This was only possible with generation G3 and G4 e-cards (e-card G3), the most recent generation G5 (with photo) does not support electronic signatures any longer. (remark: it can no longer be activated as Citizen Card since 2020)
  
  Signing e-mails has three disadvantages:
  

  • It is not secure. The subject and other headers are not included into the signature. Thus, these data can be manipulated during transmission.
  • The e-mail signature is not legally binding, as it is only an advanced electronic signature instead of a qualified electronic signature.

  
  If you still want to sign e-mails:

  • In order to sign e-mails, your e-mail address needs to be registered in your certificate
    • If you already have a Citizen Card, you can use the online customer services of the tool a.sign Client to verify, which e-mail addresses are registered in your certificate
    • If you do not have a Citizen Card yet, you have to register your e-mail address during the activation process
    • A later registration of your e-mail address is not possible. In this case, you have to revoke your Citizen Card first, and re-activate it afterwards. Information on revoking your Citizen Card
  • Follow the A-Trust installation guide for your particular e-mail client.

  
  There is currently no opportunity to sign e-mails on Apple MacOS.
• Root certificates appear to be not trustworthy
  Please make sure that the current A-Trust root certificates are installed in your client. You can download the current root certificates from the website of the company A-Trust. All root certificates including finger prints and closer information are callable under the site https://www.a-trust.at/Support/stammzertifikate.aspx. As noncommittal service of www.buergerkarte.at we summarized some of the most important root certificates, they are available as download here.