Gauthier Delomez / Photo credits: Jean-Marc Barrere / Hans Lucas / Hans Lucas via AFP 5:31 p.m., February 21, 2024

The generalization of the dematerialized driving license began on Wednesday February 14, and like this sesame of the roads, other documents such as the vital card will also have a digital version in 2024. But while hacking operations are increasing , how to properly secure our data?

After the pink paper, the pink card, and now, a dematerialized version. Interior Minister Gérald Darmanin announced that the generalization of the digital driving license began this Wednesday, February 14. Those attached to the physical version can rest assured, the pink card will always remain, but this initiative is part of a global framework of dematerialization of identity documents necessary on a daily basis.

This will notably be the case for the Carte Vitale this year, with an experiment carried out in three departments since May 2023 which should become widespread in 2024. However, the latest cyberattacks which have targeted sensitive data, such as social security numbers of 33 million French people, can worry users.


- Leak of social security numbers: why this data is of particular interest to hackers

“A first level certification” delivered by Anssi

Before sounding the alarm, it should be remembered that this recent data leak came from two third-party payment managers, Viamedis and Almerys. The difference with the identity card or the driving license is that they are grouped together in an application launched by the State, France Identity, whose security is stronger, underlines Abou Ndiaye, cybersecurity expert. at the Licanam Cyber ​​platform.

"The application was validated by Anssi (National Agency for Information Systems Security, editor's note), which gave it first-level certification. This gives an idea of ​​the robustness of the product, based on an analysis compliance and tests", informs the expert, who also adds that the data is stored locally on the phone application. “Also, if you are going to deposit your identity card and your license (on the application), they will not be stored on the same servers,” explains Abou Ndiaye, mentioning that these servers are located in France, protected looks from foreign countries.

The government application therefore offers solid security guarantees, just like its daily use. As the government explains here, to log in, the system offers two-factor authentication, with two different codes - one's physical ID card and a six-digit personal code. The latter is to be used “for each identity verification”, and “after three failed attempts, the card is blocked, a new identity verification is necessary to unblock it”, informs the State. “For the personal code, the application does not allow us to choose a code that we can guess very easily, like 1234,” notes Abou Ndiaye.


- Hacked health data: what are the risks if you are affected?

These good reflexes to adopt online

So much for the data protection put in place by the government, and welcomed here by the CNIL, the online data regulator. For their part, Internet users can also strengthen their own security by respecting “cybersecurity hygiene”, as our expert calls it. This involves adopting good reflexes, listed on this page by the Ministry of the Interior and Overseas Territories. The government is therefore formulating nine recommendations, including choosing complex passwords, activating an unlock code for your smartphone, avoiding public Wi-Fi terminals and always favoring double authentication.

Common sense measures for the cybersecurity expert, who also adds that you should always download verified applications on your phone to avoid any pirated version, and not send your personal documents to just anyone. Basic rules to generally avoid any mishaps online.