Pinkas, DenisHühnlein, DetlefRoßnagel, HeikoSchunck, Christian H.Talamo, Maurizio2017-06-202017-06-202016978-3-88579-658-9This eID mechanism has been built taking into consideration Privacy by Design principles. It uses some of the basic principles of the FIDO model (Fast Identification On-line) adding certain constraints and extending the model to push user attributes. It allows a user to open an anonymous account on a server using a random pseudonym and then to push one or more attributes contained in an access token that has been obtained from an Attribute Issuer. In order to prevent the forwarding of an access token between collaborative users, a Secure Element must be used. That Secure Element shall conform to specific requirements, e.g. defined using a Protection Profile. This eID mechanism will be worldwide usable as soon as the providers of such Secure Elements publish information that can verify the genuineness of these secure elements.enText/Conference Paper1617-5468