Understand and protect your digital identity

When you become an e-resident, you receive 2 key identifiers with your e-Residency digital ID card:

• your Estonian personal identification code, and
• the digital certificates linked to your card.

These allow you to securely access Estonian e-services and sign documents online.

This article explains what your digital identity consists of and how to protect it. 

Your Estonian personal identification code

When granted e-Residency, you will  be issued an Estonian personal identification code - an 11-digit number that includes your birth date and gender information.

It functions similarly to a national ID number and is used to identify you in Estonian systems such as government portals, banking, and the Business Register.

This personal code is issued for life, even if you change your name or apply for a new document in Estonia.

It is public by design, meaning it is no more sensitive than your name and birthday.

You’ll find your personal code printed on your digital ID card.

How your personal code is structured 

• The first digit indicates gender and century of birth
  • 1 - male, 1800-1899
  • 2 - female, 1800-1899
  • 3 - male, 1900-1999
  • 4 - female, 1900 - 1999
  • 5 - male, 2000 - 2099
  • 6 - female, 2000 - 2099
• Digits 2–3: Year of birth (last two digits)
• Digits 4–5: Month of birth
• Digits 6–7: Day of birth
• Digits 8–10: Order number
• Digit 11: Control number

For example, if your personal code is 3851020xxxx you would be a male born in 1985 and your birthday is October 20th (3 85 10 20 xxxx).

Your certificates and security codes

Your e-Residency ID card is a digital means of identification, and it carries two certificates that represent your identity in online environments: 

• the personal identification certificate (which requires the use of PIN1) is used for secure login
• and the signing certificate (which requires the use of PIN2 is used for legally binding signatures.

Basically,  PIN1 is you, PIN2 is your signature. 

The certificates are valid for the same period of time as your card.

Security codes

You will also receive a sealed security code envelope containing 3 codes: 

• PIN 1 is for authentication in an online environment. You can securely log into e-services and decrypt files.
• PIN2 is for digital signing. Digital signature is equal to handwritten signature.
• PUK enables to change or reset blocked PIN codes.

Protect your digital identity

Your e-Residency digital ID gives you secure access to Estonian e-services, but only if you protect it properly. 

Follow these rules to keep your identity safe: 

Keep control of your card and codes

• Do not give your e-resident digital ID card to other people. If misused, actions taken with your identity may be legally binding.
• Do not reveal or share your PIN codes. 
• Keep the codes in a secure location that others will not have access to and where you will not lose them. Never write them on your card or keep them together.
• Do not throw away your Security Code envelope. 
• Never provide PINs by phone or email. No Estonian authority or service provider will ask for them. 
• Remember your PIN codes. You can change your PIN codes, if they are difficult to remember.
• PIN1 and PIN2 should be different. If the two codes are very similar, it may be easy for someone to guess the other code if they gain access to one.

Be alert when entering PINs

• Only enter your PIN if you started the authentication or signing request. 
  • When entering the code without understanding why you're asked for it, you could give strangers access to your data. 

• Know which PIN you use: PIN1 - log in. PIN2 - sign or confirm actions. 
  • Fake sites created by scammers may ask for both; entering PIN2 can authorize unwanted payments.

• Never enter PIN2 on unknown sites or calls. 
  • It can be misused to create fake accounts or loans in your name.  

Avoid browser caching

Web browsers can temporarily cache PIN1 code during an active browser session. Because of this, it may be possible to enter e-services without entering your PIN1 code.

To stay safe: 

• After using your e-Residency digital ID in an e-service, log out from the service using the exit, log out or close buttons.
• Remove your e-Residency digital ID from the card reader.
• Close all web browser windows after you have finished using an e-service.
• If your card gets lost or stolen, act promptly! 

If your card is stolen or lost

Your identity can be misused only if someone has both your card and your PIN codes. 

To prevent the potential digital misuse, the certifications on the document must be revoked.

If you suspect loss or theft, act immediately: 

	If your card was issued from 3 December 2018 to 14 November 2025   Notify the ID help centre by phone at (+372) 677 3377 to suspend your certificates. The phone line is open 24/7.
	If your card was issued from 17 November 2025.   Submit an application via the police self-service, titled Revocation of ID card certificates.

Digital signatures and legal validity

A digital signature allows you to sign documents online in a secure and legally binding way. It confirms both your identity and that the document hasn’t been altered after signing.

In the EU, digital signatures are governed by the eIDAS Regulation, which ensures your signature is valid and recognized across all EU member states. With your e-Residency digital ID, you can give a qualified electronic signature - the highest level of trust under eIDAS - equivalent to a handwritten signature.

Outside the EU, digital signatures are increasingly accepted in international business. While legal recognition may vary by country, eIDAS-compliant signatures are widely trusted for secure cross-border transactions.

Before signing any document,

• always verify the identity of the other party. You can do that using the official DigiDoc4 application.
• If the recipient of a signed document does not use this software, third-party tools are available to verify signatures.