Choose IRMA.
Put a digital passport on your own mobile.

Product Shot
Login

Logging in

With IRMA it is easy to log in and make yourself known, by disclosing only relevant attributes of yourself. For instance, in order to watch a certain movie online, you prove that you are older than 16, and nothing else.

Signing

Signing digitally

With IRMA you can also sign documents digitally. You use only relevant attributes of yourselves in a digital stamp. In this way you can sign with IRMA as a medical doctor, or as citizen, or in some other role.

Trust

Trust

Data in IRMA come from trusted sources and are cryptographically protected. Thus, the attributes that you disclose to make yourself known are genuine and are really about you.

With IRMA you have your data in front of you.

Get to work yourself with IRMA

Get to work yourself with IRMA

Everyone can freely download the IRMA app (Android and iOS) and fill it with their own data. For instance, store your email address and possibly mobile number as attribute in your IRMA app. At municipalities in The Netherlands you can log in and collect basic attributes (name, address etc) about yourself. With such attributes people can make him/herself known online.

IRMA is a means, not a goal

IRMA is a means, not a goal in itself

Having to use many passwords is a hassle for everyone. Yet, websites need to know who they are dealing with. IRMA provides certainty. With IRMA you can do what you wish to do online, with ease and trust. For instance, watching a movie, buying, or selling.

What can I do with it now?

What can I do with it now?

Websites are now appearing where users can log in with IRMA. In The Netherlands, medical doctors log in to access patient files at the website helder. In local government and healthcare in particular, IRMA usage is growing. In order to get an impression of possibilities, you can try out some IRMA demo's yourself.

Frequently asked questions and answers daarop

Websites that support IRMA typically have a button that says Log in with IRMA. If you don't have the IRMA app on your phone yet, you will have to install it first and fill it with your attributes. If you do have the IRMA app already, there two different situations:

  • When you access the website where you need to log in with IRMA on a computer or laptop and you press the login button, a QR code appears. You open the IRMA app on your phone with your PIN. At the bottom of the app's screen, there is a button that allows you to scan the QR code. The app asks if you wish to disclose the requested attributes. When you click OK, you are logged in.
  • When you view the website on your mobile phone, the IRMA app is automatically opened when you hit the login button. The app then asks you whether you agree to disclose the requested attributes. After pressing OK, your phone returns to the website and you are logged in. If all is well, your phone automatically returns to the original page, but sometimes you have to go back manually.

It may happen that you haven't collected yet the attributes that the website requests. In that case, you first have to load them before you can log in.

The IRMA app is available internationally, but only a few attributes are available globally, namely email and some data from social media (which are not very reliable). The real challenge for your country is to organise interesting local sources of attributes that wish to issue data to IRMA apps. The Privacy by Design Foundation has concentrated so far on The Netherlands, where it has organised connections of IRMA to instance the government's national citizen administration, but also to medical and academic registers. Similar connections need to be organised in other countries, in order to make IRMA really useful there. Local help and support is needed for this. So do join the effort and help out, if you are interested.

Another issue is that the IRMA app itself (and its documentation) is available so far only in English and in Dutch. Since the source code for the IRMA app is available online, volunteers from other countries can contribute by translating the relevant texts into their own language.

You can see how IRMA is used around the world on our dashboard.

You can load your email address where-ever you are in the world. You can also load attributes from some social media accounts. When you have European mobile phone registration, you can also get your mobile phone number as IRMA attribute. In the Netherlands you can obtain more attributes, for instance from municipalities, like name, address, date of birth, citizen registration number ("BSN"), but also age limits like whether you are older than 18 or 65. Students and staff can add their academic registration. Health care professionals can add their professional registration ("AGB"). With these attributes people can make themselves known in many situations.

It is expected that many other attribute sources will join the IRMA ecosystem, for users in general, but also for special groups of individuals.

Certainly, on every separate (Android and iOS) device you can open a separate IRMA account and fill it with your attributes. It might even be wise to do so, since if you loose one device, you can still use the other one to log in.

Your personal attributes are stored exclusively in the IRMA app on your phone and nowhere else. They are protected via the PIN of the IRMA app. You disclose only those attributes that are relevant and required in a particular situation (data minimalisation, as required by the General Data Protection Regulation). For instance, in order to get a certain discount, you may have to prove that you are a student; with IRMA you can do so without disclosing your name or your field of study.

Your attributes in the IRMA app are digitally signed by the source (issuer) of these attributes. A website receiving attributes can cryptographically check that they are authentic (really coming from the source). This exchange of personal attributes happens directly, between your phone and the website. No-one else can register that you make yourself known there. This is completely different from the (privacy-unfriendly) login mechanism of Facebook (and others), used for instance at an online store. In that case the data exchange happens differently: you first have to log in at Facebook, and then Facebook tells the store who you are. In this way Facebook can build up detailed profiles of who logs in where and when.

The attributes about yourself that you collect in the IRMA app on your phone are stored in the IRMA app only, and nowhere else. In particular, they are not stored somewhere in the cloud. When you remove attributes from your IRMA app, they are really gone. You are asked to give permission explicitly before any of these attributes in your phone are diclosed, from the app to a website.

Within the IRMA app you can see on each card with attributes when they expire. The validity period depends on the stability of the attributes at hand. For instance, in The Netherlands, your name and date-of-birth attributes are valid for five years, whereas your address attribute is valid for only one year. The issuer (source) of attributes decides about expiry times. The validity of IRMA attributes may thus run out. The app warns you about this. You can always renew (refresh) them, even without warning, by reloading them from the source, just like you did the first time. For instance, after your 18th birthday you can renew your attributes from your (Dutch) municipality and then obtain an older-than-18 attribute.

On a new phone you can install a new IRMA app, open a new (empyt) account, and reload your attributes from the various sources onto your new phone. Currently, there is no possibility to transfer attributes from one phone to another. This is work in progress, which involves some delicate security issues. Fortunately, it is not so difficult to load your attributes again onto your new phone. It does take a bit of time.

The IRMA app on your phone is protected with a PIN, just like internet banking apps. Therefore, when you loose your phone, someone else can not abuse your IRMA app and pretend to be you (commit identity fraud). So you do not need to worry, assuming your PIN is non-trivial.

There are still better ways to protect yourself: upon opening your IRMA account, you had the option to register an email address. If you have done this, you can block your old IRMA account via the MyIRMA environment. Then it really cannot be used anymore. If you have not registered an email address, you can still do so via MyIRMA. This is recommended.

When you have a question about logging in with IRMA at webshop The Trendy Chicken, you can best address your question at The Trendy Chicken itself. Also when that website asks you to install the IRMA app and that fails, you can best talk to them. Often such pages contain additional info and allow you to ask questions.

If, in the end, you have a question about IRMA itself, you can send an email to the address irma@privacybydesign.foundation. Please explain clearly what your point is, and provide your phon's model and supply screen shots if possible when something goes wrong.

When you log in with IRMA at a website your phone talks directly to that website. No-one is inbetween, monitoring that exchange. The IRMA organisation cannot see your attributes — because they are exclusively on your phone — and can also not see which attributes you disclose to which website.

IRMA is produced and run by the Privacy by Design Foundation. In 2016 this foundation grew out of the Digital Security research group from Radboud University at Nijmegen, The Netherlands. It is an independent non-profit foundation. Since 2019 it has a strategic cooperation with (SIDN), the foundation that runs the .nl domain. This cooperation contributes to IRMA's stability and continuity.

IRMA is free for users and also free for websites that use IRMA for login: everyone can request attributes from the IRMA app, and will receive them after the user has given consent. But it is not free to issue attributes. Not everyone can put attributes in other people's phones, since that would quickly become a mess.

Issuing involves a fee and also a contract, in which the issuer commits itself to put only accurate (authentic) data in the IRMA app of the right person.

Additionally, a contract is available, both for verifiers and issuers, that gives availability guarantees (an "SLA") via SIDN. Since IRMA is a decentralised system, in which attributes are stored only on user's phones, the organisation behind IRMA has a relatively light task. Because, in addition, this organisation has no profit goals, IRMA as a whole is a cheap system.

The IRMA software is deliberately open source. This means that the way that IRMA works can be inspected by anyone: the software is available online, see GitHub. This also means that people outside the foundation can contribute. Indeed, several other organisations are contributing software and designs to the IRMA ecosystem. Of course, you do have to know a bit about computer programs in order to really understand IRMA's software, but the principle is important: IRMA has no secrets and works in a transparant manner. This contributes to trust in IRMA. There are no uneasy discussions about hidden backdoors in IRMA, like for instance in 5G telecommunications. The Privacy by Design foundation is of the opinion that all software in infrastructure with a public role should be open source.

Extensive background information about how IRMA works is described by the Privacy by Design foundation at this page. People who wish to understand the real technicalities can check out IRMA's documentation page and GitHub repository.

The big picture behind IRMA is described in a IRMA Manifest which is available only in Dutch, so far.