The card remained valid for identification and EU travel during the shutdown
In the quiet machinery of modern governance, Spain briefly unplugged one of its most intimate digital tools — the electronic signature embedded in millions of identity cards — not because harm had been done, but because harm could be. For three weeks in November 2017, Spanish authorities suspended the digital signing function of DNI cards issued since April 2015, acting on a vulnerability identified by Czech university researchers before any breach could occur. The Interior Ministry has now confirmed the function restored, with no incidents recorded during the pause — a rare instance of a state choosing caution over convenience, and emerging with both intact.
- A structural flaw discovered in the chips of millions of Spanish identity cards threatened the integrity of digital signatures used for banking, legal documents, and online authentication.
- On November 9th, authorities made the deliberate choice to disable the digital signature function entirely — a surgical shutdown affecting millions of citizens rather than risk exploitation.
- For three weeks, Spaniards could not use their cards for electronic signing or digital authentication, though the cards remained valid for identification and EU travel throughout.
- Engineers worked behind the scenes to develop technical solutions, and the National Police has now restored full functionality while keeping the specifics of the fix undisclosed.
- Citizens with affected cards — those bearing support numbers after ASG160.000 — can now voluntarily update their digital certificates at any documentation office, no appointment required.
Spain's digital identification system returned to full operation this week after a three-week precautionary shutdown. The trouble began in early November when researchers at a Czech university identified a structural weakness in the chips of Spanish DNI cards issued since April 2015 — a flaw that could theoretically compromise the digital signatures used for banking, legal authentication, and online transactions. Rather than wait for an incident, Spain's Directorate General of Police disabled the digital signature function on November 9th, affecting millions of cardholders.
The suspension was deliberate and precise. Interior Minister Juan Ignacio Zoido was careful to clarify that the cards themselves remained fully valid throughout — usable for identification, administrative purposes, and travel within the European Union. Only the digital signing capability was taken offline, preserving the card's core function while the vulnerability was addressed.
The technical work proceeded quietly. Engineers developed what the National Police describes as the necessary solutions to resolve the chip flaw, though the specifics of the fix have not been disclosed. The stated goal was to restore digital signatures while guaranteeing maximum security and confidentiality. Zoido confirmed that no actual breach or security incident was detected during the three weeks of suspension — suggesting the precaution achieved its purpose.
Citizens holding affected cards can now voluntarily update their digital certificates at any documentation office without an appointment. The approach is measured: no mandates, no alarm — only an open door for those who want the update. Spain appears to have navigated the episode with the vulnerability identified, addressed, and closed before it could be turned against the people it was meant to protect.
Spain's digital identification system is back online. After three weeks of precautionary shutdown, the National Police announced this week that the digital signature function embedded in electronic ID cards has been reactivated, following a comprehensive security review prompted by a vulnerability discovered in the chip design.
The trouble began in early November when researchers at a Czech university flagged a potential weakness in the electronic certificates of Spanish DNI cards issued since April 2015. The flaw lay in the chips themselves—a structural problem that could theoretically compromise the security of digital signatures used for everything from banking transactions to legal document authentication. On November 9th, Spain's Directorate General of Police made the decision to disable the digital signature function across all affected cards, a precautionary measure affecting millions of citizens.
The move was swift and deliberate. Rather than wait for a breach to occur, Spanish authorities treated the vulnerability as an immediate threat requiring isolation. For three weeks, the digital signature—the electronic equivalent of a handwritten signature, used to verify identity and authorize transactions online—simply did not work. Citizens holding these cards found themselves unable to use them for digital authentication or electronic signing.
But the ID cards themselves remained fully functional. This is an important distinction that Interior Minister Juan Ignacio Zoido emphasized last week: during the suspension period, the cards continued to serve as valid identification documents for all administrative, commercial, and private purposes. They also remained valid for travel within the European Union. The suspension was surgical—targeting only the digital signature capability while preserving the card's core function as proof of identity.
The technical work happened quietly behind the scenes. Engineers and security specialists analyzed the vulnerability and developed what the National Police describes as "the necessary technical solutions" to address the chip flaw. The specifics of the fix remain undisclosed, but the goal was explicit: to restore the digital signature function while guaranteeing "maximum security and confidentiality in the use of authentication and electronic signatures in Spain."
Now, citizens holding affected cards—those with support numbers after ASG160.000—can voluntarily update their digital certificates. The process is deliberately frictionless: no appointment necessary, available at any documentation office. The police are not mandating updates, but making them available to those who want them. It is a measured approach that acknowledges both the seriousness of the original vulnerability and the confidence in the solution.
Zoido's statement that no actual breach or security incident was detected during the suspension period suggests the precaution worked. The vulnerability was identified and addressed before it could be exploited. What remains unclear is whether the fix was a firmware update, a certificate reissuance, or something more fundamental to the chip architecture itself. The National Police has not disclosed those details, and Spain's government appears content to let the technical matter rest.
Citas Notables
The government aimed to modify the document's functionality to guarantee maximum security and confidentiality in the use of authentication and electronic signatures in Spain— Spanish authorities
No actual breach, security flaw, or danger has been detected with the electronic DNI cards— Interior Minister Juan Ignacio Zoido
La Conversación del Hearth Otra perspectiva de la historia
Why did Spain wait for a Czech university to find this problem? Don't they have their own security researchers?
They probably do, but vulnerability research is global now. A flaw in a chip design can be discovered anywhere. The important thing is what happened once it was reported—they acted immediately rather than dismissing it.
Three weeks is a long time to have a broken feature. How many people were actually affected?
Millions, potentially. Every Spanish citizen who got an electronic ID card between April 2015 and November 2017 was holding an affected card. But the impact was limited because the card itself still worked for identification and travel.
So the government basically said, "We found a problem, we're fixing it, trust us"?
More or less. They were transparent about what happened and why. They also made clear that no one had actually exploited the vulnerability—it was a preemptive shutdown, not a response to a breach.
Why make the certificate update voluntary instead of mandatory?
Probably because the fix is in place now. If you're using your digital signature going forward, you're using the secured version. Forcing everyone to update would create unnecessary bureaucratic burden. This way, people update if and when they need to.
Did this damage trust in Spanish digital ID?
It's hard to say. On one hand, they found and fixed a problem before it became a crisis. On the other hand, the fact that such a vulnerability existed in the first place raises questions about how thoroughly the system was tested before rollout.