100% Secure Personal Data Storage and Access for a Leading Health Insurance Fund

Techniker Krankenkasse is the largest health insurance fund in Germany. Founded in August 1884, it has a long and proud history and is now playing a key role in establishing Germany as a health innovation hub.

As healthcare becomes increasingly digitized, insurers and other medical professions face the mounting task of securely storing and protecting confidential health data for millions of individuals.

Health insurers are also looking for ways to provide enhanced customer service by making all interactions quicker, smoother and easier.

In response to these challenges, Techniker Krankekasse wanted to provide its customers with access to their personal health data anytime, anywhere. But this could only be done if security, compliance and confidentiality could be guaranteed.

Techniker Krankenkasse developed and launched TK-Safe, a new digital data safe that allowed its customers to view all of the information held on their account – including doctor visits; documents, discharge papers and x-rays; prescribed medications; and vaccination histories.

And at the heart of the new TK-Safe is KOBIL's mIDentity technology. It protects individual users and Techniker Krankenkasse with trusted digital identities, strong authentication and authorization procedures, and guaranteed secure, binding and verifiable communication.

This combination ensures all sensitive data and communication is shielded from malicious third parties attempting to gain illegitimate access.

It was also the second time Techniker Krankenkasse had relied on KOBIL's security expertise, having used our software development kit (SDK) to protect its TK app with secure authentication, encryption, digital signatures and confidential communication.

At the first registration, the smartphone in use is firmly bound to the user. This means the app cannot be copied to other devices. Each time the app is opened, the KOBIL server checks this device connection and clarifies whether the device is classified as safe. It also detects possible attacks on the app and its use (debbuging, reverse engineering, key loggers, etc.) and checks the PIN. Only when all security checks have been successful can the server establish a protected connection.