A user may be referred to as follows:

  • In the event of representation:
    1. inside the network with an Internal pseudonym issued by the AD; and
    2. inside and outside of the network with a Specific pseudonym issued by the MR
  • In the event of non-representation:
    1. Inside and outside of the network with a Specific pseudonym issued by the AD


For polymorfe pseudonimisering  the following pseudonyms are discerned in the Afsprakenstelsel ETD:

PseudonymsTransformation ofUnique to May be transformed into
Polymorphic Pseudonyma cryptographic derivative of a root identifying attribute, such as the BSNa Participant (MU/AD),Encrypted Pseudonym

Polymorfe Identiteit

Encrypted Identity
Encrypted PseudonymPolymorphic Pseudonyma Relying PartyPersistent Pseudonym
Encrypted IdentityIdentity, equal to the root identifying attribute the original PIP was derived from, such as BSN.
Persistent PseudonymEncrypted Pseudonym-





  • Encrypted PseudonymAn Encrypted Pseudonym is a Persistent Pseudonym encrypted under Polymoprohic Pseudonimization for a specific recipient.
  • Internal pseudonymThe internal pseudonym is determined by the AD and MUST be unique within the AD its context. Every time the same authentication token is used, it should return the same internal pseudonym. When requested by the user, a new pseudonym MAY always be ignored. An internal pseudonym that has been used MUST NOT be reused. The only exception is when an authentication token is replaced and the AD can determine with sufficient certainty that it is really being replaced. In this case, the same internal pse
  • Persistent PseudonymA Persistent Pseudonym is a pseudonym identifier for a natural person specific for the relying party, that is persistent independent of the Attesting Party.
  • Polymorphic PseudonymA Polymorphic Pseudonym is a cryptographic structure that can be transformed into a specific Encrypted Pseudonym, without disclosing the relevant subject due to Polymorphic Pseudonimization.
  • Specific pseudonymThe specific pseudonym is unique for each different combination of user, represented service consumer, intermediary and service provider.

  • No labels