Decree No. 59/2022/NĐ-CP on electronic identification and authentication

This Decree stipulates the electronic identification and authentication system, including the establishment, management, protection, and operation of the system; technical standards and conditions for connecting to the system; registration and management of electronic identification accounts; electronic authentication services; state management of electronic identification and authentication. This Decree takes effect from October 20, 2022.

Document No.59/2022/NĐ-CP
Document typeDecree
Issuing authorityMinistry of Public Security
Signed byPhạm Minh Chính — Thủ tướng Chính phủ
Updated14/06/2026
FieldUncategorized
Issued date05/09/2022
Effective date20/10/2022
Expiry date01/07/2024
StatusExpired
✦ Smart summary

This Decree stipulates the electronic identification and authentication system, including the establishment, management, protection, and operation of the system; technical standards and conditions for connecting to the system; registration and management of electronic identification accounts; electronic authentication services; state management of electronic identification and authentication. This Decree takes effect from October 20, 2022.

Scope of application

Agencies, organizations, and individuals related to the use of the electronic identification and authentication system in administrative procedures and public services on the electronic environment.

Key points

  • Establishment, management, and operation of the electronic identification and authentication system
  • Technical standards and conditions for connecting to the system
  • Registration and management of electronic identification accounts
  • Electronic authentication services
  • State management of electronic identification and authentication

🌐 Social impact of this document

  • Creating a technical foundation for using online public services
  • Saving time and costs in handling administrative procedures
  • Protecting personal information when using public services on the electronic environment

❓ Frequently asked questions

When does this Decree take effect?

This Decree takes effect from October 20, 2022.

Ministries and ministerial-level agencies must connect the electronic identification and authentication system to the National Public Service Portal before when?

Before June 30, 2024

Full text

DECREE

Provisions on electronic identification and authentication

 

WHEREAS pursuant to Law T, amended and supplemented by Decree No. 109/2025/NĐ-CP and Decree No. 193/2025/NĐ-CP issued by the Government on June 19, 2015; Law amending and supplementing certain articles of Law Torganizationissued by the Government and Law Ton local administration organization on June 22 the 11 year 2019;

Pursuant to the Investment Law dated June 17, 2020;

Pursuant to the Law on Electronic Transactions dated November 29, 2005;

Pursuant to the Law on Information Technology dated June 29, 2006;

The Minister of National Defense hereby issues this Circular amending and supplementing certain articles of normative legal documents within the competence to issue of the Minister of National Defense related to the declaration of personal information when performing administrative procedures.

||| Pursuant to the Cybersecurity Law dated November 19, 2015;

||| Pursuant to the Cyber Security Law dated June 12, 2018;

The Government promulgates this Decree on regulations regarding entry, exit, and residence policies for foreigners at the International Financial Center in Vietnam.

The Government promulgates the Decreey on electronic identification and authentication.

 

PART I

GENERAL PROVISIONS

 

Article 1. Scope of Regulation

This Decree stipulates electronic identity, electronic identification, electronic authentication; electronic authentication services; rights and obligations of parties using electronic authentication services; responsibilities of agencies, organizations, and individuals related to electronic identification and authentication.

Article 2. Applicability

This Decree applies to agencies, organizations, and Vietnamese citizens; foreign organizations and individuals residing or operating within the territory of Vietnam related to electronic identification and authentication.

Article 3. Explanation of Terms

In this Decree, the following terms are understood as follows:

1. "Electronic identity" means information of an individual or an organization in the electronic identification and authentication system that allows for the unique determination of such individual or organization in the electronic environment.

2. "Electronic identity subject" is an organization or individual identified in connection with electronic identity.

3. "Electronic identification" refers to the activities of registering, reconciling, establishing, and linking electronic identity with the electronic identity subject.

4. "Agency managing electronic identification and authentication" is the Administrative Police Department under the Ministry of Public Security.

5. "Electronic identification and authentication system" is an information system established and managed by the Ministry of Public Security to implement registration, establishment, and management of electronic identification accounts and to conduct electronic authentication.

6. "Electronic identification account" is a set comprising login name, password, or other verification methods created by the agency managing electronic identification and authentication.

7. "Information synchronized to the electronic identification account" includes information of the electronic identity subject reflected in documents and materials issued by competent authorities in Vietnam and verified through national databases or specialized databases upon request of the electronic identity subject, including health insurance card information, vehicle registration certificates, driver's licenses, taxpayer identification numbers, or other documents under the jurisdiction of ministries or equivalent agencies after coordination with the Ministry of Public Security.

8. "Electronic authentication" refers to the activity of confirming and affirming information associated with the electronic identity subject through the exploitation and comparison of the electronic identity subject's information in the National Population Database, Citizen Identity Card Database, National Immigration Database, other databases, and the electronic identification and authentication system, or verifying the electronic identification account through the electronic identification and authentication system via an electronic authentication service provider to confirm the usability value of the electronic identification account.

9. "Authentication factor" refers to information used or owned by the electronic identity subject.

10. "Authentication device" includes the following elements: password; secret code; two-dimensional barcode; terminal device; one-time password device or software; cryptographic device or software, citizen identity card, passport, facial image, fingerprint used for electronic authentication purposes.

11. "Organization providing electronic authentication services" is a public service unit or enterprise within the People's Public Security that meets the conditions for providing electronic authentication services as prescribed in this Decree.

12. "VNeID" is an application on digital devices; "dinhdanhdientu.gov.vn", "vneid.gov.vn" are electronic identification information pages established and developed by the Ministry of Public Security to serve electronic identification and authentication activities in administrative procedures, public administrative services, and other transactions in the electronic environment; developing utilities to serve agencies, organizations, and individuals.

13. "Foreigner identification number" is a unique natural number established by the electronic identification and authentication system to manage the electronic identity of a foreign individual.

14. "Organizational electronic identification code" is determined by the tax registration number of the organization; if there is no tax registration number, the electronic identification and authentication system establishes a unique natural number to manage the organizational electronic identity.

15. "Electronic identification and authentication platform" is an information system organized and constructed, operated, and managed by the Ministry of Public Security to facilitate information exchange between the electronic identification and authentication system and the information systems of state agencies, political organizations, social-political organizations, and organizations and individuals.

Article 4Principles of electronic identification and authentication

1. Compliance with the Constitution and laws, ensuring the rights and legitimate interests of agencies, organizations, and individuals.

2. Ensuring accuracy and uniqueness in electronic identification and authentication; transparency in management, facilitating agencies, organizations, and individuals.

3. Ensuring security of equipment and data confidentiality when conducting electronic identification and authentication.

4. Agencies, organizations, and individuals exploiting and using electronic identity must keep electronic identification account information confidential and comply with legal provisions on personal data protection.

5. Any violation of laws on electronic identification and authentication must be promptly detected and dealt with according to legal provisions.

6. Ensuring consistency with international treaties to which Vietnam is a party.

Article 5. Exploiting information in the electronic identification and authentication system

1. State agencies, political organizations, socio-political organizations, service-providing organizations connecting with the electronic identification and authentication system to exploit information of electronic identity subjects for administrative procedure resolution, public administrative services on the electronic environment, and other state management activities according to assigned functions and tasks through the Electronic Identification and Authentication Platform.

2. State agencies, political organizations, socio-political organizations, service-providing organizations exploit information in the electronic identification and authentication system via the VNeID application, electronic identification information website, and electronic chip-equipped citizen identity card using devices and software meeting technical requirements guided by the Minister of Public Security.

3. Electronic identity subjects exploit and share their electronic identity information (excluding biometric information) and other information integrated into their electronic identification account within the electronic identification and authentication system with other individuals and organizations through the VNeID application.

Article 6. Terms of use for electronic identification accounts

Electronic identity subjects using electronic identification accounts must comply with the following regulations:

1. Not to use electronic identification accounts for activities or transactions contrary to the law; infringing upon national security, defense, national interests, public interests, and lawful rights and interests of organizations and individuals.

2. Not to illegally interfere with the operation of the electronic identification and authentication system.

 

Chapter II

ELECTRONIC IDENTITY, ELECTRONIC IDENTIFICATION

 

Section 1

ELECTRONIC IDENTITY

 

, Clause 1, Clause 2 Article 7a of this Regulation.. Electronic identity of Vietnamese citizens

The electronic identity of Vietnamese citizens includes:

1. Personal information:

a) Individual identification number;

b) Surname, middle name, and given name;

c) Date of birth;

d) Gender.

2. Biometric information:

a) Passport photograph;

b) Fingerprints.

Article 8. Electronic identity of foreigners

The electronic identity of foreigners includes:

1. Personal information:

a) Foreigner identification number;

b) Surname, middle name, and given name;

c) Date of birth;

d) Gender;

đ) Nationality;

e) Passport number, code, date, type, and place of issue or international travel document.

2. Biometric information:

a) Passport photograph;

b) Fingerprints.

Article 9. Electronic identity of organizations

The electronic identity of organizations includes:

1. Electronic identification code of the organization.

2. Name of the organization including Vietnamese name, abbreviation (if any), and foreign language name (if any).

3. Date of establishment.

4. Main office address.

5. Individual identification number or foreigner identification number; family name, middle name, and given name of the legal representative or head of the organization.

Article 10. Updating electronic identity information

1. Information about individual electronic identities in the National Population Database, Electronic Civil Registration Database, Citizen Identity Card Database, and National Entry-Exit Database, if changed, will be automatically updated in the individual's electronic identification account within the electronic identification and authentication system.

2. Information about organizational electronic identities in the National Enterprise Registration Database, national databases, and specialized databases, if changed, will be automatically updated in the organization's electronic identification account within the electronic identification and authentication system.

 

Section 2

ELECTRONIC IDENTIFICATION

 

Article 11. Subjects eligible for issuance of electronic identity accounts

1. Vietnamese citizens aged 14 years or older; for Vietnamese citizens under 14 years old or those under guardianship, registration shall be made under the electronic identity account of their parents or guardian.

2. Foreign nationals aged 14 years or older entering Vietnam; for foreign nationals under 14 years old or those under guardianship, registration shall be made under the electronic identity account of their parents or guardian.

3. Agencies and organizations established or registered to operate in Vietnam.

Article 12. Classification of levels of electronic identity accounts

1. Level 1 electronic identity account of Vietnamese citizens includes information specified in Clause 1 and Point a, Clause 2, Article 7 of this Decree. Level 1 electronic identity account of foreign nationals includes information specified in Clause 1 and Point a, Clause 2, Article 8 of this Decree.

2. Level 2 electronic identity account of individuals includes information specified in Article 7 or Article 8 of this Decree.

3. The electronic identity account of organizations includes information specified in Article 9 of this Decree, which is a Level 2 electronic identity account.

Article 13. Use of electronic identity accounts

1. The electronic identity subject uses the electronic identity account to log in and utilize features and services on the VNeID application and the electronic identity information page.

2. Electronic identity accounts created by the electronic identification and authentication system are used to perform administrative procedures, public administrative services in an electronic environment, and other activities according to the needs of the electronic identity subject.

3. Agencies, organizations, and individuals establish accounts for their operations and are responsible for verifying and ensuring the accuracy of the accounts they create, determining the level and value of each level of account. Information for establishing accounts is provided by the account subject or agreed upon by agencies, organizations, or individuals to use for account creation.

4. The use of Level 1 electronic identity accounts created by the electronic identification and authentication system for Vietnamese electronic identity subjects has the value of proving the information of that person as specified in Clause 1, Article 7 of this Decree, and for foreign electronic identity subjects, it has the value of proving the information of that person as specified in Clause 1, Article 8 of this Decree in activities and transactions requiring the provision of personal information of the electronic identity subject.

5. The use of Level 2 electronic identity accounts created by the electronic identification and authentication system for Vietnamese electronic identity subjects is equivalent to using the Citizen Identity Card when performing transactions requiring presentation of the Citizen Identity Card; it provides information in citizen documents synchronized with the electronic identity account for authorized agencies and organizations to verify when performing transactions requiring presentation of such documents.

6. The use of Level 2 electronic identity accounts created by the electronic identification and authentication system for foreign electronic identity subjects is equivalent to using passports or international travel documents when performing transactions requiring presentation of passports or international travel documents; it provides information in foreigner documents synchronized with the electronic identity account for authorized agencies and organizations to verify when performing transactions requiring presentation of such documents.

7. The use of electronic identity accounts created by the electronic identification and authentication system for organizational electronic identity subjects is carried out by the legal representative or delegated to an authorized person. The use of organizational electronic identity accounts proves the electronic identity of the organization when performing transactions requiring proof of information about the organization; it provides information in organizational documents synchronized with the electronic identity account for authorized agencies and organizations to verify when performing transactions requiring presentation of such documents.

8. When an electronic identity subject uses a Level 2 electronic identity account in electronic activities and transactions, it is equivalent to presenting documents or materials to prove information integrated into the electronic identity account.

Chapter III

ELECTRONIC IDENTITY ACCOUNTS AND ELECTRONIC AUTHENTICATION

 

Article 14. Procedure and formalities for registering electronic identity accounts for Vietnamese citizens

1. Registration of level 1 electronic identity account through the VNeID application for citizens who already have an electronic chip-embedded citizen identification card

a) Citizens use mobile devices to download and install the VNeID application.

b) Citizens use the VNeID application to enter personal identification number and phone number or email address information; provide other information as guided on the VNeID application; take a portrait photograph using their mobile device and submit a request for issuance of an electronic identity account to the electronic identity management and verification authority via the VNeID application.

c) The electronic identity management authority notifies the registration result through the VNeID application or SMS message or email address.

2. Registration of level 2 electronic identity account

a) For citizens who have been issued an electronic chip-embedded citizen identification card:

Citizens go to the police station of their commune, ward, town or place where they applied for the citizen identification card to process the issuance of an electronic identity account. Citizens present the electronic chip-embedded citizen identification card, provide telephone number or email address information and request to supplement information integrated into the electronic identity account.

The reception officer enters the provided citizen information into the electronic identity and verification system; takes a portrait photograph and collects fingerprints of the citizen processing the account to verify with the national citizen identification database and confirm agreement to register for an electronic identity account creation.

The electronic identity management authority notifies the registration result through the VNeID application or SMS message or email address.

b) The police authority issues a level 2 electronic identity account together with the issuance of a citizen identification card for citizens who have not yet received an electronic chip-embedded citizen identification card.

Article 15. Procedure and formalities for registering electronic identity accounts for foreign nationals

1. Registration of level 1 electronic identity account

a) Foreign nationals use mobile devices to download and install the VNeID application.

b) Foreign nationals use the VNeID application to enter passport number or international travel document number and email address or phone number (if available); provide other information as guided on the VNeID application; take a portrait photograph using their mobile device and submit a request for issuance of an electronic identity account to the electronic identity management and verification authority via the VNeID application.

c) The electronic identity management authority notifies the registration result through the VNeID application or SMS message or email address.

2. Registration of level 2 electronic identity account

a) Foreign nationals go to the immigration management agency under the Ministry of Public Security or provincial public security agency to process the registration of an electronic identity account, present their passport or international travel document, provide email address or phone number (if available) and request to supplement information integrated into the electronic identity account.

b) The reception officer enters the provided foreign national information into the electronic identity and verification system; takes a portrait photograph and collects fingerprints of the foreign national processing the account to verify with the national immigration database and confirm agreement to register for an electronic identity account creation.

c) The immigration management agency sends a request for issuance of an electronic identity account to the electronic identity management and verification authority.

d) The electronic identity management and verification authority notifies the registration result through the VNeID application or SMS message or email address.

Article 16. Procedure and formalities for registering an electronic identity account for organizations

1. The legal representative or head of the organization (who already has an electronic identity account at level 2) logs into the VNeID application to register an electronic identity account for the organization; provides information according to the guidance on the VNeID application and sends a request for issuance of an electronic identity account to the authority managing electronic identification and authentication through the VNeID application.

2. The authority managing electronic identification and authentication verifies the information about the organization in the National Enterprise Registration Database, the national database, and other specialized databases. In case the information about the organization is not available in the National Enterprise Registration Database, the national database, and other specialized databases, it will verify the organization's information and notify the result of the electronic identity account registration to the person handling the procedures for the organization via the VNeID application or SMS or email address.

Article 17. Time limit for issuing an electronic identity account

From the date of receiving complete valid files as stipulated in this Decree, the police agency shall be responsible for issuing an electronic identity account within the following time limits:

1. For Vietnamese citizens who already have a chip-equipped Citizen Identity Card: Not exceeding 01 working day for the issuance of an electronic identity account at level 1, not exceeding 03 working days for the issuance of an electronic identity account at level 2. For Vietnamese citizens who do not yet have a chip-equipped Citizen Identity Card: Not exceeding 07 working days.

2. For foreigners: Not exceeding 01 working day for the issuance of an electronic identity account at level 1; not exceeding 03 working days for the issuance of an electronic identity account at level 2 if there is information about facial image and fingerprints in the National Database on Entry and Exit; not exceeding 07 working days for the issuance of an electronic identity account at level 2 if there is no information about facial image and fingerprints in the National Database on Entry and Exit.

3. For organizations:

a) Not exceeding 01 working day if the information required for verification about the organization is available in the national database and specialized databases.

b) Not exceeding 15 working days if the information required for verification about the organization is not available in the national database and specialized databases.

Article 18. Activating an electronic identity account

The electronic identity subject must activate the electronic identity account on the VNeID application within 07 days from the date of receipt of the notification of the result of the issuance of the electronic identity account. After 07 days, if the electronic identity account is not activated, the electronic identity subject shall contact the authority managing electronic identification and authentication through the hotline for receiving and resolving requests related to electronic identification and authentication to perform the activation of the account.

Article 19. Locking and unlocking an electronic identity account

1. Locking an electronic identity account of a citizen

a) The electronic identification and authentication system automatically records and locks the electronic identity account in cases where the electronic identity subject requests to lock their own electronic identity account; the electronic identity subject violates the terms of use of the VNeID application; the electronic identity subject has their Citizen Identity Card revoked; the electronic identity subject dies. The recording is carried out through the electronic identity subject declaring on the VNeID application or updating electronic identity information into the electronic identification and authentication system as prescribed in Article 10 of this Decree.

b) If a judicial agency, competent authority, or service user requests to lock an electronic identity account, they send a request to lock the account to the police agency for consideration and resolution.

c) Within 02 working days, the head of the police agency that receives the request to lock the electronic identity account approves the locking of the account for the case specified in point b clause 1 of this Article and notifies the requesting agency or organization and the electronic identity subject. If the request to lock the account is refused, a written response stating the reasons is provided.

2. Locking an electronic identity account of a foreigner

a) The electronic identification and authentication system automatically records and locks the electronic identity account in cases where the electronic identity subject requests to lock their own electronic identity account; the electronic identity subject violates the terms of use of the VNeID application; the electronic identity subject’s passport or international travel document expires; the electronic identity subject’s residence period in Vietnam expires; the electronic identity subject dies. The recording is carried out through the electronic identity subject declaring on the VNeID application or updating electronic identity information into the electronic identification and authentication system as prescribed in Article 10 of this Decree.

b) If a judicial agency, competent authority, or service user requests to lock an electronic identity account, they send a request to lock the account to the police agency for consideration and resolution.

c) Within 02 working days, the head of the police agency that receives the request to lock the electronic identity account approves the locking of the account for the case specified in point b clause 1 of this Article and notifies the requesting agency or organization and the electronic identity subject. If the request to lock the account is refused, a written response stating the reasons is provided.

3. Locking an electronic identity account of an organization

a) The electronic identification and authentication system automatically records and locks the electronic identity account in cases where the electronic identity subject requests to lock their own electronic identity account; the electronic identity subject violates the terms of use of the VNeID application; the organization is dissolved or ceases operations in accordance with the law. The recording is carried out through the electronic identity subject declaring on the VNeID application or updating electronic identity information into the electronic identification and authentication system as prescribed in Article 10 of this Decree.

b) If a judicial agency, competent authority, or service user requests to lock an electronic identity account, they send a request to lock the account to the police agency for consideration and resolution.

c) Within 02 working days, the head of the police agency that receives the request to lock the electronic identity account approves the locking of the account for the case specified in point b clause 1 of this Article and notifies the requesting agency or organization and the electronic identity subject. If the request to lock the account is refused, a written response stating the reasons is provided.

4. Unlocking an electronic identity account

a) The electronic identification and authentication system automatically unlocks the electronic identity account immediately when the basis for automatically locking the electronic identity account has expired;

b) If a judicial agency, competent authority, or service user requests to unlock an electronic identity account, they send a request to unlock the account to the police agency for consideration and resolution.

c) Within two working days, the head of the public security agency receiving the request to unlock the electronic identity account shall approve the unlocking of the account for the case specified in point b, Clause 2, Article of this Law and notify the agency or organization requesting the unlocking of the account and the subject of the electronic identity. In case of refusal to unlock the account, there shall be a written response stating the reasons.

5. Forms of requests to lock and unlock electronic identity accounts:

a) The subject of the electronic identity performs according to the guidance steps on the VNeID application to request to lock the electronic identity account;

b) The subject of the electronic identity contacts the call center for receiving and resolving requests related to electronic identification and authentication, providing information to authenticate the account holder of the electronic identity account to request to lock or unlock the electronic identity account;

c) The subject of the electronic identity visits the agency managing electronic identification and authentication, providing information to authenticate the account holder of the electronic identity account to request to lock or unlock the electronic identity account.

6. Locking and unlocking electronic identity accounts upon request from investigative agencies and competent authorities with jurisdiction

Investigative agencies and competent authorities with jurisdiction send a written request to the agency managing electronic identification and authentication at the same level to request to lock or unlock the electronic identity account, specifying the reasons and the period of locking.

Article 20. Authority to issue electronic identity accounts and decide to lock or unlock electronic identity accounts

1. The Director of the Department of Administrative Police under the Ministry of Public Security has the authority to issue electronic identity accounts; decides to automatically lock or unlock electronic identity accounts on the electronic identification and authentication system and proposes to lock or unlock electronic identity accounts of agencies at the departmental level or equivalent and above.

2. The Head of the Provincial Public Security Administrative Police Department decides to lock or unlock electronic identity accounts for requests received at the provincial public security agency.

3. The Head of the County Public Security Agency decides to lock or unlock electronic identity accounts for requests received at the county public security agency.

4. The Head of the Commune Public Security Agency decides to lock or unlock electronic identity accounts for requests received at the commune public security agency.

Article 21. Storage of Information in the Electronic Identification and Authentication System

1. Information about electronic identity accounts is permanently stored in the electronic identification and authentication system.

2. Historical information about the use of electronic identity accounts is stored in the electronic identification and authentication system for a period of five years from the date of use of the account.

Article 22. Connection and Use of Electronic Identity Accounts Created by the Electronic Identification and Authentication System

1. Conditions for organizations and individuals to connect to the electronic identification and authentication system:

a) Having infrastructure and information systems for connection;

b) The information system serving the connection must ensure safety according to the criteria of level 3 or higher information systems as prescribed by law.

2. Procedures, formalities, and documents for connection requests:

a) Individuals and organizations wishing to connect to the electronic identification and authentication system submit a written request for connection to the agency managing electronic identification and authentication, clearly stating the scope and purpose of the connection and documents proving compliance with the conditions for connection as stipulated in Clause 1 of this Article.

b) Based on the conditions for connection as stipulated in Clause 1 of this Article and the scope and purpose of the connection requested by individuals and organizations, the agency managing electronic identification and authentication organizes an assessment and on-site inspection and decides whether to allow the connection.

c) Within thirty days from the date of receipt of the connection request, the agency managing electronic identification and authentication shall examine and decide in writing to allow the connection; if不同意翻译的结果,请提供具体反馈以便我改进。如果您同意,请确认收讫。

3. Implement the connection:

a) After the electronic identification and authentication management agency issues a written approval to permit the connection between the electronic identification and authentication system and the information system of organizations and individuals, the electronic authentication service provider shall implement the connection through a service provision contract signed with such individual or organization.

b) The electronic authentication service provider shall cease implementing the connection in cases where individuals or organizations violate the service usage agreement under the service provision contract. The electronic authentication service provider shall report to the electronic identification and authentication management agency about the cessation of the connection so that the agency can notify the individual or organization.

Article 23. Electronic Authentication

1. Specialized database management agencies, state agencies, political organizations, socio-political organizations, organizations implementing public services shall authenticate the electronic identity subject's information through the national database management agency, specialized database, electronic identification and authentication system; authenticate the electronic identification account through the electronic identification and authentication system.

2. Individuals and organizations not covered under Clause 1 of this Article shall have their electronic identification accounts authenticated by the electronic identification and authentication system through electronic authentication service providers to authenticate such accounts created by the electronic identification and authentication system when performing administrative procedures, public administrative services, and other transactions on the electronic environment. The electronic authentication service provider shall not authenticate the identity information of the subject and other information of the electronic identification account holder, except in cases deemed necessary by the Minister of Public Security.

The implementation of electronic authentication of electronic identification accounts at the request of individuals and organizations not covered under Clause 1 of this Article shall be carried out according to the agreement by contract for provision of services with the electronic authentication service provider. The implementation of electronic authentication of electronic identification accounts must have the consent of the electronic identity subject.

3. Ministers of ministries, agencies equivalent to ministries, People's Committees of provinces and centrally governed cities managing the national database, specialized databases shall be responsible for guiding the implementation of authentication of the electronic identity subject's information contained in the databases they manage.

Article 24. Levels of Electronic Identification Account Authentication

1. Level 1: Electronic identification account authentication is implemented based on one authentication factor as stipulated in Clause 9 of Article 3 and the corresponding authentication means as stipulated in Clause 10 of Article 3 of this Decree, without biometric information.

2. Level 2: Electronic identification account authentication is implemented based on two different authentication factors as stipulated in Clause 9 of Article 3 and the corresponding authentication means as stipulated in Clause 10 of Article 3 of this Decree, without biometric information.

3. Level 3: Electronic identification account authentication is implemented based on two or more different authentication factors as stipulated in Clause 9 of Article 3 and the corresponding authentication means as stipulated in Clause 10 of Article 3 of this Decree, including one piece of biometric information.

4. Level 4: Electronic identification account authentication is implemented based on authentication factors including facial image, fingerprints with information on the Citizen Identity Card or the National Population Registration Database, the National Database on Entry and Exit.

Article 25. Methods of Electronic Authentication in Performing Transactions Through the Electronic Identification and Authentication System1. Electronic authentication for online transactions is carried out through appropriate authentication means in accordance with the security level required by the online service provider.

2. For cases where account information verification is performed at the transaction location, authentication is conducted through solutions provided in the VNeID application.

ELECTRONIC AUTHENTICATION SERVICES

 

Chapter IV

Electronic authentication services

 

Article 26. Domestic air passenger transport service on regular basic economy class1. Electronic authentication services are conditional business activities.

2. Organizations providing electronic authentication services must meet the conditions stipulated in Article 27 of this Decree and be granted a certificate confirming eligibility to operate electronic authentication services by the Ministry of Public Security.

3. Agencies, organizations, and individuals establishing electronic identification accounts as prescribed in Clause 3 of Article 13 of this Decree are exempt from complying with the provisions of Articles 27, 28, 29, and 30 of this Decree.

Conditions for Providing

Article 27Electronic Authentication Services 1. Organizational and Business Conditions

Publicly funded institutions, enterprises within the People's Public Security.

2. Human Resources Conditions

a) The head of the organization or the legal representative of the enterprise must be a Vietnamese citizen residing in Vietnam.

b) The organization or enterprise must have personnel with a bachelor's degree or higher in information security, information technology, or telecommunications responsible for providing services, managing and operating the system, ensuring the security of the system's information.

3. Technical Conditions, Management Procedures for Service Provision, and Security Assurance Plans

The organization or enterprise applying for certification must have a project for service provision activities including the following documents:

a) Plan and procedure for electronic authentication service provision including a description of the information technology system; technical solution plan; data storage plan, ensuring data integrity, system security; personal data protection plan; security and order assurance plan; fire prevention and disaster preparedness plan, ensuring stable and uninterrupted operation of electronic authentication services;

b) Documentation introducing equipment owned and located in Vietnam that meets legal requirements for fire and explosion prevention; capable of resisting floods, earthquakes, electromagnetic interference, and illegal human intrusion.

Application Forms, Procedures, and Time Limits for Issuing Certificates Confirming Eligibility to Operate Electronic Authentication Services

Article 281. Components of the Application Form:

a) Application form for issuance of a certificate confirming eligibility to operate electronic authentication services according to Model XT01 attached to this Decree;

b) Project and descriptive documents as stipulated in Clause 3 of Article 27 of this Decree.

2. Procedure, Time Limit, and Method of Issuing Certificate:

a) Organizations and enterprises submit one set of application forms as stipulated in Clause 1 of this Article directly or via postal services to the Ministry of Public Security or submit applications through the National Public Service Portal, the Ministry of Public Security's Public Service Portal;

b) In cases where the application forms are incomplete or invalid as stipulated in Clause 1 of this Article, the Ministry of Public Security will notify the organization or enterprise in writing within three working days from the date of receipt of the application to supplement the application forms.

b) In cases where the application is incomplete or invalid according to the provisions of Clause 1 of this Article, within three working days from the date of receipt of the application, the Ministry of Public Security shall issue a written notice to the organization or enterprise to supplement the application.

c) Within three working days from the date of receiving valid files, the Ministry of Public Security shall seek opinions from relevant ministries and ministerial-level agencies; within ten days from the date of receiving the document from the Ministry of Public Security, such ministries and ministerial-level agencies shall provide written responses.

d) Within thirty days from the date of receiving complete valid files, the Ministry of Public Security shall conduct an assessment and on-site inspection at the organization or enterprise and issue the certificate of eligibility for electronic authentication service business according to Model XT03 attached to this Decree to organizations and enterprises meeting the conditions; in case of refusal to issue the Certificate, a written notification must be provided stating the reasons.

Article 29. Reissue and Change of the Certificate of Eligibility for Electronic Authentication Service Business

1. The change of contents in the Certificate of Eligibility for Electronic Authentication Service Business shall be carried out when the organization or enterprise changes one of the information items about the legal representative, registered office address, trading name, plan, or procedure that has been reviewed by the Ministry of Public Security as stipulated in Clause 3, Article 27 of this Decree.

The organization or enterprise shall submit one set of application files for changing the content of the Certificate of Eligibility for Electronic Authentication Service Business to the Ministry of Public Security in accordance with Point a, Clause 2, Article 28 of this Decree. The application file for changing the content of the license includes: Application form for changing the Certificate of Eligibility for Electronic Authentication Service Business according to Model XT02 attached to this Decree, and documents proving the changed information.

a) In case the organization or enterprise changes one of the information items about the legal representative, registered office address, or trading name, within ten days from the date of receiving complete valid files, the Ministry of Public Security shall review and issue the certificate of eligibility for electronic authentication service business to organizations and enterprises meeting the conditions; in case of refusal to change, a written notification must be provided stating the reasons.

b) In case the organization or enterprise changes one of the information items about the plan or procedure for providing electronic authentication services, within thirty days from the date of receiving complete valid files, the Ministry of Public Security shall conduct an assessment, seek opinions from relevant ministries and ministerial-level agencies, conduct an on-site inspection, and issue the certificate of eligibility for electronic authentication service business to organizations and enterprises meeting the conditions; in case of refusal to change, a written notification must be provided stating the reasons.

2. Reissue of the Certificate of Eligibility for Electronic Authentication Service Business in cases of loss or damage:

a) The organization or enterprise shall submit one set of application files for reissuing the Certificate of Eligibility for Electronic Authentication Service Business to the Ministry of Public Security in accordance with Point a, Clause 2, Article 28 of this Decree. The application file for reissuing the certificate includes: Application form for reissuing the Certificate of Eligibility for Electronic Authentication Service Business according to Model XT02 attached to this Decree;

b) Within three working days from the date of receiving the application form, the Ministry of Public Security shall examine and reissue the Certificate of Eligibility for Electronic Authentication Service Business to the electronic authentication service provider; in case of refusal to reissue, a written notification must be provided stating the reasons.

Article 30. TRecovery of the Certificate of Eligibility for Electronic Authentication Service Business

1. The Certificate of Eligibility shall be recovered from electronic authentication service providers in the following cases:

a) The organization or enterprise does not operate continuously for six months or more;

b) It is dissolved or declared bankrupt in accordance with the law;

c) It ceases to provide services;

d) It violates laws on personal data protection, information security, and cyber security.

2. The Ministry of Public Security shall issue a decision on the recovery of the Certificate of Eligibility for Electronic Authentication Service Business according to Model XT04 attached to this Decree.

3. Organizations providing electronic authentication services whose certificates have been recovered shall be responsible for ensuring the rights and legitimate interests of electronic identity subjects and related parties in accordance with the law.

Article 31. Costs for Issuing, Using Electronic Identity Accounts and Electronic Authentication Services

1. The electronic identity subject, which includes agencies, organizations, and Vietnamese citizens, shall not be required to pay registration fees for issuing electronic identity accounts or usage fees for such accounts established by the electronic identification and authentication system.

2. Organizations and individuals using electronic authentication services shall pay costs to the service provider organization according to the provisions of the law.

 

Chapter V

RESPONSIBILITIES OF AGENCIES, ORGANIZATIONS, AND INDIVIDUALS

 

Article 32. Responsibilities of Electronic Identity Subjects

1. Protect electronic identity information.

2. Ensure the security of authentication factors.

3. Immediately notify the electronic authentication service provider organization when losing control over authentication means or upon discovering unauthorized use of their electronic identity or other reasons that may cause a risk to the security of service use.

Article 33. Responsibilities of Service Users

1. Adhere to technical standards for electronic identification and authentication.

2. Manage and secure electronic identity account information, ensuring safe use of electronic identity accounts.

3. Bear responsibility for transactions they have conducted and the regulations of related parties concerning electronic transactions.

Article 34. Responsibilities of Electronic Authentication Service Providers and Agencies, Organizations, and Individuals Creating Their Own Accounts

1. Responsibilities of Electronic Authentication Service Providers

a) Provide electronic authentication services to organizations and individuals based on contractual agreements for service provision;

b) Ensure continuous access to information and service use 24 hours a day, 7 days a week;

c) Comply with legal provisions regarding cybersecurity, cyber security, electronic transactions, and technical standards and specifications in the field of electronic authentication;

d) Comply with operational plans and procedures for providing electronic authentication services that have been reviewed by the Ministry of Public Security;

đ) Submit periodic reports every six months and annually on electronic authentication activities to the management agency for electronic identification and authentication or as requested by the management agency for electronic identification and authentication;

2. Responsibilities of Agencies, Organizations, and Individuals Creating Their Own Accounts for Their Own Operations

a) Be responsible for the accuracy of accounts created by themselves;

b) Protect personal data collected and managed in accordance with the law;

c) Ensure the consent of the data subject in all activities related to the management, exploitation, and use of data;

d) Delete collected and managed data upon request of the data subject, except where otherwise provided by law;

đ) Report on identification activities to the management agency for electronic identification and authentication when requested.

Article 35. Responsibilities of the Ministry of Public Security

1. Develop, manage, protect, and operate the electronic identification and authentication system; apply electronic identity accounts in state administration, administrative reform, disaster prevention and response, disease control.

2. Implement state management over electronic identification and authentication.

3. Issue guidelines on technical standards, procedures, and conditions for connecting to the electronic identification and authentication system; procedures for electronic authentication of service providers.

4. Lead and coordinate with ministries and equivalent agencies in connecting national databases and specialized databases to serve electronic identification and authentication.

5. Lead and coordinate with the Ministry of Information and Communications, the Ministry of National Defense, the Ministry of Justice, and relevant ministries and equivalent agencies in inspecting and supervising electronic identification and authentication activities.

6. Resolve complaints and grievances, and guide agencies, organizations, and individuals on registration and management of electronic identification and authentication.

7. Connect and integrate the electronic identification and authentication system with the National Public Service Portal's electronic identity exchange platform to facilitate administrative procedure resolution and online public service delivery as prescribed by law.

8. Guide the application of technical standards and specifications in electronic identification and authentication activities.

9. Lead and coordinate with the Ministry of Information and Communications, the Ministry of National Defense, and the Government Cryptographic Agency to ensure the security and confidentiality of information in the electronic identification and authentication system.

10. Lead and coordinate with ministries, equivalent agencies, and government agencies to unify types of documents and materials and methods for synchronizing information into electronic identity accounts.

11. Lead and coordinate with ministries, equivalent agencies, government agencies, the Government Cryptographic Agency, and provincial People's Committees under the Central Government to unify connection and sharing methods for electronic identities and electronic identity accounts provided and created by the electronic identification and authentication system; ensuring confidentiality, security, and information safety.

12. Coordinate with ministries, equivalent agencies, government agencies, and provincial People's Committees under the Central Government to verify and synchronize data from accounts used by the National Public Service Portal and the central and provincial level administrative procedure information systems with those created by the electronic identification and authentication system.

13. Lead and coordinate with the Ministry of Justice, the Ministry of Planning and Investment, and the Ministry of National Defense to ensure connectivity, sharing, and updating of information in the National Population Database, the National Entry-Exit Database, the Electronic Civil Registration Database, and the National Enterprise Registration Database to support electronic identification and authentication.

14. Ensure continuous access to information and use of the electronic identification and authentication system 24 hours a day, 7 days a week.

Article 36. Responsibilities of the Ministry of Information and Communications

1. Ensuring the use of electronic identity, electronic identification account to perform administrative procedures and public administrative services on the electronic environment within its functions.

2. Taking the lead and coordinating with the Ministry of Public Security to establish technical connection regulations ensuring the connection between the National Data Integration and Sharing Platform and the Electronic Identification and Authentication Platform and other related systems, ensuring confidentiality, security, and information security.

3. Coordinating with the Ministry of Public Security and the Ministry of National Defense to ensure the security and confidentiality of information for the electronic identification and authentication system.

Article 37. Responsibilities of the Ministry of National Defense

1. Guiding subordinate agencies, units, enterprises, and individuals to implement electronic identification and authentication in compliance with regulations on state secrets protection in the defense sector.

2. Ensuring the use of electronic identity, electronic identification account to perform administrative procedures and public administrative services on the electronic environment within the management functions prescribed by law.

3. Coordinating with the Ministry of Public Security to unify the connection and sharing schemes for the use of electronic identities and electronic identification accounts provided and established by the electronic identification and authentication system.

4. Coordinating with the Ministry of Public Security in ensuring information security and cybersecurity for the electronic identification and authentication system.

Article 38. Responsibilities of the Government Cryptographic Agency

1. Directing the application of civil cryptographic standards and technical specifications and the use of specialized government digital signature certification services in electronic identification and authentication activities.

2. Taking the lead and coordinating with the Ministry of Public Security to evaluate cryptographic security for users of electronic authentication services.

3. Coordinating with the Ministry of Public Security to ensure the security and confidentiality of information using key cryptographic products for the electronic identification and authentication system, and using electronic identity and electronic identification account in providing specialized government digital signature services.

Article 39. Responsibilities of Other Ministries, Agencies Equivalent to Ministries, Government Agencies, Provincial People's Committees, and Municipalities Directly Under the Central Government

1. Coordinating with the Ministry of Public Security to implement the connection of the electronic identification and authentication system with the National Public Service Portal, the Central and Provincial Administrative Procedure Information System to serve the provision of public administrative services on the electronic environment, with the latest deadline for completion being June 30, 2024.

2. Ensuring the use of electronic identity, electronic identification account to perform administrative procedures and public administrative services on the electronic environment.

3. Coordinating with the Ministry of Public Security to unify the connection and sharing schemes for the use of electronic identities and electronic identification accounts provided and established by the electronic identification and authentication system; ensuring information security and cybersecurity.

4. Ensuring stable and smooth operation of national databases and specialized databases in verification according to the requirements of specialized database management agencies, state agencies, political organizations, political-social organizations, and other organizations entrusted to provide public services.

 

Chapter VI

IMPLEMENTING PROVISIONS

 

Article 40. Effective Date

1. This Decree takes effect from October 20, 2022.

2. Accounts used by the National Public Service Portal, the Central and Provincial Administrative Procedure Information System to perform administrative procedures and public administrative services on the electronic environment until July 1, 2024.

3. Amending and supplementing Clause 1 of Article 7 of Decree No. 45/2020/NĐ-CP dated April 8, 2020 on the implementation of administrative procedures and public administrative services on the electronic environment as follows:

"1. Organizations and individuals performing administrative procedures on the National Public Service Portal, the Central and Provincial Administrative Procedure Information System through electronic identification accounts created by the electronic identification and authentication system connected and integrated on the National Public Service Portal."

Article 41. Responsibility for Implementation

1. The Ministry of Public Security shall be responsible for guiding, inspecting, and urging the implementation of this Decree.

2. During the implementation process, the Ministry of Public Security shall coordinate with the Ministry of Information and Communications to aggregate and handle issues within their respective administrative management functions. In cases where necessary, they shall report to the Prime Minister for consideration and decision.

3. The Ministers, Heads of ministerial-level agencies, Heads of government-affiliated agencies, and Chairpersons of provincial People's Committees under the direct jurisdiction of the central government shall be responsible for implementing this Decree./.

 

The original file of this document is being updated. Please read the full text and check back later.

Download

The original file of this document is being updated. Please read the full text and check back later.

Relations map

↑ Basis & documents that affect this document
Based on 18
21/2023/TT-BTTTT Thông tư số 21/2023/TT-BTTTT Quy định về chức năng, tính năng kỹ thuật của Hệ thống thông tin giải quyết thủ tục hành chính cấp bộ, cấp tỉnh In effect 27/2023/QĐ-UBND Quyết định số 27/2023/QĐ-UBND Sửa đổi, bổ sung một số điều của Quy định ban hành kèm theo Quyết định số 18/2020/QĐ-UBND ngày 04/9/2020 của Ủy ban nhân dân thành phố Hà Nội ban hành quy định thực hiện cơ chế một cửa, một cửa liên thông trong giải quyết thủ tục hành chính trên địa bàn thành phố Hà Nội In effect 32/2023/TT-BCA Thông tư số 32/2023/TT-BCA Quy định nhiệm vụ, quyền hạn, hình thức, nội dung và quy trình tuần tra, kiểm soát, xử lý vi phạm hành chính về giao thông đường bộ của Cảnh sát giao thông Expired 36/2023/TT-BCA Thông tư số 36/2023/TT-BCA Quy định quy trình tuần tra, kiểm soát và xử lý vi phạm hành chính của Cảnh sát đường thủy Expired 46/2024/TT-BTC Thông tư số 46/2024/TT-BTC Sửa đổi, bổ sung một số điều của Thông tư số 19/2021/TT-BTC ngày 18/3/2021 của Bộ trưởng Bộ Tài chính hướng dẫn giao dịch điện tử trong lĩnh vực thuế In effect 35/2025/NQ-HĐND Nghị quyết số 35/2025/NQ-HĐND Quy định mức thu, chế độ thu, nộp lệ phí cấp giấy phép lao động cho người nước ngoài làm việc trên địa bàn tỉnh Tuyên Quang In effect 01/2026/QĐ-UBND Quyết định số 01/2026/QĐ-UBND Ban hành Quy chế xây dựng, quản lý, vận hành, khai thác, sử dụng và tích hợp trên nền tảng ứng dụng Công dân số tỉnh Quảng Trị In effect 22/2025/QĐ-UBND Quyết định số 22/2025/QĐ-UBND Quy định chức năng, nhiệm vụ, quyền hạn và cơ cấu tổ chức của Trung tâm Phục vụ hành chính công tỉnh Tuyên Quang In effect 69/2024/QĐ-UBND Quyết định số 69/2024/QĐ-UBND Sửa đổi, bổ sung một số điều của Quy chế quản lý, vận hành và sử dụng hệ thống phần mềm Quản lý và bản và điều hành liên thông trên địa bàn tỉnh Thái Nguyên ban hành kèm theo Quyết định số 28/2018/QĐ-UBND ngày 03/12/2018 của Ủy ban nhân dân tỉnh Expired 39/2024/QĐ-UBND Quyết định số 39/2024/QĐ-UBND Ban hành Quy chế hoạt động của Hệ thống thông tin giải quyết thủ tục hành chính Thành phố Hồ Chí Minh Expired 17/2024/QĐ-UBND Quyết định số 17/2024/QĐ-UBND Sửa đổi, bổ sung một số điều trong Quy chế hoạt động của Hệ thống thông tin giải quyết thủ tục hành chính tỉnh Thanh Hóa ban hành kèm theo Quyết định số 15/2022/QĐ-UBND ngày 05/5/2022 của UBND tỉnh Thanh Hóa In effect 22/2024/QĐ-UBND Quyết định số 22/2024/QĐ-UBND Ban hành Quy chế hoạt động của Hệ thống thông tin giải quyết thủ tục hành chính tỉnh Cao Bằng In effect 19/2024/QĐ-UBND Quyết định số 19/2024/QĐ-UBND Ban hành quy chế hoạt động của Hệ thống thông tin giải quyết thủ tục hành chính tỉnh Sơn La Expired 04/2024/QĐ-UBND Quyết định số 04/2024/QĐ-UBND Ban hành Quy chế hoạt động của Hệ thống thông tin giải quyết thủ tục hành chính tỉnh Đắk Lắk Expired 23/2023/QĐ-UBND Quyết định số 23/2023/QĐ-UBND ban hành Quy chế quản lý, vận hành và sử dụng Hệ thống thông tin giải quyết thủ tục hành chính tỉnh Bắc Ninh In effect 13/2023/QĐ-UBND Quyết định số 13/2023/QĐ-UBND Ban hành Quy chế tiếp nhận, xử lý phản ánh, kiến nghị của cá nhân, tổ chức về quy định hành chính trên địa bàn thành phố Hà Nội In effect 11/VBHN-BCA Văn bản hợp nhất số 11/VBHN-BCA Quy định chi tiết đối tượng, trình tự, thủ tục, thẩm quyền cấp, thu hồi, hủy giá trị sử dụng giấy thông hành In effect 03/2023/QĐ-UBND Quyết định số 03/2023/QĐ-UBND Ban hành Quy chế hoạt động của Hệ thống thông tin giải quyết thủ tục hành chính tỉnh An Giang Expired
59/2022/NĐ-CP
Decree No. 59/2022/NĐ-CP on electronic identification and authentication
Expired
↓ Documents affected by this document
Related 12
13/2023/QĐ-UBND Quyết định số 13/2023/QĐ-UBND Phân cấp thực hiện một số nhiệm vụ cho Ban Quản lý Khu kinh tế tỉnh Lai Châu In effect 03/2023/QĐ-UBND Quyết định số 03/2023/QĐ-UBND Về việc quy định hệ số điều chỉnh giá các loại đất trên địa bàn tỉnh Quảng Ninh năm 2023 Expired 35/2025/NQ-HĐND Nghị quyết số 35/2025/NQ-HĐND Quy định mức thu phí, lệ phí trong thực hiện dịch vụ công trực tuyến trên địa bàn tỉnh Đồng Tháp In effect 23/2023/QĐ-UBND Quyết định số 23/2023/QĐ-UBND Bãi bỏ Quyết định số 40/2021/QĐ-UBND ngày 27 tháng 8 năm 2021 của Ủy ban nhân dân tỉnh về việc hỗ trợ người lao động không có giao kết hợp đồng lao động (lao động tự do) gặp khó khăn do ảnh hưởng của đại dịch Covid-19 trên địa bàn tỉnh Thái Nguyên In effect 22/2024/QĐ-UBND Quyết định số 22/2024/QĐ-UBND Quy định chi tiết tiêu chuẩn xét tặng danh hiệu “Gia đình văn hóa”, “Khu dân cư văn hóa”, “Xã, phường, thị trấn tiêu biểu” trên địa bàn tỉnh Phú Thọ Expired 19/2024/QĐ-UBND Quyết định số 19/2024/QĐ-UBND Ban hành Quy định về bồi thường, hỗ trợ, tái định cư khi Nhà nước thu hồi đất trên địa bàn tỉnh Bắc Kạn Expired 39/2024/QĐ-UBND Quyết định số 39/2024/QĐ-UBND Sửa đổi, bổ sung Quyết định số 03/2020/QĐ-UBND ngày 13 tháng 01 năm 2020 của Ủy ban nhân dân tỉnh ban hành Quy định Bảng giá đất giai đoạn 2020 – 2024 trên địa bàn tỉnh Kiên Giang Expired 04/2024/QĐ-UBND Quyết định số 04/2024/QĐ-UBND Ban hành Quy định chức năng, nhiệm vụ, quyền hạn và tổ chức của Phòng Kinh tế thuộc Ủy ban nhân dân Quận 1 In effect 69/2024/QĐ-UBND Quyết định số 69/2024/QĐ-UBND Ban hành Quy định cơ chế quản lý, điều hành ngân sách nhà nước năm 2025 trên địa bàn tỉnh Nghệ An In effect 17/2024/QĐ-UBND Quyết định số 17/2024/QĐ-UBND Ban hành Quy định tiêu chí, tiêu chuẩn chất lượng dịch vụ sự nghiệp công sử dụng ngân sách nhà nước; cơ chế giám sát, đánh giá, kiểm định chất lượng, nghiệm thu dịch vụ sự nghiệp công sử dụng ngân sách nhà nước thuộc lĩnh vực tư pháp trên địa bàn tỉnh Hậu Giang Expired 22/2025/QĐ-UBND Quyết định số 22/2025/QĐ-UBND Ban hành quy chế thu thập, quản lý,khai thác, chia sẻ và sử dụng thông tin, dữ liệu, cơ sở dữ liệu tài nguyên và môi trường trên đại bàn tỉnh Đắk Nông In effect

Click a document to open. A red border = a relation that changes validity.