Terms & Conditions

General Conditions

The governmental authentication and access control service (MPass) represents a reusable service which is provided at the level of the Government common technological platform which aims to provide an integrative, secured and flexible authentication and control mechanism of the user access into the information systems, including the electronic ones. The user authentication function may be exercised by various methods provided by the authentication providers.

The governmental electronic service of authentication and access control (MPass) functioning and administration mode is governed by the Regulation on the governmental authentication and access control service (MPass) approved by Government Decision No. 1090 as of December 31, 2013.

The user accesses the MPass service for registration, authentication and authorization purposes in the context of electronic services’ usage.

The authentication and authorization procedures are performed by means of the identity providers as well as of the authorization providers integrated into the MPass service. The responsibility for the proper authentication of the user identity belongs to the identity providers integrated into the MPass service.


The MPass service is hosted on the common governmental platform MCloud and complies with the security requirements specified by the legislation in force. The exchange of information between the informational systems for MPass service functionality achievement is carried out through secured channels, using mechanisms of cryptographic protection of the information. The processes intended for the creation, use and verification of the electronic signature within the MPass service is performed in accordance with the legislation in force in the electronic signature field.

Personal Data

In the process of users’ authentication and authorization, the MPass service processes and transmits personal data. The responsibility for the accuracy and truthfulness of the data transmitted towards the MPass service recipient falls solely on the user. When entering data, the user confirms the personal data correctness and gives consent for their transmission to other third information systems with a view to accessing electronic services for which authentication and / or authorization was requested.

User has the option to refuse continuation of the authentication and / or authorization operation where his personal data do not coincide with the actual ones or where the user does not agree to transfer his personal data as presented towards the MPass service recipient. In this case, the authentication procedure is canceled and the user's personal data are not transmitted towards the MPass service recipient, following to be permanently removed from the operative memory.

MPass service bears full responsibility for the personal data introducing and preservation. After submitting the data to third parties, MPass service recipients, with the user consent, the MPass service is not responsible for the processing and storage of personal data by third parties.

In case of necessity, the MPass service recipients, by the instrumentality of the MPass service, may ask the user for other additional data, including personal data, strictly necessary for his authorization in its information systems.

Technical Details

By using the MPass service, the user accepts by default the placement of cookies in his/her browser, in order to benefit from the given service and improve the quality of its provision.


The copyright belongs to the owner (author) of the information source with the following restrictions:

  • it is allowed to reference all materials and services; where the references are given in a wrong context, the author have the right to request removal of the reference or change of the context;
  • it is allowed to partially and completely reproduce the information, where the information is appropriately updated and presented in a context accepted by the author.