The Information System Authority announced the discovery of an ID card related security risk https://www.ria.ee/en/possible-security-vulnerability-detected-in-the-estonian-id-card-chip.html
Since the likelihood of an actual attack taking place is low, all clients are free to continue using their ID cards. The ID card is a state issued document that is accepted by us for use in banking services as long as the state believes it to be sufficiently secure. However, banks may implement additional risk-based measures if they consider it necessary. The bank’s clients are protected from possible attacks by their Internet Bank user ID, which is not publicly available.
If you like, the Mobiil-ID, digipass or code card may be used as a means of authentication within banking channels, as they are not affected by the possible security risk.
A Mobiil-ID can be acquired from your mobile telecommunication operator, who will issue you a suitable SIM card. The Mobiil-ID must then be activated on the www.politsei.ee. Digipasses and code cards may be ordered in the bank office.