Overview of National eID Schemes
Countries have different national implementations and technical possibilities when it comes to National electronic ID-solutions. ZignSec strives to unify all these into one common API easy for you to integrate with. You will be able to safely authenticate your customers and in some markets also sign documents or actions via the most established and safest online authentication methods currently available in the country. Here is everything you need to know about our solutions:
- Type – Generally PKI-based solutions hosted by Banks or Goverments
- Country Reach and Restrictions – display which markets that we support and possible restrictions.
- Compliance – Make sure you follow the local regulations
- Integration – choose a web-based or server-to-server integration.
- Identification and Signing – eID-solutions can be used both for authentications and for signing.
- API references – describes the technical details of the service.
National eID Overview
Zignsec offer multiple Identity verification solutions based on availability per market. National eID-schemes are generally PKI-based eID-solutions issued by banks or Governments. All solutions have in common is that they authenticate a person’s identity in a digital and automated way. Generally all eID can be used for: stand-alone Logins, for one-time verification of collected user data in a Registration processes or for KYC (Know Your Customer) and CDD (Customer Due Diligence). The Swedish eID also supports Signing of data and texts.
This track lets you verify user identities in the standard way in the Nordic: That is, BankID in Sweden, NemID in Denmark and BankID in Norway. All these are nationally managed through a central agency and use PKI-based authentication technology on the back-end.
Web Portals for the National Identity Providers in the Nordic
- Sweden’s BankID homepage. Note that signing is also available in Sweden (authenitication with text message)
- Denmark’s NemID homepage. Note: Read about the new NemId code app launched 2018-05-28!
- Norway’s BankID homepage.
Benefits of National BankID
The PKI-based eID-solutions serve on basis that a trust framework exists among the connected players, for most commercial cases the Banks. A full identification has been made by the ID-provider of the solution guaranteeing the true identity of the person. With PKI means that certificates are shared among the stakeholders making sure that this solution keeps a very high security standard. If all certificates are not in place or active the transaction will not take place. Benefits with the national KPI-based BankID (eID) solutions are:
- High security standards
- Can be used for both Authentication and Signatures.
- Explicit who you are authenticating yourself against with use of certificates.
- Clean wall-garden when it comes to what type of information a user is sharing.
The login solutions is powered by banks and take advantage of the high level of KYC-checks that banks continuously carry out on their customers. The consumer simply log in to their bank account and the personal details are automatically collected directly from the bank. Quick and simple. No financial information is collected or stored. This solution is equivalent to a bank statement in the eyes of a regulator and serve as a fully approved way to authenticate a person.
Benefits of Banking APIs
Benefits with login solutions power by Banks:
- Give good reach to countries where no other electronic identification solutions is available.
- Known to users – simply login to your bank.
- Provides a quick and secure way for the consumer to verify their own personal information.
- Give the possibility to online verify ownership of a bank-account .
Country Reach and Restrictions
Here is a list of the countries that Zignsec have cover for and the data points available.
|Europe||Denmark||x||x||NemID||PID, Full name||100%|
|Europe||Norway||x||x||BankID||DOB, PID, Full name||84%|
|Europe||Sweden||x||x||BankID||P-number, Full name.||95%|
Zignsec have specialized in the area of compliance and we know which rules you have to comply with and the best-practice of verification used for each market. For eID-solutions the ID-providers (BankID and NemID) provides a frame-work of rules and regulations that needs to be in compliance with. Here is a short-list of relevant areas:
- Company certificates: In order to make it clear to consumers you should own your own certificate in your company name. Zignsec provides merchant certificates in all markets where we provide eID-solutions.
- ID-switching: Many of the ID-providers have guidelines or regulation related to ID-switching. In many cases it is not allowed to authenticate a person first time to later switch to a another authentication method.
- Industries and services: To get your company certificate in most cases you need to fill in a form explaining your use of the ID-solution. Based on your service and Industry you will need to provide different level of information. The approval process generally takes one week.
- Full SSN: In some countries you need special approval governed by local privacy laws to get the full SSN-numbers. In those countries Zignsec can facilitate the paperwork needed to get approval for your services.
For the login solutions no such compliance frame-works are available simply because it is the consumer of the service that is in control approving who should be able to access their data.
Our standard integration path is web-based. Overall – this is a quick and effortless integration, with basic level of API or coding knowledge. The integration can be completed within a few hours and it is usually the front-end part of the work that takes the longest time. Our solution offers a large degree of freedom in re-design and customization of the appearance of any customer facing web-pages according to the your desire. We recommend you use an Html IFrame as a GUI container in the browser for supporting the workflow. Also set the target parameter to an URL that will be called when finished. In this way you avoid polling to the Collect method, target is navigated to automatically via a HTTP redirect after the last step in the Authenticate or Sign process. For the Swedish BankID Authenticate and Sign processes, we also offer a more traditional server-to-server API-based integration option. This requires a bit more technical knowledge and administrative overhead in taking care of error situations, but is probably the best way of integrating with mobile apps or fat clients.
Identification and Signing
In most market Zignsec offer the possibility to authenticate a person’s identity with at a minimum a full name but in most cases also address and SSN or birth date. Based on the type of identification Zignsec can also offer a verified bank-account linked to the identity that can be used for cash-backs or as a extra level of security.