BankID

Last updated
BankID
Developer(s) Finansiell ID-Teknik BID AB
Initial release2003;20 years ago (2003)
Operating system Android (and Android Go), iOS, Mac OS X, Windows
Available inSwedish and English
Type Electronic identification
Website bankid.com
Finansiell ID-Teknik BID AB
Industry Information technology
Founded2001;22 years ago (2001)
Headquarters
Stockholm
,
Sweden
ProductsBankID
Owner
Number of employees
22 (2018)
Website bankid.com/om-oss
Footnotes /references
Organization number: 556630-4928

BankID is an electronic identification system in Sweden. With a usage rate of 94% among smartphone users, it is the single largest such service in Sweden by a large margin, and is administered by Finansiell ID-Teknik BID AB that is owned by several Swedish and Scandinavian banks. In 2022, Bank-id had about 8.4 million active users and was supported by over 6000 web services. [1] Only individuals with a Swedish personal identity number can acquire Bank-id.

Contents

Bank-id has existed in following variations:

Example of usage areas are Swish payments, bank login, login to e-government, and access to medical records via Vårdguiden 1177.

There is also a separate personal electronic identification service in Norway that goes by the name BankID developed and released by Norwegian banks in 2004, [2] and while it functions similarly, it is completely independent from the Swedish BankID.

Variations

Bank-id on file

The service BankID, also called BankID på fil, was launched in 2003. A soft certificate and a secret encryption key is stored on the computer's hard drive, and still works even if the files are moved between computers, which might be a security risk.

To use Bank-id on a personal computer it is required that Bank-id säkerhetsprogram (BISP) is installed within the system the files are stored. Criticism has been pointed out that it is an overly platform dependent solution that requires the customers to either have Microsoft Windows or Mac OS X. [3] [4] Early versions included support for Linux, but were phased out in 2014. [5]

Bank-id on card

Bank-id på kort (English: Bank-id on card) was launched in 2005. A secret cryptographic key is stored in the smart card's chip, that works like a hard certificate, which is regarded as more secure as it usually will require physical access to the card for it to work. The card can be a bank card or a pure bank-id card. It can be delivered with or without a photograph, and can work as a identity document. [6] This card work in tandem with a special card reader, called bankdosa or säkerhetsdosa, with a numeral keyboard to enter codes. Some banks have the chip integrated in the card reader so it work without card. Bank-id on card work without any special software in the computer or mobile, but long codes needs to be entered into the device. There is a special software to transfer codes via a USB cable.

Mobile bank-id

Percentage of Sweden's population (16+ years), Internet users, and smart mobile users, who use Mobilt Bank ID in the years 2014-2019. Figures from the survey "Swedes and the Internet". Mobilt Bank-ID 2014-2019.jpg
Percentage of Sweden's population (16+ years), Internet users, and smart mobile users, who use Mobilt Bank ID in the years 2014–2019. Figures from the survey "Swedes and the Internet".

Mobilt bank-id (English: Mobile bank-id) was launched in October 2011, [7] and is an electronic identification for modern [8] smartphones from certain manufactures that is combined with a mobile application. It can be used as login or signing via the web on an ordinary PC, where the mobile work as a separate security device ("säkerhetsdosa"), and for login via bank and government mobile applications. The secret cryptographic key is stored in the mobile application (Bank-id säkerhetsapp), that works as a soft certificate. The e-service supplier (the business or government the user shall identify themselves towards) have a validation server. [9]

In 2014, about half of all smartphone users in Sweden used Mobile Bank-id. In five years the number of users almost doubled to 94 percent of all smartphone users. [10] In 2019 all participating banks issued Mobile Bank-id, which does not apply to the other two solutions.

In 2022, the banking system in Sweden has created a virtual block to most non Swedish citizens (EU and non EU) who bank with certain banks. There are around 10% of the population (around 1 million individuals in Sweden) according to the article by "The Local" cited below. [11] This is seens as digital discrimination, as BankID is used by government and vital companies to identify an individual and has led to many individuals unable to deal with their daily lives. The discrimination ensues in 2023 as banks like ICA Banken whose non-Swedish customers have been banking and still bank with them are not allowing their customers to renew their Bank ID. [12]

Related Research Articles

An authenticator is a means used to confirm a user's identity, that is, to perform digital authentication. A person authenticates to a computer system or application by demonstrating that he or she has possession and control of an authenticator. In the simplest case, the authenticator is a common password.

<span class="mw-page-title-main">Smart card</span> Pocket-sized card with embedded integrated circuits for identification or payment functions

A smart card (SC), chip card, or integrated circuit card is a physical electronic authentication device, used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit (IC) chip. Many smart cards include a pattern of metal contacts to electrically connect to the internal chip. Others are contactless, and some are both. Smart cards can provide personal identification, authentication, data storage, and application processing. Applications include identification, financial, public transit, computer security, schools, and healthcare. Smart cards may provide strong security authentication for single sign-on (SSO) within organizations. Numerous nations have deployed smart cards throughout their populations.

<span class="mw-page-title-main">SIM card</span> Integrated circuit card for a mobile device

A SIM card is an integrated circuit (IC) intended to securely store an international mobile subscriber identity (IMSI) number and its related key, which are used to identify and authenticate subscribers on mobile telephony devices. Technically the actual physical card is known as a universal integrated circuit card (UICC); this smart card is usually made of PVC with embedded contacts and semiconductors, with the SIM as its primary component. In practice the term "SIM card" refers to the entire unit and not simply the IC.

<span class="mw-page-title-main">Mobile payment</span> Payment services via a mobile device

A mobile payment, also referred to as mobile money, mobile money transfer and mobile wallet, is any of various payment processing services operated under financial regulations and performed from or via a mobile device, as the cardinal class of digital wallet. Instead of paying with cash, cheque, or credit cards, a consumer can use a payment app on a mobile device to pay for a wide range of services and digital or hard goods. Although the concept of using non-coin-based currency systems has a long history, it is only in the 21st century that the technology to support such systems has become widely available.

<span class="mw-page-title-main">Personal identification number</span> PIN code

A personal identification number (PIN), or sometimes redundantly a PIN number or PIN code, is a numeric passcode used in the process of authenticating a user accessing a system.

<span class="mw-page-title-main">One-time password</span> Password that can only be used once

A one-time password (OTP), also known as a one-time PIN, one-time authorization code (OTAC) or dynamic password, is a password that is valid for only one login session or transaction, on a computer system or other digital device. OTPs avoid several shortcomings that are associated with traditional (static) password-based authentication; a number of implementations also incorporate two-factor authentication by ensuring that the one-time password requires access to something a person has as well as something a person knows.

<span class="mw-page-title-main">Electronic identification</span> Digital proof of identity

An electronic identification ("eID") is a digital solution for proof of identity of citizens or organizations. They can be used to view to access benefits or services provided by government authorities, banks or other companies, for mobile payments, etc. Apart from online authentication and login, many electronic identity services also give users the option to sign electronic documents with a digital signature.

The term mobile commerce was originally coined in 1997 by Kevin Duffey at the launch of the Global Mobile Commerce Forum, to mean "the delivery of electronic commerce capabilities directly into the consumer’s hand, anywhere, via wireless technology." Many choose to think of Mobile Commerce as meaning "a retail outlet in your customer’s pocket."

A mobile signature is a digital signature generated either on a mobile phone or on a SIM card on a mobile phone.

Mobile identity is a development of online authentication and digital signatures, where the SIM card of one’s mobile phone works as an identity tool. Mobile identity enables legally binding authentication and transaction signing for online banking, payment confirmation, corporate services, and consuming online content. The user's certificates are maintained on the telecom operator's SIM card and in order to use them, the user has to enter a personal, secret PIN code. When using mobile identity, no separate card reader is needed, as the phone itself already performs both functions.

<span class="mw-page-title-main">Chip Authentication Program</span>

The Chip Authentication Program (CAP) is a MasterCard initiative and technical specification for using EMV banking smartcards for authenticating users and transactions in online and telephone banking. It was also adopted by Visa as Dynamic Passcode Authentication (DPA). The CAP specification defines a handheld device with a smartcard slot, a numeric keypad, and a display capable of displaying at least 12 characters. Banking customers who have been issued a CAP reader by their bank can insert their Chip and PIN (EMV) card into the CAP reader in order to participate in one of several supported authentication protocols. CAP is a form of two-factor authentication as both a smartcard and a valid PIN must be present for a transaction to succeed. Banks hope that the system will reduce the risk of unsuspecting customers entering their details into fraudulent websites after reading so-called phishing emails.

<span class="mw-page-title-main">Multi-factor authentication</span> Method of computer access control

Multi-factor authentication is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence to an authentication mechanism. MFA protects personal data—which may include personal identification or financial assets—from being accessed by an unauthorized third party that may have been able to discover, for example, a single password.

<span class="mw-page-title-main">Card security code</span> Security feature on payment cards

A card security code is a series of numbers that, in addition to the bank card number, is printed on a credit or debit card. The CSC is used as a security feature for card not present transactions, where a personal identification number (PIN) cannot be manually entered by the cardholder. It was instituted to reduce the incidence of credit card fraud.

Crunchfish is a deep tech company developing a Digital Cash platform for Banks, Payment Services and CBDC implementations and Gesture Interaction technology for AR/VR and automotive industry. Crunchfish is listed on Nasdaq First North Growth Market since 2016, with headquarters in Malmö, Sweden and with subsidiary in India.

<span class="mw-page-title-main">Vipps</span> Mobile payment application

Vipps is a Norwegian mobile payment application designed for smartphones developed by DNB. Vipps was released May 30, 2015 and, having reached 1 million users by November 5, 2015, Vipps became Norway's largest payment application. Although Vipps was developed by DNB, customers of any Norwegian bank can use it. Vipps is a member of the European Mobile Payment Systems Association.

Swish is a mobile payment system in Sweden. The service was launched in 2012 by six large Swedish banks, in cooperation with Bankgirot and the Central Bank of Sweden. It had 8 million users as of July 2022. Swish is a member of the European Mobile Payment Systems Association.

Vårdguiden 1177 is a Swedish service providing healthcare by telephone and the central national infrastructure for Swedish healthcare online.

The NZ Pass Verifier is a free mobile app developed by the New Zealand Ministry of Health for businesses and organisations to scan and verify their customers' My Vaccine Pass certificates. The app was launched on 23 November 2021 for use on smartphones.

Smart-ID is an electronic authentication tool developed by SK ID Solutions, an Estonian company. Users can log in to various electronic services and sign documents with an electronic signature.

<span class="mw-page-title-main">BankID (Norway)</span>

BankID is a personal electronic identification system in Norway, that is used for identification and signing. The service is provided by the banks in Norway.

References

  1. "Statistik". BankID.
  2. "Om oss - BankID".
  3. Orre, Roland (3 February 2009). "Varför måste alla köra Volvo eller Saab?". Computer Sweden (in Swedish). Archived from the original on 6 February 2009.
  4. Monperrus, Martin (2019-01-03). "BankId and Digital Exclusion". www.monperrus.net. Retrieved 2023-04-06.
  5. Lindström, Karin (1 April 2014). "BankID för Linux slopas" (in Swedish). Computer Sweden. Archived from the original on 15 August 2019.
  6. "BankID på kort" (in Swedish). Finansiell ID-teknik. Retrieved 13 February 2017.
  7. "E-legitimationen för mobiltelefoner och surfplattor". BankID.com (in Swedish). Archived from the original on 28 September 2013.
  8. "Stöd för Mobilt BankID". BankID.com (in Swedish). Archived from the original on 20 February 2015.
  9. "E-legitimationen för mobiltelefoner och surfplattor". BankID.com (in Swedish). Archived from the original on 28 September 2013.
  10. Internetstiftelsen (15 October 2019). "Svenskarna och internet 2019". Svenskarna och internet (in Swedish). Archived from the original on 27 November 2019. Retrieved 30 October 2019.
  11. https://www.thelocal.se/20220117/foreign-citizens-in-sweden-blocked-from-bankid-after-banks-roll-out-new-rules
  12. https://www.reddit.com/r/TillSverige/comments/z5xqkg/mod_approved_post_bankid_and_digital/

https://www.thelocal.se/20220117/foreign-citizens-in-sweden-blocked-from-bankid-after-banks-roll-out-new-rules

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.