BankID

Last updated
BankID
Developer(s) Finansiell ID-Teknik BID AB
Initial release2003;21 years ago (2003)
Operating system Android (and Android Go), iOS, Mac OS X, Windows
Available inSwedish and English
Type Electronic identification
Website bankid.com
Finansiell ID-Teknik BID AB
Industry Information technology
Founded2001;23 years ago (2001)
Headquarters,
ProductsBankID
Owner
Number of employees
22 (2018)
Website bankid.com/om-oss
Footnotes /references
Organization number: 556630-4928

BankID is an electronic identification system in Sweden. With a usage rate of 94% among smartphone users, it is the single largest such service in Sweden by a large margin, and is administered by Finansiell ID-Teknik BID AB that is owned by several Swedish and Scandinavian banks. In 2022, Bank-id had about 8.4 million active users and was supported by over 6000 web services. [1] Only individuals with a Swedish personal identity number can acquire Bank-id.

Contents

Bank-id has existed in following variations:

Example of usage areas are Swish payments, bank login, login to e-government, and access to medical records via Vårdguiden 1177.

There is also a separate personal electronic identification service in Norway that goes by the name BankID developed and released by Norwegian banks in 2004, [2] and while it functions similarly, it is completely independent from the Swedish BankID.

Variations

Bank-id on file

The service BankID, also called BankID på fil, was launched in 2003. A soft certificate and a secret encryption key is stored on the computer's hard drive, and still works even if the files are moved between computers, which might be a security risk.

To use Bank-id on a personal computer it is required that Bank-id säkerhetsprogram (BISP) is installed within the system the files are stored. Criticism has been pointed out that it is an overly platform dependent solution that requires the customers to either have Microsoft Windows or Mac OS X. [3] [4] Early versions included support for Linux, but were phased out in 2014. [5]

Bank-id on card

Bank-id på kort (English: Bank-id on card) was launched in 2005. A secret cryptographic key is stored in the smart card's chip, that works like a hard certificate, which is regarded as more secure as it usually will require physical access to the card for it to work. The card can be a bank card or a pure bank-id card. It can be delivered with or without a photograph, and can work as a identity document. [6] This card work in tandem with a special card reader, called bankdosa or säkerhetsdosa, with a numeral keyboard to enter codes. Some banks have the chip integrated in the card reader so it work without card. Bank-id on card work without any special software in the computer or mobile, but long codes needs to be entered into the device. There is a special software to transfer codes via a USB cable.

Mobile bank-id

Percentage of Sweden's population (16+ years), Internet users, and smart mobile users, who use Mobilt Bank ID in the years 2014-2019. Figures from the survey "Swedes and the Internet". Mobilt Bank-ID 2014-2019.jpg
Percentage of Sweden's population (16+ years), Internet users, and smart mobile users, who use Mobilt Bank ID in the years 2014–2019. Figures from the survey "Swedes and the Internet".

Mobilt bank-id (English: Mobile bank-id) was launched in October 2011, [7] and is an electronic identification for modern [8] smartphones from certain manufactures that is combined with a mobile application. It can be used as login or signing via the web on an ordinary PC, where the mobile work as a separate security device ("säkerhetsdosa"), and for login via bank and government mobile applications. The secret cryptographic key is stored in the mobile application (Bank-id säkerhetsapp), that works as a soft certificate. The e-service supplier (the business or government the user shall identify themselves towards) have a validation server. [9]

In 2014, about half of all smartphone users in Sweden used Mobile Bank-id. In five years the number of users almost doubled to 94 percent of all smartphone users. [10] In 2019 all participating banks issued Mobile Bank-id, which does not apply to the other two solutions.[ buzzword ]

In 2022, the banking system in Sweden has introduced new security measures which in practice prevent most people who are not Swedish citizens (whether EU or non-EU) from renewing their mobile BankIDs. There are around 10% of the population (around 1 million individuals in Sweden) affected according to the article by "The Local" cited below. [11] The new security measure requires the users to present a Swedish national ID card or Swedish passport to the smartphone while renewing the mobile BankID. These documents are not available to Swedish residents who are not Swedish citizens, and therefore they are unable to renew their BankIDs. This is seen as digital discrimination, as BankID is used by government and vital companies to identify an individual and has led to many individuals unable to deal with their daily lives. The discrimination ensues in 2023 as virtual banks without physical offices like ICA Banken whose non-Swedish customers have been banking and still bank with them are not allowing their customers to renew their Bank ID. [12] Customers of traditional banks with brick-and-mortar offices can circumvent this by visiting the bank in person and presenting their non Swedish identity documents there.

Related Research Articles

<span class="mw-page-title-main">Smart card</span> Pocket-sized card with authentication circuitry

A smart card (SC), chip card, or integrated circuit card, is a card used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit (IC) chip. Many smart cards include a pattern of metal contacts to electrically connect to the internal chip. Others are contactless, and some are both. Smart cards can provide personal identification, authentication, data storage, and application processing. Applications include identification, financial, public transit, computer security, schools, and healthcare. Smart cards may provide strong security authentication for single sign-on (SSO) within organizations. Numerous nations have deployed smart cards throughout their populations.

A personal identification number (PIN), PIN code, or sometimes redundantly a PIN number, is a numeric passcode used in the process of authenticating a user accessing a system.

<span class="mw-page-title-main">One-time password</span> Password that can only be used once

A one-time password (OTP), also known as a one-time PIN, one-time passcode, one-time authorization code (OTAC) or dynamic password, is a password that is valid for only one login session or transaction, on a computer system or other digital device. OTPs avoid several shortcomings that are associated with traditional (static) password-based authentication; a number of implementations also incorporate two-factor authentication by ensuring that the one-time password requires access to something a person has as well as something a person knows.

<span class="mw-page-title-main">Electronic identification</span> Digital proof of identity

An electronic identification ("eID") is a digital solution for proof of identity of citizens or organizations. They can be used to view to access benefits or services provided by government authorities, banks or other companies, for mobile payments, etc. Apart from online authentication and login, many electronic identity services also give users the option to sign electronic documents with a digital signature.

<span class="mw-page-title-main">Mobile banking</span> Service provided by a bank

Mobile banking is a service provided by a bank or other financial institution that allows its customers to conduct financial transactions remotely using a mobile device such as a smartphone or tablet. Unlike the related internet banking it uses software, usually called an app, provided by the financial institution for the purpose. Mobile banking is usually available on a 24-hour basis. Some financial institutions have restrictions on which accounts may be accessed through mobile banking, as well as a limit on the amount that can be transacted. Mobile banking is dependent on the availability of an internet or data connection to the mobile device.

<span class="mw-page-title-main">Gemalto</span> International digital security company

Gemalto was an international digital security company providing software applications, secure personal devices such as smart cards and tokens, e-wallets and managed services. It was formed in June 2006 by the merger of two companies, Axalto and Gemplus International. Gemalto N.V.'s revenue in 2018 was €2.969 billion.

A digital wallet, also known as an e-wallet or mobile wallet, is an electronic device, online service, or software program that allows one party to make electronic transactions with another party bartering digital currency units for goods and services. This can include purchasing items either online or at the point of sale in a brick and mortar store, using either mobile payment or using a laptop or other personal computer. Money can be deposited in the digital wallet prior to any transactions or, in other cases, an individual's bank account can be linked to the digital wallet. Users might also have their driver's license, health card, loyalty card(s) and other ID documents stored within the wallet. The credentials can be passed to a merchant's terminal wirelessly via near field communication (NFC).

A mobile signature is a digital signature generated either on a mobile phone or on a SIM card on a mobile phone.

Mobile identity is a development of online authentication and digital signatures, where the SIM card of one's mobile phone works as an identity tool. Mobile identity enables legally binding authentication and transaction signing for online banking, payment confirmation, corporate services, and consuming online content. The user's certificates are maintained on the telecom operator's SIM card and in order to use them, the user has to enter a personal, secret PIN code. When using mobile identity, no separate card reader is needed, as the phone itself already performs both functions.

There are several identity documents used in Sweden. None are compulsory by law, meaning that there is no formal penalty for not possessing one. Certified identification cards are issued by the tax agency. The Swedish police issues passports and national identity cards for Swedish citizens. A Swedish driver's license, issued by the transport agency, is also accepted as an identity document. Banks sometimes issue identity cards for established customers or their children.

<span class="mw-page-title-main">Multi-factor authentication</span> Method of computer access control

Multi-factor authentication is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence to an authentication mechanism. MFA protects personal data—which may include personal identification or financial assets—from being accessed by an unauthorized third party that may have been able to discover, for example, a single password.

Spectronic is a research and development company in Helsingborg, Sweden. Through its subsidiary, Spectronic Medical, the company is engaged in development of automated image analysis solutions for healthcare and medical industry. A flagship product is the technology for enabling fully MRI-based radiation treatment planning for tumor therapy.

<span class="mw-page-title-main">Apple Wallet</span> Digital wallet platform by Apple

Apple Wallet is a digital wallet developed by Apple Inc. and included with iOS and watchOS that allows users to store Wallet passes such as coupons, boarding passes, student ID cards, government ID cards, business credentials, resort passes, car keys, home keys, event tickets, public transportation passes, store cards, and – starting with iOS 8.1 – credit cards, and debit cards for use via Apple Pay.

Payanywhere is a payments platform and app that allows merchants in the United States to accept credit and debit card payments while building customer relationships in-store, online, or on the go. Merchants may accept payments on their smartphone via a Bluetooth card reader or on an in-store “Storefront” solution featuring a tablet and stand, which was introduced on April 8, 2014. PayAnywhere offers credit card readers and apps that are compatible with both Apple and Android devices.

<span class="mw-page-title-main">Vipps</span> Mobile payment application

Vipps is a Norwegian mobile payment application designed for smartphones developed by DNB. Vipps was released May 30, 2015 and, having reached 1 million users by November 5, 2015, Vipps became Norway's largest payment application. Although Vipps was developed by DNB, customers of any Norwegian bank can use it. Vipps is a member of the European Mobile Payment Systems Association.

<span class="mw-page-title-main">Norwegian identity card</span> National identity card of Norway

The Norwegian identity card, commonly referred to as the national identity card in Norway, is a non-compulsory biometric identity document issued since 30 November 2020. It is one of two official identity documents issued by the Norwegian Police Service, the other being the Norwegian passport. It is only issued to Norwegian citizens, and may indicate citizenship so that it can be used as a travel document facilitating freedom of movement within the European Free Trade Association and the European Economic Area. For travel within the Nordic countries no identity documentation is legally required for Nordic citizens due to the Nordic Passport Union.

Swish is a mobile payment system in Sweden. The service was launched in 2012 by six large Swedish banks, in cooperation with Bankgirot and the Central Bank of Sweden. It had 8 million users as of July 2022. Swish is a member of the European Mobile Payment Systems Association.

Vårdguiden 1177 is a Swedish service providing healthcare by telephone and the central national infrastructure for Swedish healthcare online.

<span class="mw-page-title-main">BankID (Norway)</span>

BankID is a personal electronic identification system in Norway, that is used for identification and signing. The service is provided by the banks in Norway.

Many nations have implemented, are implementing, or have proposed nationwide digital identity systems.

References

  1. "Statistik". BankID.
  2. "Om oss - BankID".
  3. Orre, Roland (3 February 2009). "Varför måste alla köra Volvo eller Saab?". Computer Sweden (in Swedish). Archived from the original on 6 February 2009.
  4. Monperrus, Martin (2019-01-03). "BankId and Digital Exclusion". www.monperrus.net. Retrieved 2023-04-06.
  5. Lindström, Karin (1 April 2014). "BankID för Linux slopas" (in Swedish). Computer Sweden. Archived from the original on 15 August 2019.
  6. "BankID på kort" (in Swedish). Finansiell ID-teknik. Retrieved 13 February 2017.
  7. "E-legitimationen för mobiltelefoner och surfplattor". BankID.com (in Swedish). Archived from the original on 28 September 2013.
  8. "Stöd för Mobilt BankID". BankID.com (in Swedish). Archived from the original on 20 February 2015.
  9. "E-legitimationen för mobiltelefoner och surfplattor". BankID.com (in Swedish). Archived from the original on 28 September 2013.
  10. Internetstiftelsen (15 October 2019). "Svenskarna och internet 2019". Svenskarna och internet (in Swedish). Archived from the original on 27 November 2019. Retrieved 30 October 2019.
  11. https://www.thelocal.se/20220117/foreign-citizens-in-sweden-blocked-from-bankid-after-banks-roll-out-new-rules
  12. https://www.reddit.com/r/TillSverige/comments/z5xqkg/mod_approved_post_bankid_and_digital/