BankID is a personal electronic identification system in Norway, that is used for identification and signing. [1] The service is provided by the banks in Norway.
BankID is a Public Key Infrastructure (PKI) solution, and has support for both authentication and signing. The solution consists of a central infrastructure operated by Nets (formerly Bankenes BetalingsSentral) and of several client versions in different forms.
The solution was developed through BankID Samarbeidet, which is a collaboration between the Norwegian Financial Services Association and Norwegian Savings Banks Association (these organizations were later partially merged and are now called Finans Norge ).
The BankID service, sometimes also called BankID on file, was first launched in 2003. A digital certificate and a secret crypto-key were first stored on the computer's hard drive.
In 2005 BankID on card was launched. A secret private code key was stored in the Smart card's chip, which acted as a hard certificate. This was considered more secure as it generally requires physical access to the card to function. The card could be a credit card or a pure bankid card. The card can be delivered with or without a photograph, and could act as an identification document.
In 2010 a mobile version was launched where the private key was stored on the phone SIM Card.
In 2007, professor of IT security at the University of Bergen, Kjell Jørgen Hole, together with doctoral students, demonstrated that it was possible to steal identities in this solution. [2] As a result the key was moved to be stored at the bank and this became the most popular version.
In 2022, BankID informed that the service on mobile will gradually be phased out and replaced by the BankID app. It is still possible to use BankID on mobile in 2023, but the service will eventually be phased out completely.
There is a "softlocal" version, a "net-centric/bank-stored" version and a mobile version.
The solution is based on qualified certificates self-declared at the Norwegian Communications Authority, in the same way as Buypass ID and Commfides. [3]
Over 4.2 million Norwegians use BankID, mainly to access online services at Norwegian banks, but also in public services and ID-Porten. [4] This means that BankID, together with MinID, is the most widespread electronic identity solution in Norway. BankID meets the highest security level, level 4.
There is also a Swedish version of BankID, although they are not related to each other.
A smart card, chip card, or integrated circuit card is a physical electronic authentication device, used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit (IC) chip. Many smart cards include a pattern of metal contacts to electrically connect to the internal chip. Others are contactless, and some are both. Smart cards can provide personal identification, authentication, data storage, and application processing. Applications include identification, financial, public transit, computer security, schools, and healthcare. Smart cards may provide strong security authentication for single sign-on (SSO) within organizations. Numerous nations have deployed smart cards throughout their populations.
A SIM card is an integrated circuit (IC) intended to securely store the international mobile subscriber identity (IMSI) number and its related key, which are used to identify and authenticate subscribers on mobile telephony devices. Technically the actual physical card is known as a universal integrated circuit card (UICC); this smart card is usually made of PVC with embedded contacts and semiconductors, with the SIM as its primary component. In practice the term "SIM card" refers to the entire unit and not simply the IC.
A personal identification number (PIN), or sometimes redundantly a PIN number or PIN code, is a numeric passcode used in the process of authenticating a user accessing a system.
An identity document is any document that may be used to prove a person's identity. If issued in a small, standard credit card size form, it is usually called an identity card, or passport card. Some countries issue formal identity documents, as national identification cards that may be compulsory or non-compulsory, while others may require identity verification using regional identification or informal documents. When the identity document incorporates a person's photograph, it may be called photo ID.
A one-time password (OTP), also known as a one-time PIN, one-time authorization code (OTAC) or dynamic password, is a password that is valid for only one login session or transaction, on a computer system or other digital device. OTPs avoid several shortcomings that are associated with traditional (static) password-based authentication; a number of implementations also incorporate two-factor authentication by ensuring that the one-time password requires access to something a person has as well as something a person knows.
A security token is a peripheral device used to gain access to an electronically restricted resource. The token is used in addition to, or in place, of a password. It acts like an electronic key to access something. Examples of security tokens include wireless keycards used to open locked doors, or a banking token used as a digital authenticator for signing in to online banking, or signing a transaction such as a wire transfer.
An electronic identification ("eID") is a digital solution for proof of identity of citizens or organizations. They can be used to view to access benefits or services provided by government authorities, banks or other companies, for mobile payments, etc. Apart from online authentication and login, many electronic identity services also give users the option to sign electronic documents with a digital signature.
Gemalto was an international digital security company providing software applications, secure personal devices such as smart cards and tokens, e-wallets and managed services. It was formed in June 2006 by the merger of two companies, Axalto and Gemplus International. Gemalto N.V.'s revenue in 2018 was €2.969 billion.
A mobile signature is a digital signature generated either on a mobile phone or on a SIM card on a mobile phone.
Electronic authentication is the process of establishing confidence in user identities electronically presented to an information system. Digital authentication, or e-authentication, may be used synonymously when referring to the authentication process that confirms or certifies a person's identity and works. When used in conjunction with an electronic signature, it can provide evidence of whether data received has been tampered with after being signed by its original sender. Electronic authentication can reduce the risk of fraud and identity theft by verifying that a person is who they say they are when performing transactions online.
Mobile identity is a development of online authentication and digital signatures, where the SIM card of one’s mobile phone works as an identity tool. Mobile identity enables legally binding authentication and transaction signing for online banking, payment confirmation, corporate services, and consuming online content. The user's certificates are maintained on the telecom operator's SIM card and in order to use them, the user has to enter a personal, secret PIN code. When using mobile identity, no separate card reader is needed, as the phone itself already performs both functions.
The Estonian identity card is a mandatory identity document for citizens of Estonia. In addition to regular identification of a person, an ID-card can also be used for establishing one's identity in electronic environment and for giving one's digital signature. Within Europe as well as French overseas territories and Georgia, the Estonian ID Card can be used by the citizens of Estonia as a travel document.
Entrust Corp., formerly Entrust Datacard, provides software and hardware used to issue financial cards, e-passport production, user authentication for those looking to access secure networks or conduct financial transactions, trust certificated for websites, mobile credentials, and connected devices. The privately-held company is based in Shakopee, Minnesota and employs more than 2,500 people globally.
Multi-factor authentication is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence to an authentication mechanism: knowledge, possession, and inherence. MFA protects user data—which may include personal identification or financial assets—from being accessed by an unauthorized third party that may have been able to discover, for example, a single password.
The Finnish identity card is one of two official identity documents in Finland, the other being the Finnish passport. Any citizen or resident can get an identification card. Finnish citizens will get indication of citizenship on the card. It is available as an electronic ID card, which enables logging into certain services on the Internet, local computers or adding digital signatures into LibreOffice ODF documents or creating DigiDoc formatted containers that also allows encryption during content transfer. ID card is applied at a police station and it is issued by the police.
A card security code is a series of numbers that, in addition to the bank card number, is printed on a card. The CSC is used as a security feature for card not present transactions, where a personal identification number (PIN) cannot be manually entered by the cardholder. It was instituted to reduce the incidence of credit card fraud.
Vipps is a Norwegian mobile payment application designed for smartphones developed by DNB. Vipps was released May 30, 2015 and, having reached 1 million users by November 5, 2015, Vipps became Norway's largest payment application. Although Vipps was developed by DNB, customers of any Norwegian bank can use it. Vipps is a member of the European Mobile Payment Systems Association.
The National Identity Card or NID card is a compulsory identity document issued to every Bangladeshi citizen upon turning 18 years of age. The NID is a government issued photo ID just like the Bangladeshi Driver's license, which is also a biometric, microchip embedded, smart identity card. The NID is required by Bangladeshi citizens for multiple essential public services, such as obtaining utility connections, as well as private services, such as opening bank accounts, in Bangladesh. Initially, paper based laminated NID cards were issued since 2006. Then, the paper based laminated NID cards were replaced by biometric and microchip embedded Smart NID cards for all adult citizens in Bangladesh from 2016 onwards. This was done to ensure security for the cardholder as well as prevent counterfeiting and fraudulence. The government provides the Smart NID card free of charge to all adult citizens of Bangladesh.
BankID is an electronic identification system in Sweden. With a usage rate of 94% among smartphone users, it is the single largest such service in Sweden by a large margin, and is administered by Finansiell ID-Teknik BID AB that is owned by several Swedish and Scandinavian banks. In 2022, Bank-id had about 8.4 million active users and was supported by over 6000 web services. Only individuals with a Swedish personal identity number can acquire Bank-id.
Smart-ID is an electronic authentication tool developed by SK ID Solutions, an Estonian company. Users can log in to various electronic services and sign documents with an electronic signature.
{{cite web}}
: CS1 maint: url-status (link)