9.4 BankID

Advanced Authentication provides the BankID method that facilitates users to authenticate with their personal identification number. Advanced Authentication supports both the desktop and the mobile versions of BankID. In this method, the user must configure the BankID app with the personal identification number, activation, and security code. The security code is mapped with the personal identification number.

NOTE:The user must ensure to set the security code with six digits in non-sequential format (for example: 221144) in the BankID app.

While enrolling the user, the specified identification number is saved as a template in the Advanced Authentication database. This method allows the users to get authenticated by specifying their secret code configured on the BankID app.

When a user wants to authenticate on an endpoint such as a laptop or a website with the BankID method. In this scenario, the authentication flow is as follows:

  1. When the authentication request is initiated, the endpoint contacts the Advanced Authentication server.

  2. The Advanced Authentication server validates the user’s credentials.

  3. After validating the credentials, the Advanced Authentication server sends a request to the BankID app.

  4. User opens the BankID app, specifies the Security Code.

    • Click Identify on the Mobile app.

    • Click Verify my identity on the Desktop app.

  5. The Security code is sent to the BankID server to validate.

  6. The BankID server validates the authentication and the endpoint gets authenticated.

To configure the BankID method, perform the following steps:

NOTE:Ensure that you have the BankID client SSL certificate as a pre-requisite.

  1. Click Browse then select the client SSL certificate from the local drive.

    The certificate must be in PKCS12 format.

  2. Specify Private key password.

  3. Set Enable Test Mode to ON, to allow the user to test the authenticator with valid test BankID.

    If you set this option to OFF, users must use valid production BankID to enroll the authenticator.

  4. Click Save.