Introduction
...
Current Ubisecure SSO supports the following use cases for BankID
...
cases via authentication method, Unregistered Device Swedish
...
BankID:
- BankID authenticate on the same device
- BankID authenticate on another device by scanning an animated QR code
Complete list of Swedish BankID use cases can be found in Use cases (bankid.com).
The following diagram illustrates components participating in the BankID authentication. The end-user needs to download either a desktop or mobile BankID app in order to use this method.
.
Gliffy | ||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...
Term | Description | |
---|---|---|
Relying Party (RP) | A party that uses the BankID web service to provide authentication and signing functionality to the end user. | |
Backchannel authentication | A method of performing authentication transaction hidden from the client facing applicationAnimated QR code | A QR code being continuously updated, thereby making remote fraud more difficult. |
Authentication flow
Swedish BankID authentication flow with two options is the following:
- After BankID authentication method has been selected an authentication request is directly sent to the Swedish BankID service and waiting page is shown to the user
- On the waiting page, the animated QR code is shown to the user for authentication on another device i.e. Mobile BankID app
- For authenticating on the same device the user can click Start the BankID app link to open BankID app and identify with it
- If user chooses to scan the QR code with Mobile BankID app after scanning he/she identifies either with security code, fingerprint or facial recognition in the Mobile BankID app
- After successful authentication user is redirected to the application
You may customize the default SSO views, see Login user interface customization - SSO.
Technical information
Ubisecure SSO and related components act as a Relying Party to BankID service provider. This concept is strictly specified in BankID Relying Party guidelinesIntegration guide (bankid.com). It is highly suggested to read through the guidelines before proceeding to enable the authentication method.
...
Swedish BankID provider provides two environment; production and test. For test, you can get pre-defined certificates from the Relying Party guidelines page. For production you have to obtain the client certificate from the bank you purchase the service from. For more information, please refer to BankID Relying Party guidelinesIntegration guide (bankid.com).
Creating test accounts
Swedish BankID Relying Party info provides a document and instructions for obtaining a test BankID. You can find this document on the Relying Party guidelines Integration guide page mentioned above or use the direct link to How to get a test BankIDTest (bankid.com) .
Installing and configuring
...