Glossary
Here you will find a complete overview of all the most important terms used in the Signicat documentation and an explanation of each.
Account
Your organisation can have different types of accounts configured in the Signicat Dashboard, such as production or sandbox (test) accounts. You can learn more about organisations and accounts in our Initial setup instructions.
Authentication
Authentication is about recognising a returning user. It is important to have an easy way to allow users to authenticate their identity each time they log in to a website, app or service.
Authorisation
Authorisation is about what an end-user is allowed to do. Whilst authentication allows an end-user to log in to an account, and thereby prove who they say they are, authorisation states what the end-user can now do, what kind of actions they are allowed to perform on your platform. Examples could be accessing an the HR system, or being allowed to enter new employees into the HR system.
Certificate
A certificate, or digital certificate, is an electronic document used to prove the ownership of a public key. The certificate includes information about the key, information about the identity of its owner (called the subject), and the digital signature of an entity that has verified the certificate's contents (called the issuer). For Signicat, certificates are either used to secure connections or as a means of logging in.
Custom domain
The custom domain using your organisation's own domain, something.mycompany.com
for an account. See also Signicat domain.
Digital identity
A digital identity is a person's identity in the digital space, meaning the sum of all digital information that can be linked to the person. Digital identity may also be used in a more narrow sense, for example to indicate the person's official identity attributes from an identity document or from an ID method.
eID method
See ID method.
eIDAS
eIDAS is a 2014 regulation of the European Parliament and Council on electronic identification and trust services for electronic transactions in EU/EEA. In the Netherlands, eIDAS is provided through the eHerkenning network.
Electronic identification
The process of using personal identification data in electronic form which uniquely represents either a natural or legal person, or a natural person representing a legal person.
Electronic signature
This is data in electronic form, which is attached to or logically associated with other data in electronic form, that is used by the signatory to sign.
End-user
In Signicat terms, the end-user is the person who ultimately uses a product. For example, in B2C signing, the end-user is not the company using the Sign solution to get their documents signed, but rather the private person who signs the document.
ID method
An individual electronic identity method used for authentication or signing, for example BankID in Norway, BankID in Sweden, iDIN in the Netherlands. An ID method is a means for a person to provide certain identity attributes, such as name, national identification number, date of birth, and so on. These attributes are stored within the ID method. Suppliers of ID methods are known as Identity Providers (IdP).
Identity method
See ID method.
Identity verification
Identity verification is the act of determining the identity of an individual or organisation. This is something the individual or organisation will do themselves. It can be done, for example, by using an ID method (which will have already been verified), or by scanning an identity document in conjunction with providing a selfie; but requirements will differ. Identity verification is useful for first time interactions with a customer, such as registration or onboarding.
Identity provider
An identity provider is the supplier of the ID method. They are responsible for issuing the digital identities to a person. Customers can choose one or more of these identity providers to enable the end-user to log on to their online applications or services. Often, the identity provider and the ID method share the same name, for example BankID in Norway and Sweden, but it might also be different. For example, Nets is the identity provider for MitID.
Internal log
This is a log that is used by Signicat's staff to analyse incidents.
Know Your Customer (KYC)
KYC is the process of a business verifying the identity of its clients. The objective of KYC guidelines is to prevent banks from being used, intentionally or unintentionally, by criminal elements for money laundering activities.
Level of Assurance (LoA)
Level of Assurance (LoA) refers to the degree of trust or confidence in the claimed identity of a person and how certain a service provider is about that person's claimed identity when using their eID to authenticate a service.
According to eIDAS regulations, there are three levels of assurance: Low, Substantial and High.
- Low: Self-registration in a web-page, without any identity verification.
- Substantial: Providing and verifying identity information and authentication by using a user name and a password and a one-time password sent to your mobile phone.
- High: Registering in person in an office and authentication by using a smartcard, such as a National ID Card.
National identification number
National identification numbers are used by many countries' governments as a means of tracking their citizens, permanent residents and temporary residents for the purposes of work, taxation, government benefits, health care and many other government-related functions. This number usually appears on identity documents issued by these countries.
Natural person
A natural person, in legal terms, is defined as a living human being as opposed to a corporate body.
Non-natural person
A non-natural person is any corporate body, unincorporated firm, partnership or body with legal personality other than an individual.
Onboarding
Onboarding is the process of allowing end-users to sign up to an online service whereby a verification of that person is carried out using an ID method. Onboarding refers to a first-time interaction with an end-user during the process of becoming a customer of a service and outlines what Signicat customers want to do to accept these new users to their service.
One-Time Password (OTP)
A One-Time Password is a randomly generated password, which is given to the end-user; for example as a text message (SMS), an email, a postal letter, by an app on a smartphone, or by a device. When entering the OTP, the end-user proves that they are in possession of the given item. This is typically used as part of a two-step authentication.
Organisation
This is the name of your company, business or organisation (one entity with a VAT number). Your organisation can have many accounts in the Signicat Dashboard. You can learn more about organisations and accounts in Initial setup instructions.
Organisation number
This is the number that identifies an organisation. The organisation number name varies from country to country ("Organisation Identification Number" in the Netherlands, "Enterprise number" in Belgium, "CVR" in Denmark, "Registration number" in Sweden). You can use this number in Signicat Data Verification to validate company information.
Organisation Identification Number (OIN)
An OIN is an Organisation Identification Number, or can also be called a Government Identification Number. You use it to identify yourself as an organisation.
Politically exposed person (PEP)
In financial regulation, a politically exposed person (PEP) is one who has been entrusted with a prominent public function. A PEP generally presents a higher risk for potential involvement in bribery and corruption by virtue of their position and the influence that they may hold.
Product
The name of a specific product in Signicat's portfolio. For an overview of products, see All products.
Product family
A group of products in Signicat's portfolio. At Signicat, we organise our product according to the following product families: Identity Proofing, Trust Orchestration, Authentication and Electronic Signing.
Production
This is an account type used in Signicat's production environment. It contains real data. The transactions are billed.
Sandbox
This is an account type used in either Signicat's test or preproduction environments. It should only contain fake data. No transactions are billed.
SDK
A software development kit (SDK).
Service provider
A service provider (SP) is a customer of Signicat. This is the party that uses the digital identity service and provides the service to the end-user, such as a bank, insurance company, public body. SPs offer one or more identity methods (eIDs) on their app, portal or website so that end-users can identify or gain access to these online services.
Signicat domain
The Signicat subdomain for an account accountname.app.signicat.com
(production). All accounts can have a Signicat subdomain. See also Custom domain.
Single logout (SLO)
With single log-out (SLO), an end-user can log out of all active sessions (even over multiple different service providers) by sending a single log-out request to the application of the service provider. SLO can be initiated by the end-user or the service provider, or in some cases by the IdP. SLO is session- and token-based. For more information, see eID Hub - SLO
Single sign-on (SSO)
With single sign-on (SSO), an end-user can log in to services once and access them without having to re-enter authentication factors. This only applies to services that are connected to the same SSO session. SSO is session- and token-based. For more information, see eID Hub - SSO
Time-based OTP (TOTP)
A time-based OTP service generates one-time passwords (OTP) based on time, whereby the user has a certain, limited amount of time to enter the time-based OTP. Typically, the user relies on a smartphone app for generates time-based OTP codes. One such application is the Google Authenticator.
Two-factor authentication (2FA)
Also referred to as two-step verification or dual-factor authentication, two-factor authentication is the process in which end-users must provide two different authentication factors to verify themselves. 2FA is a secure process that helps protect both an end-user's credentials and the resources the user can access.