# Norwegian BankID on mobile
- About Norwegian BankID on mobile
- Method names in authentication URLs
- Electronic signatures
- How to integrate authentication with Norwegian BankID on mobile from headless systems
- How to get started with Norwegian BankID on mobile
- Test information
# About Norwegian BankID on mobile
Norwegian BankID on Mobile (BankID på Mobil) is an electronic identity scheme in Norway that can be used for authentication and electronic signing of documents. BankID is based on a coordinated infrastructure developed by the banks through the Norwegian BankID Cooperation, under the direction of the Finansnæringens Hovedorganisasjon and Sparebankforeningen.
With Norwegian BankID on Mobile, the user’s certificate is stored on the SIM card of the user’s phone, with a limit of one BankID certificate per SIM card. The user must have a subscription with an operator that supports Norwegian BankID on Mobile. In addition to Norwegian BankID on Mobile, Signicat also offers integration with regular Norwegian BankID.
This page describes the process of integrating with Norwegian BankID on Mobile (BankID på Mobil).
# Method names in authentication URLs
When you want to redirect the end-user so they can authenticate, you have to include the name of the relevant method in the redirect URL. The tables below show which method names are available for NemID. For further information about the authentication URL, see the Authentication API.
# Authentication and digital onboarding
| ||Norwegian BankID on mobile|
| ||Norwegian BankID on mobile with Bisnode lookup|
| ||Norwegian BankID on mobile without national identity number|
nbid-mobil method name can also be used in authentication-based signing.
# Third-party signing
| ||Norwegian BankID on mobile|
Norwegian BankID på Mobil can be used to verify the identity of an already-existing user. Getting started guides for authentication with the different authentication protocols can be found here.
The authentication will result in a type of response that will depend on the type of authentication protocol used. For an OIDC response example, see the OIDC response examples page.
# Use case
As a registered customer in a bank, you will be able to apply for a loan. To be able to log in to your bank you have to authenticate to prove your identity. The Norwegian BankID på Mobil can be used for authentication, in the same way as it can be used for registering as a new customer.
You will be asked to enter your phone number and date of birth in the bank’s interface, followed by your personal PIN code on your phone.
# Electronic signatures
The first alternative, authentication-based signing, is Signicat's own signing solution and supports the use of any type of authentication method provided by Signicat. The Norwegian BankID på Mobil as an authentication method is used for this alternative, where the authentication result is reused for signing. It will ensure a unified output format in accordance with EU specifications as well as a scalable, responsive flow supporting any modern device standards and window sizes available for consumers today.
The second alternative, performing native signing with Norwegian BankID på Mobil as a third-party method, the Norwegian BankID på Mobil’s native signing support is used for signing. It will not follow the same output formats and cannot be guaranteed to support responsive flows nor necessarily support all of the same signing functionalities as the authentication-based alternative.
The signing result will, in either way of the alternatives chosen for signing, result in a PAdES (PDF Advanced Electronic Signature) consisting of one or more signed documents (XAdES, implemented as LTV-SDO). See the Result section for signing result examples.
For more information about getting started with electronic signatures, the different signing methods and more, refer to our electronic signature documentation.
# Use case
With Signicat's electronic signature solution you can sign (as well as view or upload) one ore more documents, for example loan applications, contracts etc with Norwegian BankID på Mobil. Signing with authentication-based signing will allow you to sign all the documents at once. While the third-party signing will require you to sign the documents one at the time. See the Screenshots section below for an example.
The screenshots illustrate the flow when Norwegian BankID på Mobil is used for authentication-based signing. There are two documents for signing, "Letter of intent" and "Contract details", as well as one document for view only, "Information about Signicat".
# Authentication-based signing
The signing result will result in a PAdES (PDF Advanced Electronic Signature) consisting of one or more signed documents (XAdES as LTV-SDOs).
For an example of an LTV-SDO, as a signing result with authentication-based signing and Norwegian BankID as authentication method, see here.
For an example of a PAdES, as a signing result with authentication-based signing and Norwegian BankID as authentication method, see this PDF file.
# How to integrate authentication with Norwegian BankID on mobile from headless systems
If you want to send headless authentication requests (typically from a backend or app to backend system) via Signicat, we recommend using our OpenID Connect (OIDC) API as a mediator. Refer to our documentation on headless authentication for further details.
# How to get started with Norwegian BankID on mobile
New customers will have BankID på Mobil in their BankID-dealer agreement.
If you have BankID today and wish to gain access to BankID på Mobil, contact firstname.lastname@example.org.
# Test information
Signicat's test environment preprod.signicat.com is available 24×7 and may be used during your development and test phase. All use of this environment is free.
# Test users for BankID på Mobil:
SIM cards for Norwegian BankID på Mobil’s test environment can be ordered via Signicat's Service Desk, by email to email@example.com. The following information must be included:
- Number of SIM cards needed
- Whether the SIM cards should be connected to existing test users
- If so, the names and national ID numbers of those test users
- If you have no preference, some user data will be generated for you
- Organisation number
- Shipping address (with the recipient’s name)
- Billing address (with the recipient’s name)
- Billing E-mail address
Signicat will verify the order and pass it on to BankID Norway. It will take approximately one week for the test SIM cards to arrive.
The customer is responsible for a device in which to insert the SIM card. BankID på Mobil uses SIM Toolkit, so the device must support that. See BankID Norway’s web page on the subject (opens new window) (in Norwegian).