# Swisscom AIS with nPA onboarding

The main aim of this service is to provide a secure and compliant online onboarding of users before they can sign a document with Swisscom AIS (all-in signing).

Swisscom AIS alone requires a face-to-face onboarding using a Registration Authority-solution provided by Swisscom. This service allows your users to onboard electronically with Personalausweis without having to meet a support agent face-to-face.

This service is only available for users with a Personalausweis card, which mainly means the German market.

# Onboarding with Personalausweis (nPA)

In this use case, the user sits home at their desktop and have received a document to be signed with Swisscom AIS. In this case, the user has no Swisscom user account from before and will be forwarded to nPA for online authentication with the Personalausweis card. Once authenticated with nPA and thus registered in the Swisscom RA database, the user can continue to signing with Swisscom AIS.

  1. The user has received a document for signing with Swisscom AIS.

  2. Before the user can sign, the user is asked to enter the phone number to start the authentication process.

    click-to-zoom

  3. Since this is a new user, Swisscom does not recognize the phone number and offers to re-enter the mobile number in case it was provided incorrectly or to register as a new user.

  4. In this case, the user selects to register as a new user and is asked to accept the terms and confirm the registration as a new user.

    click-to-zoom

  5. A one-time password (OTP) is sent to the user’s mobile to make sure the user owns the phone they register on (as registered in step 2).

    click-to-zoom

  6. The user enters the OTP on the desktop and continues.

  7. The user is now forwarded to the Der Personalausweis welcome screen on their desktop for further authentication.

    click-to-zoom

  8. The user continues to start the AusweisApp2 application on the desktop (see details in the image slider on the separate Personalausweis page, Authentication with the desktop app). Then the user is asked to enter the nPA card in the card reader.

  9. The user now receives an SMS with a link to fulfil the registration and to set a user password.

  10. When the user is finished with the registration, they are sent back to Swisscom AIS to start the signing process (see the next section).

# Signing using Swisscom QES

Once the user is onboarded (see the above section), the user enters the Swisscom AIS signing process. This is the same process as described on the separate Swisscom AIS page about Electronic Signing. The only difference is that the end-user in this integration enters the phone number (not name) to start the signing process (see step 2 in the above section).

# Integrating with the combined service through Signicat

The integration is done via the same API as Signicat's other ID methods. For startup information, see Getting started with authentication. Through the single point of integration, merchants get access to Signicat's wide portfolio of integrated ID methods, as well as other services like identity verification and identity validation.

Onboarding of end-users into Swisscom has been integrated into the Swisscom plugin flow. This is available through a separate method definition. It uses the nPA plugin for authenticating the user and then uses nPA attributes to import the user into the Swisscom Registration Authority (RA) user database.

# Test information

Signicat's test environment preprod.signicat.com is available 24/7 and may be used during your development and test phase.

# Other sources

ID method pages for the separate services:

Last updated: 3/1/2021, 12:00:45 AM