About Norwegian BankID on Mobile
Norwegian BankID on Mobile (BankID på Mobil) is an electronic identity scheme in Norway that can be used for authentication and electronic signing of documents. BankID is based on a coordinated infrastructure developed by the banks through the Norwegian BankID Cooperation, under the direction of the Finansnæringens Hovedorganisasjon and Sparebankforeningen.
With Norwegian BankID on Mobile, the user’s certificate is stored on the SIM card of the user’s phone, with a limit of one BankID certificate per SIM card. The user must have a subscription with an operator that supports Norwegian BankID on Mobile. In addition to Norwegian BankID on Mobile, Signicat also offers integration with regular Norwegian BankID.
This article describes the process of integrating with Norwegian BankID on Mobile (BankID på Mobil).
Integrating with Norwegian BankID on Mobile through Signicat
Signicat’s Norwegian BankID on Mobile service, as well as a vast amount of other integrated methods, is delivered through a single point of integration. For our customers, this means a shorter amount of time to production and time saved integrating and maintaining the integrations with one or several identity-providers. Through the single point of integration, one will get access to Signicat’s wide portfolio of integrated ID methods, not only the Norwegian BankID, as well as other services like identity paper verification and lookups.
Norwegian BankID på Mobil can be used to verify the identity of an already-existing user. Getting started guides for authentication with the different authentication protocols can be found here.
The authentication will result in a type of response that will depend on the type of authentication protocol used.
As a registered customer in a bank, you will be able to apply for a loan. To be able to log in to your bank you have to authenticate to prove your identity. The Norwegian BankID på Mobil can be used for authentication, in the same way as it can be used for registering as a new customer.
You will be asked to enter your phone number and date of birth in the bank’s interface, followed by your personal PIN code on your phone.
An example of a SAML 1.1 response when Norwegian BankID is used for authentication can be found here.
The first alternative, authentication-based signing, is Signicat’s own signing solution and supports the use of any type of authentication method provided by Signicat. The Norwegian BankID på Mobil as an authentication method is used for this alternative, where the authentication result is reused for signing. It will ensure a unified output format in accordance with EU specifications as well as a scalable, responsive flow supporting any modern device standards and window sizes available for consumers today.
The second alternative, performing native signing with Norwegian BankID på Mobil as a third-party method, the Norwegian BankID på Mobil’s native signing support is used for signing. It will not follow the same output formats and cannot be guaranteed to support responsive flows nor necessarily support all of the same signing functionalities as the authentication-based alternative.
The signing result will, in either way of the alternatives chosen for signing, result in a PAdES (PDF Advanced Electronic Signature) consisting of one or more signed documents (XAdES, implemented as LTV-SDO). See the Result section for signing result examples.
With Signicat Signature you can sign (as well as view or upload) one ore more documents, for example loan applications, contracts etc with Norwegian BankID på Mobil. Signing with authentication-based signing will allow you to sign all the documents at once. While the third-party signing will require you to sign the documents one at the time. See the Screenshots section below for an example.
The screenshots illustrate the flow when Norwegian BankID på Mobil is used for authentication-based signing. There are two documents for signing, “Letter of intent” and “Contract details”, and one document for view only, “Information about Signicat”.
For an example of a LTV-SDO, as a signing result with authentication-based signing and Norwegian BankID as authentication method, please see here.
For an example of a PAdES, as a signing result with authentication-based signing and Norwegian BankID as authentication method, please see here.
How to integrate authentication with Norwegian BankID on mobile from headless systems
If you want to send headless authentication requests (typically from a backend or app to backend system) via Signicat, we recommend using our OpenID Connect (OIDC) API as a mediator. Please refer to our documentation on headless authentication for further details.
New customers will have BankID på Mobil in their BankID-dealer agreement.
If you have BankID today and wish to gain access to BankID på Mobil, please contact email@example.com.
Signicat’s test environment preprod.signicat.com is available 24×7, and may be used during your development and test phase. All use of this environment is free.
Test users for BankID på Mobil:
SIM cards for Norwegian BankID på Mobil’s test environment can be ordered via Signicat’s Service Desk, by e-mail to firstname.lastname@example.org. The following information must be included:
- Number of SIM cards needed
- Whether the SIM cards should be connected to existing test users
- If so, the names and national ID numbers of those test users
- If you have no preference, some user data will be generated for you
- Organization number
- Shipping address (with the recipient’s name)
- Billing address (with the recipient’s name)
- Billing E-mail address
Signicat will verify the order and pass it on to BankID Norway. It will take approximately one week for the test SIM cards to arrive.
The customer is responsible for a device in which to insert the SIM card. BankID på Mobil utilizes SIM Toolkit, so the device must support that. See BankID Norway’s web page on the subject(Norwegian).
Read more about BankID på Mobil on this page (in Norwegian).