Skip to main content

iDIN QR code flow

Next to the standard integration with iDIN, Signicat supports iDIN QR code flow, which offers an alternative authentication journey for your end-users.

With iDIN QR code flow, your end-users can scan a QR code displayed on the login page of your online service and authenticate directly using only their mobile device, instead of choosing an issuer bank and continuing the authentication in the bank authentication portal.

When to choose the iDIN QR code flow

iDIN QR code flow is suitable for scenarios where your application is designed for point-of-service identification, such as face-to-face and in-person identification occurring at a physical location.

How it works

Here is how a typical user journey with the iDIN QR code flow looks like:

  1. The end-user uses the phone to scan the iDIN QR code from a point-of-service identification station.
  2. On the phone, the end-user selects the iDIN issuer bank to authenticate with.
  3. The end-user follows the authentication process in their banking app or the phone's browser.
  4. If successful, the point-of-service identification station retrieves the status and shows the result to the end-user.

Example of an authentication screen with iDIN QR code available:

Authentication screen where the end-user can opt for iDIN QR code flow

Authentication screen where the end-user can opt for iDIN QR code flow

Impact

The QR code flow affects how the end-user authenticates in the following ways:

  • On your site/application, the end-user scans a QR code instead of choosing their issuer bank.
  • The end-user selects their bank later in the iDIN QR system.
  • The end-user chooses the issuer bank to use for authentication on their phone instead of on the web browser or the point-of-service identification display.
Your integration stays the same

The QR code flow does not impact your application configuration or how you integrate with iDIN.

Setup

Signicat Support enables, configures and sets up iDIN QR flow for you.

Contact Support

If you want to use the iDIN QR flow, contact us by creating a support ticket in the Signicat Dashboard.

One of our digital experts will support you in setting up the iDIN QR flow.

Configuration

Once the iDIN QR flow is set up and configured, you can find the QR code flow settings in the Signicat Dashboard. To view the configuration:

  1. Log in to the Signicat Dashboard.
  2. Go to Products > eID and Wallet Hub > eIDs and select iDIN.
  3. In the Advanced section of iDIN configuration, you find the following parameters:
    • Merchant token: A special token issued upon request to enable iDIN QR flow.
    • Secret signing key: A key issued upon request to enable iDIN QR flow. The key is used for signature validations in communication with the iDIN QR systems.
    • QR backend URL: The URL always stays the same. It is generated following the https://qrcode.idin.nl/idin-qr/v1.1/generate guidelines.

Example of configuration for iDIN QR code in the Dashboard:

iDIN QR code configuration in the Dashboard

iDIN QR code configuration in the Dashboard

Security considerations

End-users are not allowed to scan the QR code using their banking application. Instead, the end-user must scan the QR code with a QR code scanner app installed on their mobile device and manually open the link to the iDIN authentication portal, where the authentication flow happens.

When scanning any QR code, end-users should only scan and open links from trusted QR codes. This is to prevent potential security risks.

On this page