About mojeID

Page contents

• How it works
• Process flow
• Use cases
• Level of Assurance
• User data
• KIR and the identity providers
• External links
• Next steps

How it works

mojeID allows you to securely identify end-users online with validated attributes. mojeID is widely adopted by Polish citizens with an adoption rate of about 98% of Polish bank card holders.

To use mojeID, individuals need to register with a participating bank that offers mojeID services. Once registered, users can authenticate themselves online by providing consent for their personal data to be shared with the service they want to access.

mojeID uses multi-factor authentication and each mojeID action requires consent from the end-user. These features allow the end-user to decide what data to share and with whom.

With Signicat, you can implement mojeID in your application and provide your end-users with the possibility to identify and/or authenticate themselves using their trusted electronic bank environment. Signicat acts as a broker (or aggregator) between your application and mojeID.

Process flow

The process flow that the end-user follows involves these steps:

1. On your website, the end-user clicks on a button to authenticate with mojeID.

2. The end-user is redirected to the mojeID identity providers (IdP) page where they can select their IdP.

   

3. The end-user logs in to their bank environment using their mojeID credentials. This step may involve two-factor authentication.

4. On the mojeID validation page, the end-user reviews:

   • Personal data attributes to share during authentication.
   • Context description. The reason why you want the end-user to authenticate.
   • Your customer name.

5. The end-user consents to sharing their data and authenticating. Then, they are redirected back to your website.

Once the authentication process is completed, Signicat returns the attributes and the end-user information to you.

Use cases

mojeID is designed to suit a variety of use cases for identity verification. Here are some examples:

Age verification

Verify the age of your users by checking their date of birth thus ensuring adherence to age restriction policies.

Authenticating payment transactions

mojeID provides secure authentication for payment transactions by verifying bank account ownership, reducing fraud risk and aligning with industry standards for safe transactions.

Bank account verification

You can perform bank account verification by requesting the end-user bank account number thus minimizing fraud risk and expediting account linking for users.

Know Your Business (KYB)

Perform business onboarding and ensure compliance by verifying business representatives and registration data. Additionally, you can enrich end-user data by integrating with other Signicat products such as Data Verification.

Know Your Customer (KYC)

Meet your compliance and risk management requirements by offering secure end-user authentication and accessing verified end-user data from identity providers.

Onboarding

Streamline onboarding by enabling quick identity verification, reducing friction in the registration process and getting access to end-user data for regulatory compliance.

Level of Assurance

mojeID supports the following Levels of Assurance (LoA):

• Low: Username and password.
• Substantial: Requires additional multi-factor authentication, such as a one-time password sent by SMS or app confirmation.

When integrating with mojeID, you can control the LoA of an authentication flow through parameters that you pass in the authentication request.

User data

Integrating with mojeID through Signicat provides the following user information:

• First name(s)
• Last name
• PESEL number (Polish national identity number)
• Date of birth
• Email address
• Residential address
• ID document number and type
• Issuing and expiry dates of the ID document
• Bank account number

To learn more about the attributes supported by each authentication protocol, visit the Attributes reference page.

KIR and the identity providers

KIR (Krajowa Izba Rozliczeniowa S.A.) is the Polish National Clearing House that originated from an initiative to professionalise interbank settlements in Poland.

In the context of mojeID, KIR serves as the operator and coordinator of the mojeID platform. It oversees the infrastructure that connects identity providers (banks) and service providers (government agencies and businesses) to enable secure and efficient online authentication for users.

mojeID identity providers are Polish banks that offer mojeID services to their customers and determine which service providers (businesses like your company) to share their data with. These are the mojeID identity providers:

• Bank Polski
• Inteligo
• Bank Pekao
• mBank
• Velo bank
• Bos Bank
• BNP Paribas
• Bank Spoldielczy v Brodnicy
• Credit Agricole
• Alior bank
• Millenium bank
• Kasa Stefczyka
• ING
• Santander
• Grupa BPS
• Spółdzielcza Grupa Bankowa (SGB)

End-users choose and authenticate with their identity provider during identity verification with mojeID.

External links

Here is a list of useful references to mojeID concepts:

• mojeID official site (opens new window)
• Information about mojeID (opens new window)
• About KIR (opens new window)

Next steps

Integration guide

Follow step-by-step guides to connect to mojeID

Attributes reference

Attributes and response examples per protocol