Service status:

Update to secure start

To keep using BankID in your company you need to have the latest version of the service. That also brings you:

  • Access to new and coming functionality.

  • The benefits of continous security improvements.

  • A more secure and user friendly journey for your customers.

Kvinna_utvecklare_1400x930

Get continuous improvements

Our service is constantly optimised and new security improvements are added continuously. This means that your service gets updated protection automatically, as long as you use the latest version.

New in the latest version

  • A more secure and user-friendly customer experience
    Your customers will no longer need to enter their personal identity number in your e-service. This is replaced with an animated QR code or autoStart of the mobile app. This is faster, easier and more secure.

  • Improved function for phone calls
    BankID in phone calls is improved and gets clearer for the customers. They are also asked to answer a security question to lessen the risk of fraud. Read more

Illustration of BankID and the digital ecosystem.

What you need to do

When you start using the latest version, some adjustments in your technical integration of BankID in your e-services are needed. You need to:

  1. Remove the step where customers enter their personal identity number in your e-services.

  2. Display an animated QR code that the customers scan, if the customers use BankID on another device.  

  3. Start BankID on the same device by using autostart. That means that the BankID app is started automatically.

Technical guide

Older versions are shut down successively

Older versions of the service are being shut down successively. Now that May 1st has passed, the shutdown phase for versions 5.0 and 5.1 begins. This means that no updates are made and support ends. The date of final shutdown will be communicated at least 2 months in advance via our website and our technical newsletter. We recommend that you always use the latest version.

FAQs about secure start

Here you find ansers to the most common questions related to secure start of BankID.

In our technical guide you can find more information about the animated QR code and instructions on how to implement it.

Secure start means that you need to use the latest version of BankID in your comapny's e-services. Doing so means that you need to:

  1. Remove the step where customers enter their personal identity number in your e-services.

  2. Display an animated QR code that the customers scan, if the customers use BankID on another device.  

  3. Start BankID automatically on the same device by using autostart.

Technical guide

Follow the instructions in our technical integration guide.

Yes. In the latest version, the support for start with personal identity numbers is completely removed. It is an important security measure that will reduce the risk for fraud. All companies, organisations and authorities who use BankID in their services are required to upgrade to the new version.

Companies using BankID for signing of card payments must wait to make the update until support for this is available.

You can find instructions and information about how to update to the latest version, version 6, of the RP API and how to implement animated QR-code, in our technical guide.

The personal identity numbers are public and easy to get hold of. If an identification or signing is started by the user typing in their personal identity number, the flow can be started from another location which can be used by scammers. Using secure start means that the device holding the BankID must be in the same place as the device used for visiting the service.

It depends on if you will use BankID in phone calls and/or for card payments. If not, its limited to a minor upgrade with a URL change and changing names of a few parameters.

Use of BankID in phone calls and/or for card payments will require implementation of new interfaces for these functions. Support for BankID in phone calls is available in the latest version of the RP-API, and support for card payments is currently under development.

More information and instructions can be found in our technical guide.

Autostart is used when the customer visits your online services on the same device as they keep their Mobile BankID on. From your service, the BankID app is started without any middle steps. This makes the identification faster and gives a better user experience. Further, it enhances security by eliminating other steps that could be used by scammers.

How autostart works:

  1. The customer selects "BankID on same device" in your service.

  2. The BankID app is opened automatically.

  3. The customer give their approval in the BankID app.

We update BankID continuously to meet new security challenges and improve the service. All improvements always come in the latest version. Older versions will be gradually shut down, so in order to continue using BankID in your company's e-services, we recommend that you always use the latest version.

Older versions are closed down successively. The shutdown phase for versions 5.0 and 5.1 begins after May 1. This means that no updates are made and support ends. The date of shutdown will be communicated at least 2 months in advance via our website and our technical newsletter. We recommend that you always use the latest version.

Webinar about secure start (english subtitles)

More information