How do you, as a company or authority, secure your digital services with BankID?
2021-12-09
With formatted signature, you can describe even more clearly to the customer what they sign.
You as a company or authority have a responsibility and can increase the safety of your customers and thereby reduce the risks. With auto-start of BankID on the same device and QR code for another device, a strong connection is created between your service and BankID. By implementing this, the step where customers enter their Swedish Personal Identity Number can be removed, which both increases security and give a smoother and faster customer experience.
With the service formatted signature, you as a company or authority can describe even more clearly to the customer what they sign. Be explicit in the text and use formatted signature text. This is especially vital in the event of important changes such as payments, loans or changes in contact information.
Always have secure customer contact
Never contact your customers to ask them to identify themselves with BankID. If you need to contact a customer, send a message instead, without links, and ask the customer to log in to the e-service. Do not ask the customer for a their Swedish Personal Identity Number.
BankID does not store information about transactions and therefore it is important that you as a company or authority save relevant information. Save relevant information about transactions, such as the signature used in a purchase or the date a customer enters into an agreement. If the need arises, you as a company or authority need to have relevant logs.
Read more about how you can implement BankID as securely for your customers.