[PPT] - BankID 23. August2016 23.10.2016 2 Questions How did you decide PowerPoint Presentation

SLIDE 1

BankID

23. August2016

SLIDE 2

Questions

How did you decide to build/create your national eID solutions?
Which elements does your solution consist of? The conceptual

model.

Which challenges have you met while implementing and

distributing the solutions?

What does the eID solution mean for the society the Citizens of

your countries?

If you were about to start over, what would you do differently?
What do you think is coming with the future solutions on

eID/signing?

2 23.10.2016

SLIDE 3

How did you decide to build/create your national eID solutions?

Established Assessed: Card- & Soft-based Solutions Conclusion: Central / roaming / HSM Solution Reason: Usability, Security and Cost 2000

SLIDE 4

END USER COMMON ROOT, STANDARDS, POLICIES, RULES ETC.

Which elements does your solution consist of? The conceptual model.

BANK SERVICE PROVIDER AGREEMENT SERVICE AGREEMENT WITH END USER SERVICE PROVIDERS (MERCHANTS) INTER-BANK BANK BANKID CORE TECHNICAL COMPONENTS

RULES

MNO

SLIDE 5

Governance

To be used by the government we are required to:

Ø Qualified certificates Ø Level 4(highest) in a National system defining security Anti Money Landering law is also pointing to these security level – it says ”eID can be used for AML, but must the n be on level 4 security wise

SLIDE 6

Which elements does your solution consist of? The conceptual model.

6

Ø BankStored BankID Ø Java client with keys and certificates in the cloud Ø No need for software innstaled on the computer/mobile Ø Client downloaded each time Ø Java to Web Client in 2014 Ø Requires One Time Password Ø BankID on Mobile(or SIM) Ø Popular because it’s truly mobile and for its code word security Ø Combination model Ø BankStored with BankID on mobile as OTP Ø BankID on mobil a real mobil solution embrased by customers Ø Enrollment requires passport. Activated and renewed through internettbank.

SLIDE 7

Norway

8 out of 10 adults have BankID

SLIDE 8

Norway

8 out of 10 have a SmartPhone*

* Kilde MedieNorge.no

SLIDE 9

SLIDE 10

Which challenges have you met while implementing and distributing the solutions?

SLIDE 11

SLIDE 12

12

BankID transactions done for financial services including consumer banking (91.5% of total transactions)

Including Including

What does the eID solution mean for the society the Citizens of your countries?

An overwhelming online banking adoption…but not only

1 2 3

90.9%

5.1% 4%

SLIDE 13

BankID for governmental services

13

SLIDE 14

ID-Porten provides common identification service for all governmental eServices

M ore than 700 servi ces connected

T A X D E C L A R A T I O N M U N I C I P A L I T Y S E R V I C E S C I T I Z E N E M A I L A C C O U N T

citizen@norge.no

BankID for Government Services

ID-Porten: the national ID Gateway

>1Mill

transactions

per month

SLIDE 15

15

BankID for Government Services Access (login with BankID)

Panorama of main supported services

Governmental digitalized forms & services for Businesses & Citizens

60 %

Labour & Welfare administration

21 %

National health web community (patients records and professionals communication)

5%

ePrescriptions

3.5% 3.5%

Email box for Norwegian Citizens

SLIDE 16

16

BankID for Government Services Access (login with BankID)

Main Use case: Secure Login

For the top 5 governmental portals the

secure login is the most solicited

use case No matter the service, user will have a consistent experience

Altinn, the success of dematerialization

Since 2003 4 million citizens registered 1 million entities registered 112 million forms sent by citizens & entities 83 million administration answers sent

ß ß

$$ Millions of savings

#1

SLIDE 17

Enrolling user to BankID

17

End-user is initially registered physically with passport End-user registers to Mobile ID through their Online Bank using existing hardware token

SLIDE 18

BankID in Financial services

18

SLIDE 19

#1

Financial Services’ BankID transactions represent 90.9%

f total ecosystem transactions

19

11.4 transacti

ns

per month

million

1. Consumer Banking

+9/10 total BankID transactions

2. Credit Cards

Services 0.8% of transactions ► 100k transactions/month

3. Mobile Payments

0.4% of transactions ► 50k transactions/month

4. Investment Funds

0.2% of transactions ► 25k transactions/month

T O P B A N K S F O R B A N K I D T R A N S A C T I O N S

A growing portfolio of services despite predominant Consumer Banking usage

BankID for Financial Services

SLIDE 20

20

How is BankID used for Financial Services?

1. Login

Key driver > Regulation in Norway for secure banking

2. Online Payment Validation 3. Signing of Mortgage documents BankID for Financial Services

Demo BankID SpareBank

SLIDE 21

BankID in Other services

21

SLIDE 22

60%

Of others BankID transactions for Insurance Services

22

500k transacti

ns

per month

BankID for Other Services

29%

Of others BankID transactions for Telecom Services

7%

Of others BankID transactions for Online Shopping

3%

Of others BankID transactions for Document management

Services on the rise

Real Estate Clubs & Charities Utilities

SLIDE 23

23

BankID for Other Services

BankID transformed Norway’s digital economy when it was first released, enabling processes that typically took over a week to be completed in only a matter of hours.

Source: GSMA Norway Case Study

How is BankID used for these other services? 1.

Login 2. Sign Up for new service 3. Document signing & mail reception validation

SLIDE 24

If you were about to start over , what would you do differently?

24

Cooperation is indeed important and the role of Bits(BSK) as a

glue setting security requirements have been important for all banks to trust all banks

Governental governence model has been important for certain

imporant use cases

AML
Become customer in finance
I would have defined OTP as COI if possible
I would have started improvement on signing earlier
I would not have used Java(but honestly there were nowoption

in 2003)

We would have buildt it with one common CA instead of one

per Bank

SLIDE 25

If you were about to start over , what would you do differently?

It takes time to build infrastructure,
have people to learn to use it
services that people find usefull
Sucsess is a result of hard work and cooperation in many levels
Between Banks
Banks and MNO’s
Banks and government

23.10.16 Mobile ID 25

SLIDE 26

What do you think is coming with the future solutions

n eID/signing?
Eidas with all its standards will be the future ways to

implement eID / Signing

It will be mobile
And there will be elements of Biometric however it will take

time as it is not mature enough yet

I.e. Enrolment with selfie J

23.10.16 Mobile ID 26

SLIDE 27

27

33%

Of Norwegian

Active population* is using Mobile ID

12.6

transactions

per month

million

14 transactions

per user/month

average

900 000

users

327

service providers

all suscribers

are equiped with

Mobile ID

SIM card

Key Figures of BankID on Mobile (2016)

Part of the daily digital habits of Norwegians

*Norwegian from 15

SLIDE 28

Deployment Model BankID on Mobile

28

IDP + AGGREGATOR

Service 1 Service 2 Service … Service N MNO 1 MNO 2 MNO N

Bank 1 (CA) Bank 2 (CA) Bank N (CA)

SUBSCRIBERS SUBSCRIBERS SUBSCRIBERS

SLIDE 29

Statistical information

5 million people
Population density 13,52 persons pr km2
Nederlanda 408,13
Belgia 370,94

SLIDE 30

Our play of words to handle security

100+ Adjective
100+ substantiv
i.e. Yellow submarine

SLIDE 31

31

SLIDE 32

32

SLIDE 33

That’s it from Norway ! Thank you !

33