Comment by Gravityloss
2 days ago
Don't banks have their own id:s as well? At least in another nordic country, you have quite many login possibilities to many services. Banks even provide cross-login.
2 days ago
Don't banks have their own id:s as well? At least in another nordic country, you have quite many login possibilities to many services. Banks even provide cross-login.
As I understand it, BankID in Sweden is still run by one organisation co-owned by the big banks, and banks handle verification for issuance. There is still a single point of failure for the operation of the system.
There is technically a second provider, Freja, but that is basically only supported by government agencies, and even that is spotty.
There are talks about a state-provided one coming soon, because of EU E-ID laws.
Well I'm in Finland and seems the system here has multiple independent services and is thus potentially more resilient.
I was under the impression that all of those services and login methods rely on suomi.fi in the end, but I admit that I don't understand the system terribly well.
Same in Norway.
MitID and NemID before it was pretty much bought by the Banks and the government together.
It is to avoid the banks needing their own id for customers, as people would need to go into the banks using their passports etc to register.
Some banks do have their own logins and IDs for various purposes, but you often need MitID somewhere in there simply to verify the actual identity of the person with the account. All the other logins simply give you access to the ID it doesn't actually verify it. MitID does that.
For example Lunar doesn't need MitID during 3D Secure (online payments), but that is only because you used MitID at some point to store your proof on your phone, that you can unlock with a secure enough method, and then do the payment. This is considered enough, as you still use an identity that has been verified by MitID at some point.
No. As I understand it the previous system, NemID was actually (co?)designed by the banks so this is what they all use. Likewise MitID is another unholy alliance of Nets (a Danish payment provider) and Danish banks.
Given the Swedish version of it is called BankID I assume the situation is nearly the same in Sweden.
Sweden have one other viable alternative that is Freja ID, it does not have at all the coverage as BankID but it's something.
Another one just popped up recently though it does not have a lot of coverage if anywhere yet: https://corporate.e-boks.com/loesninger/e-wallet/e-boks-id/
No. Many/most of them support login through hardware ID on your smartphone (i.e fingerprint/TPM-style pin), but the actual authorization of transfers or any privileged access is entirely MitID