User-controlled privacy through self-sovereign identity

More and more, we conduct business online and through one or several digital identities, ranging from credentials issued from a single organization to a reusable, verified electronic identity. In a research report we conducted, 72% of consumers interviewed wanted a digital-only onboarding process for new financial services. Coinciding with this however, we find consumers becoming more privacy-conscious and there’s a growing trend towards having consumers “owning” and controlling their data.

We refer to this as Self-Sovereign Identity (SSI). SSI is a rather new concept, and there is no consensus on the exact definition. There is agreement that the user should be in control of their own identity data, but there is disagreement as to how this can be achieved.

This article will look at how to achieve this, using identity custodians.

Is blockchain the answer?

In a word, no. Blockchain technology offers the world a number of exciting opportunities to innovate and to solve problems in ways that haven’t been considered previously. However as a framework for creating a digital identity, blockchain has a few critical flaws that need to be addressed.

Most obviously, users are notorious for losing passwords and requiring assistance with resetting their accounts. In a blockchain world, digital identities cannot be recovered and it is the sole responsibility of the user to keep track of their login credentials. After all, by some reports there are over $20bn worth of bitcoins that are lost because the retrieval codes have gone missing.

In addition, the blockchain solutions typically put the information on the users’ own devices, encrypted, under the sole control of the user. Which is good until you lose the device, in which case there is no recovery mechanisms, as this would violate the thought of the user’s sole control.

As if that is not enough, who is liable in case of a breach? And who do you call if you have a problem? The idea behind blockchain is that there is no central authority and no ownership. Which also means no liability for the infrastructure.

As human beings, we are used to always being able to have somebody to call if there is a problem. Everybody has used the “I forgot my password” function multiple times. Most of us at some point have called a locksmith to get us into our car or house, because we have lost the key. Remember that with modern cryptography, there is no backdoor. There is nobody to call if you lose the key.

Finally, do users really want to manage their own data? And if so, can we trust them to do this. Digital identity is something which should be available and work, nothing that the end users should need to worry about.

If blockchain isn’t the answer, what is?

Enter the Identity Custodian

An Identity Custodian manages the identity infrastructure and assists users in managing and retrieving their data. An identity custodian will manage the user’s data on behalf of each user, very much in the same way banks manage the user’s money on their behalf, which few people seem to question.

This will have the following benefits for the user:

  • Somebody to call when there is a problem.
  • Somebody who is liable if there is any kind of problem.
  • Somebody who is managing the electronic identity.

As a user, I will choose an identity custodian I trust. I will be able to change to a different custodian when needed.

What is an anonymous self-sovereign identity?

Another advantage to taking this approach is the ability to offer a mostly anonymous digital persona that is tied to a verified identity. We are beginning to experiment with this in the Nordics.

Occasionally users want to be anonymous in certain online interactions, such as discussion groups or online communities. With Anonymous Self-Sovereign Identity, these users can remain anonymous, but their real identity can be discovered using a court order or similar.

Additionally, the anonymous-SSI will also prevent users from going back into a forum (where they have been expelled) with a new alias.

Who should be Identity Custodians?

As part of our Battle to On-Board research, we discovered that in most markets consumers have the most trust for banks to hold their digital identities (when compared to governments, specialist companies, and social media platforms).

This coincides with the most effective electronic identities in the market. These are found in the Nordics and are consistently driven by banks. Banks’ main business is trust. They are trusted with our money. In these days of PSD2, the banks risk being reduced to “plumbing”, and could use the opportunity to step up, and be recognized as trust service providers.

Benefits to banks

  • Consumer trust. With consumer data for sale from many online organizations, and through shoddy security and data breaches, consumer trust is low. Enabling consumers to work with businesses through a SSI means that digital trust can begin to be rebuilt.
  • Revenue. Banks can earn money from facilitating online transactions.
  • Stronger brand. Increased brand awareness through ongoing transactions helps build trust and loyalty with consumers.
  • Enhanced services and offerings. Finally, with a verified self-sovereign identity, organizations can begin to offer services that protect the privacy of their users online, or Anonymous Self-Sovereign Identity.

In conclusion

Banks face a unique opportunity in today’s evolving digital identity landscape. As witnessed by the success of the digital identities from the Nordics, there is a model for banks to increase their involvement in digital transactions and build improved consumer trust, while supporting consumers desire for both privacy and ease of use.

Digital customer onboarding – are you doing it wrong?

Until recently, proving our identity has been a fairly straightforward process. After all, almost all of us have access to some form of physical identification which we’re able to produce as necessary. Go through immigration and we present our passport or identity card. Hire a car and we hand over our driving license.

But as more and more of our lives play out online, what was once a trivial matter – proving we are who we say we are – has become a lot more complicated. Online authentication is something most of us must do on a daily or weekly basis, yet the physical documents we rely upon in everyday life aren’t much help in the digital world.

As a result, digital verification is often cumbersome and inefficient. These stubbornly outdated identity verification processes are holding the digital revolution firmly in check by forcing customers back offline to prove they are who they say they are.

In fact, we conducted some research around the digital onboarding of customers in the retail banking industry and found that over 50% abandoned their attempt to sign up for new financial services.

Yet of the consumers we interviewed (4,000 individuals in the UK, Germany, Sweden and Netherlands), 72% said they want an all-digital onboarding system. And of those consumers that do onboard digitally, we found that they were more likely to remain loyal and tend to apply for more products and services.

So if customers want to sign up online, but over half of them quit before they’ve completed the process, what’s going on?

Abandonment reasons

Of those that abandoned an onboarding process, 40% cited the amount of information required as a key reason. This was followed by 34% saying the time it took to complete the application was a deterrent. The need to send identity documents by post or visit a branch in person was third on the list with 28%, and finally 18% found that the language used in the application was confusing.

Interestingly, Sweden, is the only country that has an established and pervasive shared (and verified) electronic ID called BankID, thus the quickest and easiest verified digital identity process, ran into trouble with regards to website usability and confusing language.

Conversely, the UK’s high abandonment rate was primarily due to length of the application process, with the requirement of sending documents (such as passports) in the mail as a close second.

Three tips to improving digital customer onboarding

Of course each business needs to dig into what its own personal challenges are when it comes to customer onboarding, however we have seen three key elements that can help improve customer onboarding.

1. Step-up applications

A step-up application is a gradual process where you request more information over time, as you engage more deeply with your customers. Instead of hitting them with five pages of forms before letting them see how your services work.

For services such as online banking, providing a simple username/password application to see the inside of your online bank can help establish a sense of trust with your customer and get the relationship going. You can then ask for document scans, job history, and their dogs birthday later in the relationship.

2. Use better technology

Generally this falls into two camps: In some markets, such as the Nordics, there are established electronic IDs (such as BankID), while in others, the use of document scanning and other verification methods are used.

We have seen eIDs used extensively in customer onboarding and they do greatly streamline the process. However instead of asking for additional information on top of what the eID provides, the more progressive institutions are initiating registry lookups to further gather the information they require without the customer having to enter the details manually.

For those markets where there are no eIDs (or ones that lack pervasiveness), we generally recommend using a good document scanning service and then conducting registry lookups to get the details you need. Again, the more required information you can gather automatically, the smoother the experience is for the customer.

3. Improved user experience

It seems obvious, but sometimes legal requirements and system infrastructure can cause you to lose customers before they’ve even signed up. Reviewing and streamlining your customer experience, including legal requirements, language used, and application flow can help save as many as 25% of your dropped applications.

To learn more about our research relating to digital customer onboarding, download our report below.

Job B2B

Technical Presales Stockholm

Would you like to work for one of the fastest growing Cloud Service providers within Security?

In order to support the growth of Signicat’s business in Europe, our Presales department is looking to hire a Technical Pre-Sale for our Swedish Team located in Stockholm.

Signicat is a Digital Identity Service Provider (DISP) and is one of the leading providers of electronic identity and signature solutions in Europe. Our security solutions are used at all financial levels from government and big banks to small business—and everywhere in between. We are proud to provide identity assurance and authentication to over 450 European businesses and institutions in sectors such as government, banking, finance, insurance and eCommerce.

The Technical Pre-Sales is a technical sales consultant and supports our clients, partners and customers with technical expertise throughout the sales process. He/she is the technical advisor for customers and collaborates with the sales department, product management, marketing, services and support. The Technical Pre-Sale will also play an important role within the overall organization. He/she will influence Signicat’s strategy, offering and go-to-market approach.

WE OFFER:

– Great team spirit
– Working in a fast growing field
– A company in growth
– An entrepreneurial atmosphere
– A business culture with focus on team play
– Workplace in new office space in the city center of Stockholm

MAIN RESPONSIBILITIES & DUTIES

– Analyze customer business and technical requirements and work with the sales team to define a technical sales strategy for each prospect.
– Design solutions based on the Signicat product suite.
– Deliver presentations and interactive workshops.
– Deliver and customize product demonstrations.
– Lead and deliver technical Proof of Concepts and pilot projects.
– Deliver technical content for RFP responses.
– Handle presentations at trade shows and conferences.
– Stay current on the latest technology and contribute to the technical direction of the company while keeping a customer-centric approach.
– Ensure proactive communication with customers to ensure customer satisfaction.
– Be a technical advisor to customer’s senior IT and Business management.
– Become an expert level coach, mentor and trainer for a community of partners and clients.

REQUIRED EXPERIENCE, KNOWLEDGE & SKILLS

– 3+ years of work experience in similar roles most likely with software/solution vendors or system integrators.
– Team player, results oriented, organized and responsible.
– Pro-active communication skills, both written and oral.
– Motivated to learn new technologies and stay current with the product portfolio.
– Experienced in architecting and demonstrating technical solutions.
– Experience of On-premise, Cloud and Hybrid deployments along with and understanding of the drivers which influence a client to choose these models.
– Hands on development experience with some of the following: OpenID Connect, SOAP, REST, SAML or other related technologies.
– Degree or similar experience in IT.
– Fluent in English and Swedish (spoken and written).

Welcome to apply!

Apply here

In this recruitment, we cooperate with SalesOnly and their recruitment consultant Sara Sjölund. For questions please contact Sara at sara.sjolund@salesonly.se. We will be interviewing on a continuous basis, therefore please send your application as soon as possible via the “ansök här” link. All candidate applications are confidential.

Signicat is one of the leading providers of electronic identity and signature solutions in Europe. We lead innovation in security solutions, reducing risk while providing a smart and intuitive user experience. Signicat has earned the trust of institutions and businesses by providing user authentication, electronic signing, identity proofing and document preservation. We reduce risk in smart ways making it easy for companies to offer online authentication, identification and electronic signatures. Our teams are passionate about our mission to create the safest solutions for tomorrow’s challenges.

While enjoying continued growth we have kept the best of our ‘startup’ ethos, encouraging creativity, initiative and independence to get things done. We value the well-being of each employee and all work together to create a supportive and inspiring work environment. Signicat has more than 100 employees at offices in Trondheim (headquarters), Oslo, Copenhagen, Helsinki, Stockholm, Amsterdam, Lisbon, London and Frankfurt. Our focus is security and professionalism and we are constantly working to improve our product and ourselves. www.signicat.com

Signicat and Rabo eBusiness in Tech Talk

The Banker, January 25, 2019

Tech Talk: Interview with Daan van den Eshof, Rabobank and John Erik Setsaas, Signicat

John Erik Setsaas, VP of Identity and Innovation, Signicat, and Daan van den Eshof, Product Manager, Rabo eBusiness, Rabobank, talks to Joy Macknight about creating a digital identity service provider and how the bank and fintech benefited from this partnership.

Bankenes viktigste produkt er tillit

IKT-Norge 25. JANUAR, 2019

John Erik Setsaas, VP of Identity and Innovation i Signicat, ønsker at bankene tar større ansvar.

Signicat er en av Europas ledende leverandører av elektronisk identitet og elektronisk signatur. Selskapet ble etablert i 2007, og tilbyr skybaserte løsninger til både privat og offentlig sektor.

John Erik Setsaas, VP of Identity and Innovation i Signicat.
Signicat er i dag den største leverandøren av BankID i Norge, og tilbyr både signering og autentisering med BankID og BankID på mobil. Vi ønsker dem velkommen som FutureBank-partner!

– Futurebank er en interessant møteplass for alle som jobber i bank- og teknologi-sfæren. Vi ser på dette gjennom digital identitet, og ønsker å bidra med vår kompetanse på dette området, forteller Setsaas.

Enklere å bli kunde

Signicat ser fra sitt ståsted flere endringer i fintech-næringen den siste tiden, og opplever mye fokus på å forenkle prosessen for å bli kunde.

– Fokuset for tradisjonelle banker har vært at man må gjennom en full KYC-prosess for å i det hele tatt bli vurdert, men vi ser at nye banker gjør det enkelt, og i første omgang kun ber om minimalt med informasjon for å slippe inn brukeren, for så å be om mer senere. Dette for å sikre at man opererer i henhold til KYC og AML. Vi ser at i Norden, hvor eID er utbredt, er det enkelt å bli kunde med etablerte elektroniske IDer (BankID, NemId, Tupas, etc), men der hvor slike ikke finnes, må prosessen forenkles, sier han.

Setsaas ser også at et stadig tilfang av nye utfordrere på bank-siden.

– Det er mange nye banker som kommer inn på markedet, som Revolut, Bunq, etc., med et tydelig fokus på en enkel brukeropplevelse, som dermed konkurrerer med de eksisterende bankene, sier han.

Ser virkningene av PSD2

13. januar 2018 ble PSD2 (Revised Payment Services Directive) innført. Dette er et EU-direktiv regulerer betalingsformidlingen i EU og EØS, som vil føre til store endringer når det gjelder betalingstjenester.

– Vi ser også at PSD2 er i ferd med å komme. SBanken kan allerede operere som en AISP (Account information service provider – opplysningsfullmektig) mot utvalgte banker, slik at man som sluttbruker kan få en samlet oversikt på tvers av banker, forteller Setsaas.

I årene som kommer ønsker han å se at bankene tar større ansvar.

– Deres viktigste produkt er tillit. Selv om mange hevder de ikke stoler på bankene, så stoler man fortsatt på produktene fra bankene: Fysiske penger, kredittkort, lån, bankkonti og bankbokser. Bankene bør utvide dette til å omfatte også andre områder, for eksempel identitet. Norske banker er langt framme på området (med BankId), men det er behov for nye tjenester her: Personas (roller), pseudonymitet og samtykkehåndtering (GDPR). Som tillitstjenesteleverandører er bankene i en sentral posisjon til å bidra med dette, sier Setsaas.

Nå ser han frem til å møte fremtidsrettede fintech-entusiaster på FutureBank.

– Vi ønsker å møte banker og personer som tenker fremover, fokuserer på brukeropplevelsen, og samtidig ser på nye muligheter for bankene som tillitstjenesteleverandører. Vi jobber for tiden med det vi kaller «identity custodians», som vi ønsker å utforske sammen med bankene, sier han.

Mer info om Futurebank 2019 finner du her.

Link til IKT-Norge nyheter

Solutions Marketing Manager

We’re looking for a solutions marketing manager to help us accelerate our go-to-market strategy and tell the world about Signicat’s verified digital identity solutions. Based in our Oslo office, you will be responsible for our content strategy and working with our product team around our messaging and positioning.

Working closely with other team members, you will also be responsible for creating compelling thought leadership (e.g., writing articles, whitepapers, blog posts) and lead generation campaigns that differentiate the Signicat offering.

Responsibilities

Together with the product team, educate both internal and external stakeholders about our product features and their benefits.
Create product content (e.g. sales enablement documentation, case studies, product videos, website copy, blog posts) to articulate the benefits of our products to the world.
Measure and optimize the buyer journey as it relates to product feature adoption and usage.
Deliver training and sales tools to our reps to help them be more efficient and effective.
Perform competitive research and help position us to win more customers.

Requirements

BA/BS degree or equivalent working experience.
Past experience in product marketing, and/or product management.
Background from the digital identity management or fintech space an asset.
Excellent written and verbal communication skills in English — there is a heavy amount of writing and presenting/selling ideas in this role. Norwegian an asset.
Prefer working in a collaborative, cross-team capacity. This role requires you to work across functions and departments to bring the product to life. You are at the center of our entire organization, constantly interacting with teammates and prospects.

To apply, please mail your CV and cover letter to marketing-jobs@signicat.com. No recruitment companies please.

Om arbeidsgiveren

Signicat is a growing, dynamic technology company that has operations in Norway, Sweden, Denmark, Finland, Netherlands, Germany, Portugal, and UK. We’re currently 113 people from 22 different countries. Our head office is in Trondheim, Norway. We are a fast-growing company that has track record of success as one of the most complete providers of electronic identification services for the Nordic and European markets. While enjoying continued growth we have kept the best of our ‘startup’ ethos, encouraging creativity, initiative and independence to get things done. We value the well-being of each employee and all work together to create a supportive and inspiring work environment.

Søk på stillingen

Technical Support Specialist, Finland

Oletko kiinnostunut työskentelemään monipuolisten digitaalisten palveluiden parissa kansainvälisesti toimivassa yrityksessä? Haluatko olla mukana rakentamassa menestyvää kasvuyritystä? Olemme laajentamassa Suomen palveluliiketoimintojamme ja haemme yritysasiakkaidemme tekniseen tukeen teknistä asiantuntijaa kasvamaan kanssamme.
Etsimme tiimiimme vastavalmistunutta tai jo työuransa aloittanutta IT-osaajaa. Haemme tulevaisuuden kykyä, ei välttämättä valmista pakettia, sillä koulutamme sinut tehtävään. Toivomme, että sinulla on opiskelusi, harrastuksen tai aiemman työsi pohjalta jo aiempaa kokemusta teknisestä ongelmanratkonnasta ja/tai teknisestä asiakaspalvelusta. Toimistomme sijaitsee Quartetto Business Parkissa Espoon Leppävaarassa. Tehtävä on vakituinen ja kokoaikainen – tilaisuutesi pitkäaikaiseen työpaikkaan mahtavassa porukassa on nyt!

Technical Support Specialistina pääset tukemaan yritysasiakkaitamme Signicat-palveluratkaisujen käyttöönotossa ja ongelmatilanteissa. Tehtävänäsi on avustaa asiakkaidemme yhteyshenkilöitä, kuten ohjelmistokehittäjiä ja muita teknisiä osaajia mm. palveluratkaisujemme integraatioihin liittyvissä asioissa. Työsi tulee koostumaan sekä asiakkaidemme teknisten ongelmien ratkaisemisesta, että Signicatin Suomen myyntitiimin tukitehtävistä. Tulet toimimaan yhteyshenkilönä Signicatin kansainvälisen Operations -osaston, Suomen myyntitiimin, sekä asiakkaiden teknisten- ja liiketoimintatiimien välillä.

Tehtävässä menestyminen edellyttää:

Soveltuvaa IT-alan korkeakoulututkintoa
Intohimoa teknistä ongelmanratkontaa ja asiakaspalvelutyötä kohtaan
Erinomaisia vuorovaikutus- ja kommunikointitaitoja suomeksi ja englanniksi, muu kielitaito on eduksesi
Kykyä hahmottaa, kuvata ja kehittää prosesseja, sekä toimintatapoja palvelun kehittämiseksi
Energistä ja vastuullista asennetta
Toivomme sinulta:

Tuntemusta ITIL-prosesseista tai ISO 27001 -standardista
Aiempaa kokemusta teknisestä ongelmanratkonnasta tai teknisestä asiakaspalvelusta
Kokemusta ohjelmoinnista (front- ja/tai back-end)
Tehtävä edellyttää valmiutta matkustaa satunnaisesti pääkonttoriimme Norjan Trondheimiin. Tulet raportoimaan työstäsi suoraan Signicatin operatiivisen toiminnan johtajalle.

Tule työyhteisömme jäseneksi:

Olemme aktiivinen ja energinen porukka, joka suhtautuu työntekoon intohimoisella ja iloisella asenteella. Arvostamme toisiamme tittelistä riippumatta, ja rekrytoimme joukkoomme ainoastaan henkilöitä, jotka suhtautuvat työntekoon kanssamme samalla asenteella. Pyrimme jatkuvasti sitouttamaan työntekijöitämme tarjoamalla mahdollisuuksia kouluttautua ja kehittyä kannustavassa työympäristössä. Panostamme henkilöstömme hyvinvointiin, sillä tiimimme on menestyksemme rakentamisessa tärkein resurssimme.

Kiinnostuitko?

Toteutamme rekrytoinnin yhdessä Barona IT:n kanssa, ja haluaisimme kuulla sinusta mahdollisimman pian! Voit jättää hakemuksesi helposti muutamalla klikkauksella. Lisätietoja tehtävästä voit kysyä:

Barona IT:n HR-konsultti Mikael Korvelta 040 7405 135 tai mikael.korpi@barona.fi.

Ota yhteyttä tähän

Succesfuld Senior Sales Executive, Denmark

Succesfuld norsk vækstvirksomhed
Signicat er en ung, succesrig norsk virksomhed, som tilbyder sine kunder nogle af de mest avancerede cloud-baserede løsninger, der løser udfordringer inden for digital identitet og elektroniske signaturer. Signicats løsninger gør deres kunder i stand til at drive deres forretning på en mere effektiv måde, idet kunderne får en unik brugeroplevelse, samtidig med at der anvendes avancerede sikkerhedsteknologier, der reducerer risici.

Signicat har store vækstambitioner og søger en kompetent Senior Sales Executive, der kan bidrage til den fortsatte positive vækst.

I rollen som Senior Sales Executive bliver du del af et ambitiøst og velfungerende dansk team. Du refererer direkte til den danske Sales Director og har tæt dialog med dine kolleger i Danmark såvel som med det norske hovedkontor.

Du oplever en varieret arbejdsdag, hvor du en del af tiden befinder dig hos kunderne. Du er opsøgende i dit salgsarbejde og har bolden på salget mod Signicats nye kunder.

Du er ansvarlig for salgsprocessen gennem hele forløbet – lige fra den indledende behovsafdækning, hvor du inspirerer kunden med unikke og spændende løsningsmuligheder, til udarbejdelse af tilbud og forhandling af kontrakter. Samtidig er du ansvarlig for at følge op på og udvikle eksisterende kunder og sikre, at de får den fulde værdi af Signicats produkter.

Indgangsvinkler til jobbet
Du har en kommerciel uddannelse, er allerede en succesfuld sælger og har 5-10 års erfaring fra en lignende stilling, hvorfra du erfaring med salg/rågivning af it-tekniske løsninger. Alternativt kommer du fra en konsulentvirksomhed, der er knyttet til cloud-services eller anden software eksempelvis ERP/CRM. Du har i dine tidligere ansættelser skabt gode, dokumenterbare resultater og har et stærkt netværk – gerne i den finansielle sektor.

Du har god indsigt i og flair for it-tekniske løsninger. Samtidig har du stor forretningsforståelse og formår at gå i dialog med kunder på forskellige niveauer. Du er stærk, når det kommer til at håndtere større og mere komplekse løsningssalg og følger disse til dørs. Samtidig følger du op på dine kunder med henblik på at sikre dig, at Signicats løsninger bruges korrekt og optimalt. Du har gode interpersonelle kompetencer og solid erfaring med forhandling af kontrakter.

Som person er du engageret og proaktiv og formår således at arbejde selvstændigt og trives i en mindre og særdeles dynamisk virksomhed med en udpræget entreprenørånd.

Du taler dansk og engelsk på højt niveau. Hvis du også kan begå dig på norsk, er det et ekstra plus.

Spændende vækstvirksomhed, unikke løsninger, stærkt team
Du bliver del af en særdeles velkonsolideret vækstvirksomhed, som regnes som en af Nordens ledende fintech-virksomheder. Samtidig bliver du del af et kompetent dansk team, hvor du bliver en vigtig spiller, når det kommer til at sikre den fortsatte ekspansion, som er drevet af en stærk efterspørgsel fra Signicats kunder.

Signicat tilbyder konkurrencedygtige betingelser og en række goder. Signicat har 115 ansatte fordelt på kontorer i Trondheim (hovedkontor), Oslo, København, Helsinki, Stockholm, München, Amsterdam og London.

Signicat har vundet flere priser, senest ”2017 Innovation Award ved Smart Security Week” og dette års norske FinTech Achievement Award. Signicat er desuden kåret til at være blandt European FinTech Top 100-virksomheder ved European FinTech Award 2017.

Finder du jobbet interessant, kan du uploade ansøgning og CV her.

Referencenummer: DK-06053.

Har du spørgsmål til jobbet, kan du kontakte Mercuri Urval,Tina Hjort Lykke, på tlf. 4255 9553 eller Rikke Henningsen på tlf. 2274 0856.

Inside Sales Representative, Denmark

Stillingen

Succesfuld norsk vækstvirksomhed
Signicat er en ung, succesrig norsk virksomhed, som tilbyder sine kunder nogle af de mest avancerede cloud-baserede løsninger, der løser udfordringer inden for digital identitet og elektroniske signaturer. Signicats løsninger gør deres kunder i stand til at drive deres forretning på en mere effektiv måde, idet kunderne får en unik brugeroplevelse, samtidig med at der anvendes avancerede sikkerhedsteknologier, der reducerer risici.

Signicat har store vækstambitioner og søger en kompetent Inside Sales Representative, der kan bidrage til den fortsatte positive vækst.

I rollen som Insides Sales Representative bliver du del af et ambitiøst og velfungerende dansk team. Du refererer direkte til den danske Sales Director og har tæt dialog med dine kolleger i Danmark såvel som på det norske hovedkontor.

Det er din primære opgave at varetage salg og service til virksomhedens mindre kunder, og i rollen har du særligt fokus på nysalg og opfølgning på diverse kampagner. Du har en bred rolle og er ansvarlig for hele salgsprocessen – fra den første kontakt med kunden til udarbejdelse af tilbud og aftaler.

Du bistår endvidere det danske salgsteam med telemarketingaktiviteter med det formål at identificere opportunities, samtidig med at du også fra tid til anden giver en hånd med i forhold til salgsaktiviteter med udvalgte partnere. Endelig er du ansvarlig for at opdatere og vedligeholde Signicats kundedata i virksomhedens CRM-system.

Du oplever en varieret arbejdsdag, hvor du en del af tiden befinder dig hos kunderne. Du er opsøgende i dit salgsarbejde og har bolden på salget mod Signicats nye kunder.

Indgangsvinkler til jobbet
Du har forventeligt en kommerciel uddannelse og kommer helst fra en baggrund, hvorfra du har erfaring med salg af cloud-services eller anden software – f.eks. CRM eller ERP. Du har indgående erfaring med at håndtere kundedialogen og forhandling af kontrakter. Vigtigst er dog, at din salgserfaring stammer fra en intern salgsrolle, og at du har solid erfaring med salg via telefonen.

Du har god indsigt i og flair for it-tekniske løsninger. Du har gode kommunikative evner, er udadvendt og formår at tale med kunder på alle niveauer. Du er proaktiv og formår at arbejde selvstændigt, ligesom du har stort engagement og et højt drive. Du er en teamplayer, der trives i en mindre virksomhed med en udpræget entreprenørånd.
Du taler dansk og engelsk på højt niveau. Hvis du også kan begå dig på norsk, er det et ekstra plus.

Spændende vækstvirksomhed, unikke løsninger, stærkt team
Du bliver del af en særdeles velkonsolideret vækstvirksomhed, som regnes for en af Nordens ledende fintech-virksomheder. Samtidig bliver du del af et kompetent dansk team, hvor du bliver en vigtig spiller, når det kommer til at sikre den fortsatte ekspansion, som er drevet af en stærk efterspørgsel fra Signicats kunder.

Signicat tilbyder konkurrencedygtige betingelser og en række goder. Signicat har 115 ansatte fordelt på kontorer i Trondheim (hovedkontor), Oslo, København, Helsinki, Stockholm, München, Amsterdam og London.

Signicat har vundet flere priser, senest ”2017 Innovation Award ved Smart Security Week” og dette års norske FinTech Achievement Award. Signicat er desuden kåret til at være blandt European FinTech Top 100-virksomheder ved European FinTech Award 2017.

Finder du jobbet interessant, kan du uploade ansøgning og CV her.
Referencenummer: DK-06052.

Har du spørgsmål til jobbet, kan du kontakte Mercuri Urval, Tina Hjort Lykke, på tlf. 4255 9553 eller Rikke Henningsen på tlf. 2274 0856.

Security Compliance Manager

Som Compliance Manager vil du bli en sentral del av Signicat sin Security & Quality avdeling med hovedansvar i å følge opp Signicat sin etterlevelse av interne regler og policyer, kontraktuelle forpliktelser, sertifiseringer og standarder som ISO 27001, SOC2 og lovverk som GDPR, eIDAS, IKT-forskriften og tilsvaredne i andre europeiske land. I samarbeid med Security & Quality avdelingen identifisere og planlegge en strategisk plan for hvilke sertifiseringer og revisjonsrapporter som skal implementeres.

Stillingen rapporterer til CISO i Signicat AS.

I nye marked møter vi stadig nye utfordringer hvor regulerende myndigheter og kunder har ulike krav til tjenestene vi tilbyr. Som en SaaS-leverandør ønsker Signicat å tilby en basistjeneste som er god nok for alle hvor det ikke er nødvendig med kundespesifikke tilpassninger og dokumentasjon. For å klare dette trenger Signicat derfor en god strategisk fremgangsmåte for å håndtere alle forespørsler relatert til sikkerhet og compliance. Signicat er i dag ISO 27001-sertifisert, notifisert som en qualified Trust Service Provider i henhold til eIDAS og leverer flere revisjonsrapporter, inkludert SOC2 rapport, til sine kunder.

Arbeidsoppgaver og ansvar:
– Lede og utvikle compliance i Signicat
– Gjennomføre internrevisjon av Signicat i henhold til ISO 27001
– Planlegge avtalte revisjoner
– Bistå andre avdelinger med gjennomføring av compliance-relaterte aktiviteter
– Andre IT-sikkerhetsoppgaver innenfor programvaresikkerhet, nettverkssikkerhet, skysikkerhet, risk management, personvern, kryptografi, governance & compliance, prosessutvikling og IT-juss

Kvalifikasjoner og erfaring:
– Relevant utdannelse fra universitet eller høyskole. Dokumentert og relevant erfaring kan veie opp for manglende formalkompetanse
– Erfaring med informasjonsikkerhet og styringssystemer som ISO 27001
– Erfaring med GDPR
– Fordel å ha erfaring med gjennomføring av internrevisjon og Lead Auditor kurs
– Fordel med kjennskap til revisjonsstandarder som ISAE3402 og SOC2

Personlige egenskaper:
– Du er initiativrik, forbedrings- og løsningsorientert
– Du er ansvarlig, strukturert og nøyaktig
– Du jobber selvstendig og effektivt
– Du er en lagspiller

Vi kan tilby deg:
– Gode helse, forsikrings- og pensjonsordninger
– Fine kontorlokaler sentralt i Trondheim.
– Meget godt arbeidsmiljø
– Fleksibilitet
– Sosiale aktiviteter (husband, bedriftsidrett, spillkvelder)

For spørsmål og søknad kontakt CISO Thomas Kjøglum på thomas.kjoglum@signicat.com.

Om arbeidsgiveren
Signicat er en av de ledende leverandørene av elektroniske identitets- og signaturløsninger i Europa. Vi leverer nettbaserte tillitsbaserte tjenester til offentlig og privat sektor globalt.

Vi reduserer risikoen på smarte måter som gjør det enkelt for bedrifter å tilby online autentisering, identifikasjon og elektroniske signaturer. Vi er stolte over å tilby identitetssikring og autentisering til over 430 europeiske bedrifter og institusjoner innen sektorer som regjeringen, bank, finans, forsikring og e-handel.

Vi er et raskt voksende selskap, og en av de mest komplette leverandørene av elektroniske identifikasjonstjenester for de nordiske og europeiske markedene. Vi verdsetter innovasjon og de ansattes trivsel hvor alle jobber sammen for å skape et støttende og inspirerende arbeidsmiljø.

Signicat har 114 ansatte på kontorer i Trondheim (hovedkontor), Oslo, København, Helsingfors, Stockholm, Amsterdam, London, Lisboa og Tyskland, og vi vokser stadig. Vårt fokus er sikkerhet og profesjonalitet, og vi jobber kontinuerlig for å forbedre våre produkter og oss selv.

Søk på stillingen

Front-end developer with a passion for design

You will be a part of a dedicated and friendly operations team where you will build our self-service portal and configuration tools for the Signicat e-identity and digital signature platform.

You will be building user interfaces, working on the front-end that are part of the Signicat customer platform.

You’re a quick learner and if you are stuck you chase an answer, and you would like to have freedom under responsibility.

You’re good at demonstrating and explaining what you’ve created, and you like to do it.

You have several years of experience as a developer, you can read specifications and implement them accordingly, you are a team player and joyfully share your knowledge to strengthen your team.

You love making excellent user interfaces and really care about code quality and readability. HTML, CSS and Javascript are like native languages to you.

You like to build solid stuff and watch it roll out painlessly.

Essential

– 5+ years of industry experience
– Curiosity and interest
– You’re security aware.
– You stay updated on languages, frameworks and platforms, you know what’s coming next and you like to be knowledgeable and good at what you do.
– You write clean code and you know how to make your stuff testable and tested.
– You think coding is fun, you like helping people out and you ask for help yourself when you need it.
– You love to solve problems
– You understand architecture
– You speak English fluently, and preferably one Scandinavian language
– You want to live in Trondheim

Desirable

The ability to write proper technical documentation.

Perks

– Nice office location in central Trondheim. We’ve got a very relaxed working environment. No dress code, no business cards unless you really want one.
– This is an opportunity to become a part of a passionate operations team within an international company which is growing fast across Europe. The organization is flat and informal, and the job comes with lots of freedom and an equal amount of responsibility and accountability. There will be travel and other international opportunities for the right person, if you’d like that.
– You may choose your equipment freely, you’ll have the opportunity to affect your own office environment, and you’ll be working with other nice people in order to build great stuff to power the international expansion of Signicat.
– Kid-, mom- and dad-friendly.
– Insurance and pension plan
– Employee social activities (music, sports, board games)
– For international moves to Norway, immigration assistance and relocation services provided

About Signicat
Signicat is a Digital Identity Service Provider (DISP) and is one of the leading providers of electronic identity and signature solutions in Europe/globally. Our security solutions are used at all financial levels from government and big banks to small business—and everywhere in between.

We continue to be leaders in innovative security solutions, reducing risk while providing a smart and intuitive user experience. Signicat has earned the trust of institutions and businesses by providing user authentication, electronic signing, identity proofing and document preservation.

We are a fast-growing company that has track record of success as one of the most complete providers of electronic identification services for the Nordic and European markets. While enjoying continued growth we have kept the best of our ‘startup’ ethos, encouraging creativity, initiative and independence to get things done. We value the well-being of each employee and all work together to create a supportive and inspiring work environment.

Signicat has more than 100 employees at offices in Trondheim (headquarters), Oslo, Copenhagen, Helsinki, Stockholm, Amsterdam, London and Lisbon. Our focus is security and professionalism and we are constantly working to improve our product and ourselves. If you want to be part of our highly talented, professional and creative team then we want to hear from you!

Please send your application

EU Trust Mark

The pros and cons of eIDAS qualified

Signicat having been approved as a qualified trust service provider (QTSP) according to the EU’s eIDAS regulation (Regulation (EU) 910/2014) spurs some reflections on what it means to be “qualified” and the trust services situation in Europe.

The eIDAS regulation has four parts: General provisions, electronic identification, trust services, and electronic documents. This blog post is only about trust services; the part where the “qualified” term is defined. However, note the importance of the very short part on electronic documents. This simply states that an electronic document shall not be denied legal effect solely on the grounds that it is in electronic form. A pre-requisite for electronic trust services is of course that electronic documents are accepted. This was not obvious in all European countries before eIDAS.

As an EU regulation, eIDAS applies in all EU member states, overriding national law in case of conflict. Since eIDAS is “of EEA relevance”, eIDAS also applies to Norway, Liechtenstein and Iceland.

eIDAS defines a closed set of trust services:

• Certificate issuing for electronic signatures (signature by natural person) electronic seals (signature by legal person), and web-site authentication,
• Services for signing and/or sealing (signature creation),
• Signature/seal validation services,
• Time-stamp services,
• Preservation services for electronic signatures/seals and related certificates,
• Electronic registered delivery services.

eIDAS then sets out a few provisions on trust services in general, and detailed provisions for qualified trust services and their providers. “Qualified” is defined as fulfilling eIDAS requirements. All defined trust services can be qualified, except signature/seal creation services (still, such services can create qualified signatures/seals). Many qualified trust services and/or their outcomes are granted legal presumptions from eIDAS, e.g. a qualified time-stamp is granted the presumption of accuracy of date and time and integrity of the data bound to the time-stamp. Furthermore, one is not allowed to ask for more than qualified; this is the top level that is guaranteed to be accepted across the entire EEA area.

This greatly expands the qualified signature term from eIDAS’ predecessor, the EU e-signature directive. But the legal presumption from the directive is continued with eIDAS, that a qualified signature shall always be considered a proper replacement for a handwritten signature; this has been valid since 1999.

Has eIDAS’ concept of qualified been a success?
It is too early to answer. Judging from the number of actors, yes; by start of December 2018 the EU list includes 168 QTSPs. Three countries have none, and a few others only list actors that must be considered as marginal players. But since services can be offered cross-border, a lack of services in a country is not necessarily a problem. Close to 30 accredited conformity assessment bodies compete for the mandatory audits that each QTSP and its services must pass.

What we do not know is the market and revenue for the QTSPs. Some of them are governmental, semi-governmental, or public-private partnerships but the majority are commercial. Here, we find banks and banking service providers, postal services, notaries, chambers of commerce, and other actors that expand existing services into the digital space – plus specialist trust service providers like Signicat. Some are niche players offering one or a few services, and some aim to cover all or most trust services, qualified or non-qualified.

Qualified, whether it is qualified signature/seal or qualified trust service, is the top level, hence, also the most expensive level. Requiring this for all purposes may not be cost-effective. Requiring a specific service or mechanism (like a qualified signature, which today must be based on PKI technology) to be used for a process may be counter-productive; the service or mechanism must fit the process flow and the needs and capabilities of the actors. Signicat’s home market is the Nordic countries. These countries are among the most digitised in the world, and they have zero (or close to zero) requirements for qualified signatures or seals. While there was no doubt that Signicat should join the club of QTSPs, our home market experience makes us cautious not to push anything qualified unless it is really needed.

The pros of qualified are that it is guaranteed to be recognised and accepted across the EU for all purposes (national security excepted) and that, in some markets, qualified may be a ticket to trade. The cons are the price level and the potential lack of fit between the process at hand and qualified services/mechanisms. For non-qualified, the actors involved must agree what is sufficient for the process, which requires judgement but may lead to cost savings and smoother processes. A non-qualified trust service may well be recognised across the EU; the market decides but the recognition is not guaranteed.

Regarding qualified signatures, the idea of defining a signature level that can always be used to replace a handwritten signature, no questions asked, is a good idea. This fences off threats against digitisation from arguments that no digital mechanism is good enough. But unfortunately, in too many cases this idea is turned upside down by stating that qualified signature is the only mechanism that can replace a handwritten signature. One even sees the term “legally binding signature” used as a synonym for “qualified electronic signature”.

However, eIDAS is crystal clear in stating that:

“An electronic signature shall not be denied legal effect and admissibility as evidence in legal proceedings solely on the grounds that it is in an electronic form or that it does not meet the requirements for qualified electronic signatures.”

So, all electronic signatures are legally binding and can replace handwritten signatures, except in the presence of additional requirements that pose specific restrictions. Such extra requirements, e.g. requiring qualified signature for a purpose, can be found in national laws and regulations, in EU legislation (in practice seldom seen), in sectorial rule sets and best practices, or imposed by the involved actors themselves.

Qualified signatures have until now in too many cases been hampered by poor user experience. Hopefully, server-based signing services will both lower cost and do away with much of the user friction.

Based on these arguments, Signicat recommends use of an advanced or qualified signature only when at least one of the following holds true:

1. There is a legal requirement, typically from national legislation.
2. A risk analysis shows the need for a particular level of signature.
3. The mechanism (advanced/qualified) is a good fit for the process at hand.

Then, one can argue that the starting point, finding a substitute for a handwritten signature, can be challenged, as the result may be a digital process that mimics the paper process. While a handwritten signature is the only way to prove consent on paper, a digital consent can be obtained by a plethora of mechanisms that do not have to mimic paper signing. But that is a topic for a future blog entry.

Links:
https://ec.europa.eu/futurium/en/eidas-observatory
https://www.eid.as/home/ which also points to
https://www.futuretrust.eu/ where Signicat is associate partner
https://go.eid.as/ which is a new non-profit initiative promoting eIDAS
https://webgate.ec.europa.eu/tl-browser/#/ for trust list information

Blog post by Jon Ølnes, Nordic Product Manager, Signicat

Banks must replicate challengers and take onboarding seriously

Banks must sharpen up their onboarding process if they are to retain the lionshare of customers.

Our Battle to Onboard research from 2018 has revealed that more than 50% of people abandon a financial services onboarding process. The reasons being that it took too long (34%) and needing too much personal information (40%).

I would expect that number to be closer to 15-20%, you’re losing nearly half of your customers before they’re even your customers.

Traditional banks view onboarding in a binary fashion – you’re either onboarded or you’re not. They’re used to a model where you ask for everything up front.

I believe that banks are “extremely risk averse” and reluctant to have a non fully KYCed individual in their system.

But this is an area that I think must change considering the high onboarding abandonment rate. I encourage them to view it as a step up model and make it easier to get a foot in the door and get the relationship going. You gradually ask the customer for more information – this is what a lot of newcomers are doing.

Digital challengers are winning the onboarding game, with Monzo most recently reaching 1m accounts in late September 2018 and contemporary Starling Bank likewise seeing a 500% increase in accounts. Both banks pioneer the use of mobile phone verification and lean heavily on lessons learned from the tech giants.

They’re making it very simple to become a customer. I did onboarding myself with Revolut and it’s very smooth and easy to get started and then they begin asking for more information the more you get into AML. People want something convenient and convenience always wins.

 

How Signicat can help

Signicat is simplifying the process by providing one single API for a number of different onboarding methods in a single interface, making it very simple for banks. They can then set  the initial onboarding on whatever level they would like and then step up at a later time.

Banks can take the following steps to smooth out their onboarding process:

  • Instead of assuming that all users in the system are fully KYC’d, also make a category “New customer”
  • Make it simple to become a “New customer”, e.g. verifying the phone number by a one-time-password
  • Limit what a “new customer” can do and for how long, e.g. limit on amounts
  • Do all the existing risk monitoring also on the “new customer” accounts
  • Make a smooth step-up process, requesting additional information for full KYC
  • Work on the UX. Use clear and simple language in all steps


Blog post by John Erik Setsaas, VP of Identity & Innovation at Signicat

 

 

EU Trust Mark

Qualified Trust Service Provider – So what?

Signicat has recently (2018-11) been approved as a QTSP – Qualified Trust Service Provider, and the qualified service is the QTSA – Qualified Time Stamp Authority.

So what is the big deal, and who needs time stamps anyway?
A trusted time stamp is needed to ensure that the signature can be validated after the certificate expires. To check the validity of a signed or sealed document, you must be able to trust the time when the document was signed or sealed, as all validity checks on certificates is based on the time. The time stamp must be added in a way which makes it extremely hard to forge.

So what does the QTSA do?
It is obvious that if this time is taken from a local clock on your machine, this cannot be trusted, as it is very simple to set a different time. What if the service provider does this, it would be OK, right? It really depends on the service. Can you be confident that the clocks on the servers are running correctly? And that it is not possible for somebody working there to tamper with the time, to make a forgery? And if you check the document in a few years, are you confident that you can still trust the time it was signed.

How do you synchronize the clock?
You cannot just pick up the time from any NTP (Network Time Protocol) server, which gives no guarantee or liability for the time which is returned. This means that the clock must be synchronized with an authorized time source. Signicat’s QTSA service is using the Norwegian Metrology Service (https://www.justervesenet.no/en/), which provides a legal certified time. In addition, a separate server continuously monitors the derived time from the main server, and if any deviation is found, an alarm is set off, and the service is stopped.

Having a trusted time on the signed and sealed documents is one important aspect of long-term validation (LTV). If you have requirements to validate the document in the future, after the signing certificate has expired, or even long into the future (for example for contracts regarding properties which can be for 50 years or more), there must be some way of validating that the process of signing followed certain standards. One way of doing this is using LVT information embedded into the document, which gives the advantage that everything is embedded in the document. The LTV information contains all the certificates in the certificate path, all the certificate statuses, and the very important trusted time stamp. Every 3 to 5 years, the document is re-validated using this information, and a new time-stamp is added. Without the trusted time-stamps, you will not be able to have confidence in *when* the document was signed, nor when it was validated, and you may lose trust in the signed document.

Finally, there is the need for a QTSP – Qualified Trust Service Provider – which is the organization which binds this together. To become a QTSP, there are a lot of standards to follow, a lot of controls to implement, and any important configuration changes are done using dual-control, meaning that at least two people must be involved in the changes. The setup has dedicated hardware with strict physical and logical access control, including auditing of everything which is done. All of this would make it, if not impossible, at least extremely difficult to tamper with the system.

Each year, independent auditors scrutinize the service and the organization, delivering their report to the national notification authorities. The system is anchored in the legislation in all EU/EEA countries, and is the same as we know from the EU qualification of certificate authorities.

I have already mentioned that the service is operated under dual-control. This is just one of many controls which is required to get a QTSP status. Others are procedures for reporting incidents, insurance for handling closure of the service (for any reason), periodic internal and external audits. All this is done according to ETSI standard, which dictate how it should be done, and it is audited by an accredited external auditor (we were audited by BSI group https://www.bsigroup.com/en-GB/), and approved by the national accreditation body (in our case NKOM (https://www.nkom.no/), as we are based in Norway), which then added us to the EU trust list (https://webgate.ec.europa.eu/tl-browser/#/), where you can see all the QTSPs in Europe.

Read press release: Signicat named as Qualified Trust Service Provider

Blog post by John Erik Setsaas, VP of Identity & Innovation, Signicat

Introducing improved mobile support for Swedish BankID

Sweden’s BankID recently introduced a function where users can scan a QR code as part of an authentication, using Swedish Mobile BankID, providing enhanced security by reducing the geographical distance between the web browser on the desktop and the Mobile BankID client. This means that the desktop computer and the user with the Mobile BankID app are in the same place.

The user obtains a QR code on the website, and then scans this QR code using the Mobile BankID app. This eliminates the need to type in a personnummer (Swedish national identification number), which reduces the likelihood of social engineering attacks.

Signicat has now implemented support for this new QR code functionality. Signicat has also made improvements to the user interface of the BankID method in this new release. A method can be configured to support the new user interface and/ or QR code functionality.

To learn more, visit our developer pages.

For existing customers, contact our support team to take advantage of this new functionality.

If you are not a customer and wish to learn more, contact us.

Signicat granted EU Quality Trust Mark for security and quality of services

Trondheim, Norway, 12 November 2018 – Signicat, a leader in verified digital identity and electronic signature solutions, has been granted the status of Qualified Trust Service Provider (QTSP) by the Norwegian communications authority, NKOM. With this status, Signicat becomes one of the few companies that can use the EU Trustmark, and is now part of the EU Trustlist.

QTSP status is defined by internal procedures meeting the strict standards defined by eIDAS regulation and is audited by an external body, in this case the British Standards Institute (BSI). Having satisfied the external auditors and also met the approval of NKOM, Signicat can now use the EU Trustmark to indicate that it meets the standards demanded by the EU, and delivers the highest levels of security and quality of service.

Signicat QTSP status is specifically due to being Qualified Time Stamp Authority, enabling digital documents to be certified as existing at a certain point of time, without the possibility of backdating. This means that the authenticity of digital documents certified by Signicat can be trusted for even the most sensitive of uses. Time stamping is an essential part of document preservation, ensuring that documents can be validated and known to have existed at a particular time—not just now, but far into the future.

“We’re delighted to have our hard work and expertise recognised by both the auditors and the communications authority,” said John Erik Setsaas, VP of Identity and Innovation, Signicat. “The EU Trustmark lets our customers know at a glance that we meet the very high standards laid down by the EU, and that we can help to build mutual digital trust with the consumers they serve.”

Signicat’s status as a QTSP follows its announcement last month that it has joined the European Telecommunications Standards Institute (ETSI), the recognised standards body for electronic communications.

About Signicat

Based in Trondheim, Norway, and founded in 2007, Signicat is a Qualified Trust Service Provider operating the largest Digital Identity Hub in the world, offering the only complete identity platform in the market and trusted to reduce the burden of compliance in highly regulated markets.

With Signicat, service providers can build and leverage existing customer credentials to connect users, devices and even ‘things’ across channels, services and markets transforming identity into an asset rather than a burden. By ditching manual, paper-based processes and replacing them with digital identity assurance, customer on-boarding is accelerated and access to services is made simple and secure. Signicat’s Identity Hub is a complete solution to that offers compliance and a route to better customer engagement.

Signicat has over 500 financial services organisations as clients, connects to more than 20 schemes globally and verifies more than 10m identities per month.

Media Contacts:
CCgroup for Signicat:
Signicat@ccgrouppr.com
+44(0) 203 824 9200

Signicat introduces Signicat Business Signature, digitising business to business document signing

Trondheim, Norway, 7 November 2018 – Signicat, a leader in verified digital identity and electronic signature solutions, has today announced an electronic signing solution specifically for business to business interactions. The Signicat Business Signature product facilitates a flexible and secure business to business document signing process that minimises manual operations and keeps evidence of signature in the same document.

With the digitising of consumer markets, and the ability to sign legal documents online, businesses are increasingly looking to take advantage of the cost and time savings of electronic signatures. However, electronic signing in business to business transactions requires an additional level of security to ensure that the business is the correct legal entity and that the signatory is allowed to act on its behalf.

To support this, Signicat Business Signature allows document recipients to forward a sign order internally within their company to a single person authorised to sign, or to obtain multiple signatures when no single person is authorised to sign alone (sign and forward).

As well as the processes used to on-board consumers, the Signicat Business Signature includes additional checks of business registers ensuring that the business is the correct legal entity and the signatory is allowed to act on its behalf. The document is then signed using, for example, an electronic identity or eID (such as Norway’s BankID), a one-time password via SMS or scanning of ID documents.

The Electronic Seal functionality protects and preserves documents such as invoices, diplomas and certificates. By electronically sealing documents, Signicat Business Signature helps prevent fraud and ensures the document cannot be tampered with.

“Businesses are increasingly looking to take advantage of consumer technology to drive efficiency and to improve manual processes, and the move to e-signatures are a logical step. By doing away with physical documentation and enabling instant contract signing, Signicat is helping to enable digital transformation across Europe,” said Gunnar Nordseth, CEO, Signicat.

Electronic signing brings benefits including the assurance of signature validity through ID verification and signing authority lookups, capability for cross-border signatures, the option for signers to sign multiple documents in one process and the long-term verification of a signer’s identity. The solution is currently live in Norway and Denmark and is being rolled out across additional countries as business registry information becomes available.

Learn more about Signicat Business Signature here:

-Ends-

About Signicat
Based in Trondheim, Norway, and founded in 2007, Signicat operates the largest Digital Identity Hub in the world, offering the only complete identity platform in the market and trusted to reduce the burden of compliance in highly regulated markets.

With Signicat, service providers can build and leverage existing customer credentials to connect users, devices and even ‘things’ across channels, services and markets transforming identity into an asset rather than a burden. By ditching manual, paper-based processes and replacing them with digital identity assurance, customer on-boarding is accelerated and access to services is made simple and secure. Signicat’s Identity Hub is a complete solution to that offers compliance and a route to better customer engagement.

Signicat has over 500 financial services organisations as clients, connects to more than 20 schemes globally and verifies more than 15m identities per month.
For more information, visit: https://www.signicat.com/contact/

Media Contacts:

CCgroup for Signicat:
Alice Pedder
Signicat@ccgrouppr.com
+44(0) 203 824 9200

Signicat digitises in-store signing of credit agreements for Resurs Bank retail partners

Three in every four in-store credit agreements now signed digitally using electronic IDs

Trondheim, Norway 28th November 2018 Signicat, a leader in verified digital identity solutions, today announced it has been selected by Resurs Bank to provide instant mobile signing of credit agreements. Resurs Bank is the leader in retail finance in the Nordic region with more than 1,000 retail partners, serving more than 35,000 stores.

Customers signing a credit agreement in stores served by Resurs Bank no longer have to sign physical paperwork – instead, they can sign using their eID and create a digital agreement. All paperwork is shared digitally, so in-store purchases of high value items requiring a credit agreement are therefore as fast, secure, and convenient as any online transaction.

The agreement is signed using a combination of Signicat Sign and an approved electronic ID (eID), such as BankID. The customer can easily accept the terms and conditions and sign using their mobile device.

A pilot programme in Sweden was an instant success, with 76% of customers choosing to sign credit agreements using Mobile BankID. The service has now been rolled out to all retailers served by Resurs Bank in Norway, Denmark, Sweden and Finland.

“This technology means that traditional stores can better compete with their online rivals—while they offer superior customer service they need to combine this with the convenience of online shopping,” said Marcus Lennerhov, Product Manager at Resurs Bank. “Thanks to Signicat, the majority of our retail credit agreements are now signed digitally using a mobile device giving customers the security and ease they are used to online.”

“In ditching paper, electronic signatures offer a frictionless and instant customer experience, and gives retailers a trusted and scalable way to deal with growing demand while improving conversion,” said Gunner Nordseth, CEO, Signicat. “Working with Resurs Bank to provide digital signing to over 35,000 stores is another milestone for digital identity in the Nordics, a model for the rest of the world to emulate.”

About Signicat

Based in Trondheim, Norway, and founded in 2007, Signicat operates the largest Digital Identity Hub in the world, offering the only complete identity platform in the market and trusted to reduce the burden of compliance in highly regulated markets.

With Signicat, service providers can build and leverage existing customer credentials to connect users, devices and even ‘things’ across channels, services and markets transforming identity into an asset rather than a burden. By ditching manual, paper based processes and replacing them with digital identity assurance, customer on-boarding is accelerated and access to services is made simple and secure. Signicat’s Identity Hub is a complete solution to that offers compliance and a route to better customer engagement.

Signicat has over 500 financial services organisations as clients, connects to more than 20 schemes globally and verifies more than 10m identities per month.

For more information, visit: https://www.signicat.com/contact/

Media Contacts
CCgroup for Signicat
signicat@ccgrouppr.com
+44 203 824 9200

 

About Resurs Holding:

Resurs Holding (Resurs), which operates through the subsidiaries Resurs Bank and Solid Försäkring, is the leader in retail finance in the Nordic region, offering payment solutions, consumer loans and niche insurance products. Since its start in 1977, Resurs Bank has established itself as a leading partner for sales-driven payment and loyalty solutions in retail and e-commerce, and Resurs has thus built a customer base of approximately 5.5 million private customers in the Nordics. Resurs Bank has had a banking licence since 2001 and is under the supervision of the Swedish Financial Supervisory Authority. The Resurs Group operates in Sweden, Denmark, Norway and Finland. At the end of the second quarter of 2017, the Group had 742 employees and a loan portfolio of SEK 22.3 billion. Resurs is listed on Nasdaq Stockholm, Large Cap.

Preserving Electronic Signatures – Are you taking care of your signed documents?

Did you know that an electronic signature does not last forever? Just like old pieces of art, it needs to be periodically maintained to ensure its freshness. Some contracts need to be valid for a long time. This would typically be contracts for properties, which may even be inherited to the next generation.

So what happens with the signed document, you may ask. Are bits and bytes from the document disappearing? Of course not. The signed document itself has to be preserved to maintain its availability and integrity but when this is taken care of, the structure of the document itself does not change. But the world revolving around the document does.

I will be touching on three issues:

  • Certificates have an expiry date.
  • Validation information is needed to verify a certificate.
  • The strength of the cryptographic algorithms vanishes over time.

For one, the certificates (including all intermediate certificates up to the root) used for generating the signature have an expiry date. After this date, the certificate is no longer valid, which also means that if you try to validate a signature, this validation will fail.

Another issue in validating a signature is the need for validation data. A certificate may be revoked, i.e. declared invalid, before its expiry date, in the worst case because the certificate has been compromised. Thus, all certificate issuers offer services to establish the validity of certificates, typically as revocation lists (CRLs) or online status verification (OCSP).When validating a signature, one is obliged to check the validation data in addition to checking the expiry date of certificates. But a certificate issuer and its validation data may not live forever (remember DigiNotar?) Without access to the validation data, you cannot validate the signature. Note also that OCSP always returns current status, meaning validation after the certificate has been revoked will fail, even if the certificate was valid at the time of signing.

In addition to the expiry dates and access to validation information, the cryptographic algorithms that are used to add the signatures must be considered. These algorithms are basically math, and it is possible to calculate how much computing power is required to break one of these algorithms, say that you would need 20 years or 200 years to break it. However, this does not take into account breakthroughs in mathematics or in technology. Take quantum computing for example, which uses a completely different approach to problem solving, and may break the existing algorithms in minutes or seconds. In addition, there may be advances in mathematics, which renders existing algorithms invalid. As an example, old hashing algorithms (like SHA1 or MD5) are no longer considered secure, and are being replaced.

Preservation means:

  1. Validate the signature (or all signatures on a document) when certificates are still valid.
  2. Collect the evidences used in validation.
  3. Protect signatures and evidences by a “proof of existence”, making it possible to prove the signatures’ validity status at the time when the proof was created.

To address this issue, documents signed by Signicat contains what is called long term validation (LTV) information. The LTV contains all the results from the validations, so it is possible to verify what the data looked like at the time of signing.The evidence is protected by a time-stamp from Signicat’s time-stamp service proving the time when validation was done and at the same time protecting the integrity of all evidence.

This process needs to be repeated, as the certificates supporting the proofs of existence and time-stamps also have an expiry date, may be revoked, and the mechanisms may involve cryptography that may become weak over time.

To address all of these issues, Signicat offers a secure archive, where documents are periodically verified and re-sealed with updated proofs and time-stamps. This means adding a new layer of security, with updated algorithms.

Did anybody mention blockchain? Yes, you could store the hash (or signature) of the document on a distributed ledger. But that does not change any of the above. Blockchain promises that data cannot be deleted or modified. But that assumes the current mathematics and algorithms. Breakthroughs will make blockchain vulnerable. And you would still have to access validation information, in case of compromised data.  

Signicat Preserve is the Signicat solution to ensure that your signature can be validated 5, 50 or 500 years from now.

And even if Signicat may not be around 500 years from now (who knows?), the preservation follows open standards, so it is possible for others to take over the preservation process.

By John Erik Setsaas

Senior Java developer, Trondheim Norway

You will be a part of a dedicated and friendly development team where you will build integrations and features, services and products that run on the Signicat e-identity and digital signature platform.

You will be building features from start to finish, working on the backend to build APIs and microservices that are part of the Signicat platform. You will be using third-party SDKs and APIs along with your own skills and contributions in order to build applications that enable a range of identity and signature related features. You’re a quick learner, and you would like to have freedom under responsibility. You’re good at demonstrating and explaining what you’ve created, and you like to do it.

You have several years of experience as an allround developer — you are comfortable at the command line, you can read specifications and implement them accordingly, you understand the web as well as being comfortable writing modern server applications using Java.

You’ve got a knack for devops, you know Jenkins, Puppet and Salt (or similar), because continuous deployment and infrastructure as code is something that resonates with you. You like to build solid stuff and watch it roll out painlessly.

Essential

  • 5+ years of industry experience
  • Curiosity and interest
  • You’re security aware.
  • You stay updated on languages, frameworks and platforms, you know what’s coming next and you like to be knowledgeable and good at what you do.
  • You write clean code and you know how to make your stuff testable and tested.
  • You think coding is fun, you like helping people out and you ask for help yourself when you need it.

Desirable

  • Knowledge or awareness of authentication and authorization protocols.
  • The ability to write proper technical documentation.
  • Cryptographic (PKI) competence.

Perks

  • Nice office location in central Trondheim. We’ve got a very relaxed working environment. No dress code, no business cards unless you really want one.
  • This is an opportunity to become a part of a passionate development team within an international company which is growing fast across Europe. The organization is flat and informal, and the job comes with lots of freedom and an equal amount of responsibility and accountability. There will be travel and other international opportunities for the right person, if you’d like that.
  • You may choose your equipment freely, you’ll have the opportunity to affect your own office environment, and you’ll be working with other nice people in order to build great stuff to power the international expansion of Signicat.
  • Kid-, mom- and dad-friendly.
  • Insurance and pension plan
  • Employee social activities (music, sports, board games)
  • For international moves to Norway, immigration assistance and relocation services provided

About Signicat

Signicat is a Digital Identity Service Provider (DISP) and is one of the leading providers of electronic identity and signature solutions in Europe/globally. Our security solutions are used at all financial levels from government and big banks to small business—and everywhere in between.

We continue to be leaders in innovative security solutions, reducing risk while providing a smart and intuitive user experience. Signicat has earned the trust of institutions and businesses by providing user authentication, electronic signing, identity proofing and document preservation.

We are a fast-growing company that has track record of success as one of the most complete providers of electronic identification services for the Nordic and European markets. While enjoying continued growth we have kept the best of our ‘startup’ ethos, encouraging creativity, initiative and independence to get things done. We value the well-being of each employee and all work together to create a supportive and inspiring work environment.

Signicat has more than 100 employees at offices in Trondheim (headquarters), Oslo, Copenhagen, Helsinki, Stockholm, Amsterdam, London and Lisbon. Our focus is security and professionalism and we are constantly working to improve our product and ourselves. If you want to be part of our highly talented, professional and creative team then we want to hear from you!

For more information about the position and applications, please contact Lars Klemetsaune, the Development Manager, at lars.klemetsaune@signicat.com

Hackathon proof of concept: Business Vendor On-boarding Platform with verified digital identity

Together with our customer and partner Anva, we participated in the recent hackathon from B-Hive. The challenge was to “Know your Vendor” and, well, we’re pretty proud of our result.

What we built:

We created an easy-to-use platform for vendors to register once, and then being able to submit to multiple RFPs/RFIs using the same registration data. To verify the correctness, eligibility and validity of the submitting party, the vendor representative had to connect the account to LinkedIn as well as Belgium’s Itsme Electronic Identity. Based on this data, we then implemented company information lookup into Dun & Bradstreet APIs, and finally the end user could upload certificates (eg: ISO27001) and additional documents.

Furthermore, we also integrated the portal with ANVA Safebay platform for confidential messaging, and we had an AI chatbot that would automatically generate an NDA based on the ongoing conversation. Once signed by both parties (and verified using eIDs), these NDAs would then be Signicat sealed and put into our archive.

Here’s a more detailed video from our own Peter Feijen:

 

Press Release: Signicat joins ETSI team guiding digital signature standards

Trondheim, Norway, 27 September 2018Signicat, a leader in trusted digital identity, has joined the European Telecommunications Standards Institute (ETSI), the recognised standards body for electronic communications. As part of the technical committee on Electronic Signatures and Infrastructure (ESI), Signicat will help create and shape the standards for digital signatures and trust services.

ETSI is officially recognised by the EU as one of three European Standards Organisations (ESO), with a focus on broadcasting, telecommunications and other electronic communications networks and services. ETSI produces “harmonised standards” that support European regulation and enable manufacturers and suppliers to prove that their products and services meet these regulations.

ESI is the technical committee responsible for the standardisation of European digital signature and trust services. The standards produced by ESI are designed to meet the demands of eIDAS regulation, ensuring interoperability across borders, and be applicable beyond Europe.

Signicat—already standards-compliant—will be able to share its experience and knowledge of electronic signatures and digital identity to help guide the development of these standards. Currently in development are standards for signature validation services, which specify how a signed document will be sent to a trusted service, returning a signature validation report.

“The work of ETSI, ESI and eIDAS is solving the fragmentation that currently exists across Europe, and will make using digital trust services across the continent simple,” said John Erik Setsaas, VP of Identity and Innovation, Signicat. “Our membership of the technical committee that drives the creation of these standards gives us an opportunity to influence their development, bringing our first-hand experience of creating trust services that work across borders.”

For more detail on the ongoing work of the technical committee and its roadmap, read Signicat’s blog post: https://www.signicat.com/blog/signicat-joins-etsi-for-standardisation-of-digital-signatures-and-trust-services/

About Signicat
Based in Trondheim, Norway, and founded in 2007, Signicat operates the largest Digital Identity Hub in the world, offering the only complete identity platform in the market and trusted to reduce the burden of compliance in highly regulated markets.

With Signicat, service providers can build and leverage existing customer credentials to connect users, devices and even ‘things’ across channels, services and markets transforming identity into an asset rather than a burden. By ditching manual, paper-based processes and replacing them with digital identity assurance, customer on-boarding is accelerated and access to services is made simple and secure. Signicat’s Identity Hub is a complete solution to that offers compliance and a route to better customer engagement.

Signicat has over 400 financial services organisations as clients, connects to more than 20 schemes globally and verifies more than 10m identities per month.

For more information, visit: https://www.signicat.com/contact/

Media Contacts:

CCgroup for Signicat:

Alan Miller, Alice Pedder

Signicat@ccgrouppr.com

Hotels: Do you really Know Your Customer?

The regulation known as Know Your Customer (KYC) is as important as ever before for the prevention of identity theft and financial fraud, including money laundering and terrorist financing and is a widely used acronym in banking and FinTech. But why would a hotel need to KYC? More and more countries demand that the hotel has a copy of a guest’s passport. and this of course leads to increased time per check-in and a lower Revenue Per Available Room (RevPAR).

The KYC is the process of verifying the user’s identity, and is typically done by a number of mechanisms such as passport or ID paper upload, electronic ID verification, face recognition etc.

As hotels move towards online and kiosk check-ins, it makes this process more difficult. Wouldn’t it be great for customers to provide their passport and ID information ahead of time, including a scan of the passport and a picture of the guest? This information can be stored in the hotel’s Property Management Software (PMS) before the guest arrives?

Financial institutions in the Nordic region, Spain and Germany are reporting huge savings and increased attractiveness of their services since implementing an Electronic ID (eID)-based KYC process became available three years ago.

Here at Signicat we are able to provide secure guest on-boarding, as well as authentication and electronic signing services. We make it easy for hotels and others in the hospitality industry to use electronic IDs (a full list of supported eIDs here), as well as passport and ID card scanning services. We’re able to receive necessary information from passports, copy the documents, and securely store and preserve documents and signed agreements in our preservation archive.

What is an electronic ID? Electronic identification is electronic systems for legitimizing users on the Internet or other computer systems. Using an electronic identity, users can identify, sign in and sign contracts and approve transactions on different websites, such as banks and public portals.

Once onboarded, guests can then quickly access their loyalty program information as well. If an eID is used, there is no need to worry about remembering a username and login as authentication is provided by the eID.

Signicat has more than 10 years’ history of working with companies dealing with both complex regulatory compliance issues, as well as ensuring seamless user experiences to on-board and keep customers. Our APIs provide everything a hotel or PMS provider needs to quickly get up and running.

Afterall, for the hospitality industry wouldn’t it be great to Know Your Guest?

Contact us if you want to learn more!

Have you replaced TUPAS? Time is running out.

Finland’s TUPAS digital authentication method is being replaced. Signicat can help.

The TUPAS protocol no longer meets the criteria for strong authentication in EU legislation. According to the Finnish Communications Regulatory Authority, e-services will have to replace old TUPAS integration interface by 30 September 2019.

Finnish Trust Network:
The Finnish Trust Network is a combination of identity service providers (e.g. TUPAS banks and Mobiilivarmenne operators) and brokers. With agreement with a member of Finnish Trust Network, companies can continue to engage with customers online in a verified, trusted manner.

Signicat has been helping Finnish businesses meet these new requirements by providing an approved, strong authentication solution and providing access to the Finnish Trust Network. We act as a broker for Finnish businesses, meaning that instead of having to sign up 10 separate agreements with the 10 active banks in Finland and then implement 10 separate technical integrations, we act as a one-stop shop, providing a single point of integration and a single agreement.

Additionally, due to the bulk eID pricing we have negotiated, the average customer can save up to 70% on these connection fees in addition.

Contact us if you require more information or help with your TUPAS migration.

Technical Support Specialist, Finland

About the Position

Signicat is continuing to attract an increasing number of new, local and international business customers, many of which are large enterprises with wide reach. In addition, our existing customers are broadening their expectations of our products and services, and we are passionate and focused on delivering a consistent quality to all.

Due to this expansion, to strengthen our service organization and our business in Finland, we are looking for persons with excellent troubleshooting skills, experience with B2B customer support or premier services, energy and passion for helping others, and focused on the customers receiving significant value from our services. If you have these skills, then this might be the right job for you.

The role includes responsibilities for activities like:

Reactive and proactive technical and product support for Signicat’s Finnish customers
A key role in onboarding of new Signicat customers, sometimes as a leader of virtual teams
Provide pre-sales assistance to the Finnish Sales team
Contribute to get the highest possible adoption of the products sold
Be the link between Signicat’s Operations department, Finnish Sales team and the customers’ technical and business teams
Participate in further development of Signicat’s service product in Finland

Essential qualifications:

– Have a minimum bachelor’s degree within IT
– Have a service oriented mindset and can represent Signicat in a professional manner
– Enjoy challenges and can solve them
– Excellent communication and interviewing skills
– Speaks and writes Finnish fluently
– High proficiency in spoken and written English

Desirable qualifications:

– Have knowledge of ITIL or ISO27001
– Have experience with IT-related customer service tasks
– Have competence in programming, front-end or back-end
– Written and oral skills in a Scandinavian language (Norwegian, Swedish and Danish)

The position will be located at our Finnish office in Leppävaara, Espoo. The position will require occasional travelling, especially to the Signicat headquarters in Trondheim, where the rest of the service and support organization is located.

You will report to the Head of Operations.

About Signicat

Signicat is a Digital Identity Service Provider (DISP) and is one of the leading providers of electronic identity and signature solutions in Europe/globally. Our security solutions are used at all financial levels from government and big banks to small business—and everywhere in between.

We continue to be leaders in innovative security solutions, reducing risk while providing a smart and intuitive user experience. Signicat has earned the trust of institutions and businesses by providing user authentication, electronic signing, identity proofing and document preservation. We are innovators in fingerprint authentication, two-step verification and other generated one-time passwords.

We are a fast-growing company that has track record of success as one of the most complete providers of electronic identification services for the Nordic and European markets. While enjoying continued growth we have kept the best of our ‘startup’ ethos, encouraging creativity, initiative and independence to get things done. We value the well-being of each employee and all work together to create a supportive and inspiring work environment.

Signicat has more than 100 employees at offices in Trondheim (headquarters), Oslo, Copenhagen, Helsinki, Stockholm, Amsterdam, Lisbon, London and Frankfurt. Our focus is security and professionalism and we are constantly working to improve our product and ourselves. If you want to be part of our highly talented, professional and creative team then we want to hear from you!

Signicat is one of the leading providers of electronic identity and signature solutions in Europe.

We reduce risk in smart ways making it easy for companies to offer online authentication, identification and electronic signatures. Our teams are passionate about our mission to create the safest solutions for tomorrow’s challenges.

We are proud to provide identity assurance and authentication to over 450 European businesses and institutions in sectors such as government, banking, finance, insurance and eCommerce.

Contact person:

Hallvard Olaisen
COO
+47 951 36 561
hallvard.olaisen@signicat.com

EEMA Identity Blog: The problem of self-sovereign identity: We can’t trust people

10th August 2018: Link to EEMA Identity Blog

Two buzzwords often heard in identity today are self-sovereign identity and distributed identity. The reason for considering new models for identity is, among other things, to avoid a single point of dependency and to put the user is in control of his or her identity and decide how much information to share with whom.

It’s a compelling story. Who wouldn’t like more control over who has access to their data? Unfortunately, while the story is easy to sell, implementing self-sovereign identity is a much harder problem. What are the implications of this model of identity, and where will the responsibilities lie?

A digital identity gives a person access to their email, bank account, property, digital money and more. The hard part is binding a physical person to a digital identity. Identity professionals spend a lot of time trying to figure out secure ways of doing this.

In his blog The characteristics of Blockchain can be very valuable to identity, Kim Cameron said that “you should not lose your identity if a country has a political melt-down”. I completely agree. But it can take much less than revolution and anarchy for something to go wrong—neither should someone lose their identity if they fail to backup or forget a private key.

Human beings are not reliable

Anyone who has ever known a human being for any length of time knows this. They forget passwords and credentials and do not create backups. New technology that relies on fallible people to keep credentials safe comes with undeniable risks. A good example of this are the 23% of all bitcoins that are now lost, thanks to lost passwords and hard drives that now lie in landfill.

It’s unwise to create an infrastructure where ownership of possessions depends solely on people’s memory. Raise your hand if you have NEVER used the “I forgot my password” function. Raise your hand if you have NEVER lost a car key or a house key or needed help to access a locked space. Not a lot of hands, right?

In these situations, we can call a locksmith or demand a new password. Whether physical or digital, we can depend on somebody being there to assist if we get locked out. Unless we implement recovery mechanisms, self-sovereign identity means that there is no one that can help.

With self-sovereign identity, each user has a private key, designed in such a way that a brute force attack is close to impossible. This is clearly a good thing, as it prevents others taking over your digital identity. But putting the only possible key to access the digital identity in the hands—and forgetful brains—of the users invites disaster. There is no back-door. There is nobody to call.

It’s not just forgetfulness we need to worry about, as people have accidents or illnesses which can affect their memory. And when they die, and assets are to be passed on, the private key needed to access your digital identity is lost forever. We need to consider a worst-case scenario, such as someone’s house burning down, traumatizing them into losing their memory—and the recovery codes, carefully noted down and put in a sealed envelope, are also gone.

We need identity custodians

Clearly, we need identity custodians: an entity we can trust and call upon if we have a problem. Somebody who is able to give a key back when it’s lost. Ideally, we should be able to choose which identity custodian to use and switch as often as wanted. We also need different custodians for holding identity data and holding a key in escrow, to ensure segregation of responsibilities, and to reduce risk of exposure.
However, there are several fundamental challenges with using custodians:

– First is access to a user’s private key, which must be high-friction. It should not be possible for a rogue employee of an identity custodian to get access to your private key. But it must be possible, with your involvement, to recover the key. High friction and convenience do not go hand-in-hand.

– How do you prove who you are… when you cannot prove who you are? The key recovery must handle the situation that you have forgotten the key entirely and have no possessions that can help.

– The third challenge is building a key recovery system in such a way that it is secure, cost-efficient and usable. No system will be 100% secure, but due to the importance of keeping private keys private, a high level of security is a must.

One way to build such a system would be to split the key into several parts and have these parts stored physically (for example as a printed document), to make it more resistant to digital attacks. The physical presence of the user would be required to ensure a biometric match. The correct key would be handed to the user after all the parts have been collected. Procedures on the part of the identity custodian are important here to ensure that only the user and not the custodian gets the parts needed to reconstruct the private key.

Clearly, creating a secure, cost-efficient and usable management of identities is not simple. Self-sovereign identity, often discussed as a straightforward identity system, actually requires clunky solutions and multiple custodians to support it. It’s important to keep this in mind when these buzzwords are thrown around.

Author: John Erik Setsaas is Identity Architect at Signicat and a member of the EEMA Board of Management

Technical Support Specialist, The Netherlands

Signicat is one of the leading providers of electronic identity and signature solutions in Europe. We deliver online trust-based services to the public and private sector globally.

We reduce risk in smart ways making it easy for companies to offer online authentication, identification and electronic signatures. Our teams are passionate about our mission to create the safest solutions for tomorrow’s challenges. We are proud to provide identity assurance and authentication to over 430 European businesses and institutions in sectors such as government, banking, finance, insurance and eCommerce.

About the Position
Signicat is continuing to attract an increasing number of new, local and international business customers, many of which are large enterprises with wide reach. In addition, our existing customers are broadening their expectations of our products and services, and we are passionate and focused on delivering a consistent quality to all.

Due to this expansion, to strengthen our service organization and our business in The Netherlands, we are looking for persons with excellent troubleshooting skills, experience with B2B customer support or premier services, energy and passion for helping others, and focused on the customers receiving significant value from our services. If you have these skills, then this might be the right job for you.

The role includes responsibilities for activities like:
• Reactive and proactive technical and product support for Signicat’s customers from the BeNeLux area
• A key role in onboarding of new Signicat customers, sometimes as a leader of virtual teams
• Provide assistance to the Dutch Sales & pre-Sales team
• Contribute to get the highest possible adoption of the products sold
• Be the link between Signicat’s Operations department, Dutch Sales team and the customers’ technical and business teams
• Participate in further development of Signicat’s service product in the Netherlands

Essential qualifications:
• Have a minimum bachelor’s degree within IT
• Have a service-oriented mindset and can represent Signicat in a professional manner
• Enjoy challenges and can solve them
• Excellent communication and interviewing skills
• Speaks and writes Dutch fluently
• High proficiency in spoken and written English

Desirable qualifications:
• Have knowledge of ITIL or ISO27001
• Have experience with IT-related customer service tasks
• Have competence in programming, front-end or back-end

The position will be located to our Dutch office, in The Hague. The position will require some travelling, especially to the Signicat headquarters in Trondheim, where the rest of the service and support organization is located.

You will report to the Head of Operations.

About Signicat
Signicat is a Digital Identity Service Provider (DISP) and is one of the leading providers of electronic identity and signature solutions in Europe/globally. Our security solutions are used at all financial levels from government and big banks to small business—and everywhere in between.

We continue to be leaders in innovative security solutions, reducing risk while providing a smart and intuitive user experience. Signicat has earned the trust of institutions and businesses by providing user authentication, electronic signing, identity proofing and document preservation. We are innovators in fingerprint authentication, two-step verification and other generated one-time passwords.

We are a fast-growing company that has track record of success as one of the most complete providers of electronic identification services for the Nordic and European markets. While enjoying continued growth we have kept the best of our ‘startup’ ethos, encouraging creativity, initiative and independence to get things done. We value the well-being of each employee and all work together to create a supportive and inspiring work environment.
Signicat has more than 100 employees at offices in Trondheim (headquarters), Oslo, Copenhagen, Helsinki, Stockholm, Amsterdam, Lisbon, London and Frankfurt. Our focus is security and professionalism and we are constantly working to improve our product and ourselves. If you want to be part of our highly talented, professional and creative team then we want to hear from you!

About the Signicat’s Dutch office
The Dutch team exists out of team of commercial experts with a broad Industry knowledge and is conveniently situated a stone’s throw from Centraal Station, on the cusp of the city centre. This unique red brick building designed in the Amsterdam School architectural style is an iconic landmark on the city’s skyline and well known throughout the Hague. Formerly the Esso headquarters, this is a building with history and presence. Spaces Rode Olifant is easily accessible by car and has excellent transport links located only eight minutes walking distance from Central Station. Set up your work spot, plug into our energy and start accelerating together while overlooking beautiful Malieveld

Signicat offers a full-suite of benefits and competitive compensation. If you are looking for a new opportunity, we look forward to hearing from you. Please submit your resume to:

Marco Gouw
Director of Sales
Marco.gouw@signicat.com
+31 (0)657001483

Signicat joins ETSI for standardisation of digital signatures and trust services

Signicat is pleased to announce we have formally become a member of ETSI (European Telecommunications Standards Institute) joining their technical committee on Electronic Signatures and Infrastructure (ESI). ESI is the standardisation body responsible for most European standards on digital signature and trust services; CEN TC 224 additionally produces some standards, notably on security evaluation.

Signicat’s electronic signature services are designed to be standards-compliant, and with Signicat becoming a qualified trust service provider according to the EU eIDAS Regulation, standards-compliance is increasingly important for us. The decision to join ETSI/ESI is a strategic move to not only use standards, but to also get first-hand knowledge of and influence on their development.

European standards on digital signature and trust services are grouped in six areas as shown in the figure below. The green ticks show standards that are done (only maintenance activities) while the rest are in progress. When completed, standards will cover all trust services defined by eIDAS. CEN (the European Committee for Standardization) covers area 2 while the rest of the standards are produced by ETSI.

Formally, standards are not mandatory to fulfil eIDAS requirements for qualified trust services. However, when interoperability is a goal, in practice the ETSI and CEN standards must be used. Currently, Signicat uses standards from area 1 for the Signicat Sign service, from area 4 for the qualified time-stamp service, and of course the recommendations on cryptography from area 2. As the service offering expands, more standards will come into play.

While the eIDAS Regulation sets the scope of the standards work, ETSI’s strategy is to produce technical standards that are globally applicable and not targeted at a specific legal environment. Notably, ETSI uses the technical term “digital signature”, a signature created by use of public key cryptography and PKI certificates, to distinguish from the in-principle technology neutral, legal terms “electronic signature” and “electronic seal” used by eIDAS. ETSI standards, together with a few core specifications on which ETSI has built the work, are referenced internationally as the state of the art standards in the area.

Of the ongoing work, standards to enable server-based (remote) creation of qualified and other signatures are especially important. CEN is about to publish Common Criteria (CC) security evaluation profiles for the equipment needed for such a service, such as “remote QSCD” (Qualified Signature Creation Device). ETSI will publish standards for the signing protocol towards the service and policy and security requirements to be applied by the service provider operating the signing service.

Standards for signature validation services is underway from ETSI, specifying how a signed document (or pairs of signatures and hash values) can be sent to a trusted service, returning a signature validation report that is also being standardised.

Registered delivery, i.e. transmission of documents and other message between parties in a reliable and secure way, is a trust service in eIDAS. A new ETSI standard in this area is about to be sent for national ballot, meaning that the national standardisation bodies of the ETSI member states will vote on its acceptance. In addition to the base standard, ETSI has revised the old Registered Electronic Mail (REM) specification for email-based registered delivery; the new REM version is also under national ballot.

Standards are being produced for long-term preservation of both signed and unsigned documents, using digital signature techniques to produce evidences of existence.

When qualified trust services are audited by a Conformity Assessment Body (CAB), the CAB must be nationally accredited for the job according to an ETSI standard.

Of miscellaneous other work, ETSI recently published standards for issuing of qualified web-site certificates and qualified electronic seal certificates to actors that are accredited for payment service provider roles according to the EU PSD2 directive.

All in all, as ETSI standards are the foundation of many of the services that Signicat provides or will provide in the future, keeping track of and influencing the development of standards is necessary to ensure that Signicat continues to deliver world-class signature and trust services.

More on these links: ETSI and CEN.

Sales Executive Finland

Signicat is one of the leading providers of electronic identity and electronic signature solutions in Europe. The company, founded in 2007, delivers online trust-based services to the public and private sector globally.

The solutions fulfill operational capabilities in line with international standards and requirements, such as Privacy, Anti-Money Laundering (AML) and Anti-Terrorist legislation and regulations, as well as Know Your Customer (KYC) requirements for onboarding of new users.

Signicat offers some of the most advanced solutions for electronic identity and electronic signatures. The goal is to enable customers to do business more effectively by delivering great user experiences for the end users and at the same time reduce the risk by using advanced security technology.

The Signicat solutions are used by banks and financial institutions, insurance companies, government agencies and large corporations as well as small and medium sized businesses. Customers trust Signicat with the responsibility of authenticating users, providing electronic signing, identity proofing and document preservation.

About the position:
To strengthen our Finnish Sales organization and our business in Finland, we are looking for highly motivated sales person.
The position will be located at our Finnish office in Leppävaara, Espoo. You will be working with Signicat customers, partners as well as with the other sales and delivery teams in Signicat.

Qualifications and characteristics:
· Experience with sales & partner management
· Experience of services related to cloud services or other software (CRM, ERP)
· Excellent marketing skills(digital and traditional)
· Negotiations skills
· High level technical insight and business understanding
· Ability to work independently, being self driven with a good “drive”
· Documented results & track record

Signicat can offer you a job in one of Europe’s leading fintech companies. The company has competitive conditions and a variety of benefits. Signicat has over 100 employees distributed at offices in Trondheim (headquarter), Oslo, Copenhagen, Helsinki, Stockholm, Amsterdam, London and Frankfurt.

Contact:
Antti Harsunen
Country Manager,
+358 40 687 9090
antti.harsunen@signicat.com

Process Architect, Trondheim Norway

Signicat is one of the leading providers of electronic identity and signature solutions in Europe.

We reduce risk in smart ways making it easy for companies to offer online authentication, identification and electronic signatures. Our teams are passionate about our mission to create the safest solutions for tomorrow’s challenges.

We are proud to provide identity assurance and authentication to over 425 European businesses and institutions in sectors such as government, banking, finance, insurance and eCommerce.

About the Position
Signicat is continuing to attract a growing number of new, local and international business customers, many of which are large enterprises with wide reach. In addition, our existing customers are broadening their expectations of our products and services, and we are passionate and focused on delivering a consistent quality to all.
In order to ensure continued excellence alongside our expansion, we are looking to hire a Process Architect with energy and a passion for designing, implementing and optimizing business processes. You will have excellent troubleshooting and communication skills, experience in the field and a sharp focus on our customers´ need for the highest possible value from our services. Signicat is passionate about delivering a high-quality customer experience. You will share this goal and will help ensure exceptional customer service through your role in enhancing our business processes.
The Process Architect is a new role in Signicat, and you will be a part of a small and high-skilled team within the organization. Occasional travel will be required between our headquarters in Trondheim, Norway and our other European offices.

Job Description
You will have a range of responsibilities, including:
• Identifying and analysing existing and potential problems related to operational processes
• Recommending solutions to improve operational processes
• Implementing a common process framework and ensuring its continuous development
• Maintaining and improving existing corporate systems including Salesforce
• Working alongside internal stakeholders to identify process improvements, and implementing corresponding changes
• Ensuring process alignment across the organization, through collaboration and effective communication with colleagues at all levels

Qualifications, Experience & Skills
As the ideal candidate, you will have:
Essential
• Thorough understanding of current business process management (customer, operations and cash flow)
• Ability to streamline processes with skills in design and process architecture
• Technical and programming skills, preferably in html, javascript, java
• Ability to quickly understand and analyze complex issues, in line with Lean and Agile principles
• Excellent communication and interviewing skills
• High proficiency in spoken and written English
• Master’s degree or similar education (Business / Computer Science, or related field preferred)
Desirable
• Experience within organizational transformation, change management, Lean principles and process improvement in large business operations
• In-depth skills of modern ERP or CRM platforms (like Salesforce)
• Written and oral skills in a Scandinavian language (Norwegian, Swedish and Danish)

Our Benefits
• Competitive salary
• Insurance and pension plan
• 5 weeks paid vacation (following one year’s service)
• Family friendly policies
• Employee social activities (music, sports, board games)
• For international moves to Norway, immigration assistance and relocation services provided

About Signicat
Signicat is a Digital Identity Service Provider (DISP) and is one of the leading providers of electronic identity and signature solutions in Europe/globally. Our security solutions are used at all financial levels from government and big banks to small business—and everywhere in between.

We continue to be leaders in innovative security solutions, reducing risk while providing a smart and intuitive user experience. Signicat has earned the trust of institutions and businesses by providing user authentication, electronic signing, identity proofing and document preservation. We are innovators in fingerprint authentication, two-step verification and other generated one-time passwords.

We are a fast-growing company that has track record of success as one of the most complete providers of electronic identification services for the Nordic and European markets. While enjoying continued growth we have kept the best of our ‘startup’ ethos, encouraging creativity, initiative and independence to get things done. We value the well-being of each employee and all work together to create a supportive and inspiring work environment.

Signicat has more than 100 employees at offices in Trondheim (headquarters), Oslo, Copenhagen, Helsinki, Stockholm, Amsterdam and London. Our focus is security and professionalism and we are constantly working to improve our product and ourselves. If you want to be part of our highly talented, professional and creative team then we want to hear from you!

About Trondheim
Signicat’s headquarters are located in Trondheim, Norway’s technology and start-up capital. Set on one of the countries famous fjords it has fast become a European tech hub—a space where exciting innovation and ideas not only start but develop and succeed. The city has established itself as a career destination for the tech world leading the way in advanced technology for the finance, energy and software sectors.

With close access to nature for hiking and skiing–or just to clear your head and think of that next great idea, Trondheim blends the benefits of city living with an adventurous outdoor spirit. The city hosts reliable infrastructure and public transport making it simple to get around as well as offering a vibrant cultural, artistic and music scene.

Trondheim continues to attract ambitious and creative workers by offering an appealing mix stimulating working conditions, innovation and way of life.

Contact Information
COO Hallvard Olaissen
hallvard.olaisen@signicat.com

itsme®

Signicat and Belgian Mobile ID to deliver trusted digital identity services in Belgium through the itsme® digital identity scheme

Trondheim, Norway 19 June 2018 – Signicat, the world’s leading trusted digital identity provider, has partnered with Belgium Mobile ID to integrate the Belgian itsme® digital identity scheme into the Signicat Digital Identity Platform.

The integration of itsme® into the Signicat platform means that Belgian financial institutions, online retailers, and other commercial entities can more readily attract new customers and more seamlessly engage with existing customers through:
– Frictionless customer on-boarding and ongoing, advanced user authentication.
– Improved digital customer engagement through electronic signing and preservation of legal agreements.
– regulatory compliance of KYC and AML, GDPR and more.

Additionally, through the relationship, Signicat allows businesses throughout Europe to accept itsme® as an official mobile ID, meaning that Belgian citizens will be able to use their digital ID to access services across the continent. Signicat now connects to 20+ eID schemes globally in countries including Sweden, Norway, Denmark and The Netherlands.

As part of the engagement, Signicat will become a value-added reseller for itsme®, providing customers with comprehensive offering for trusted digital identity solutions in Belgium.

Itsme®, created by Belgian Mobile ID, is an ID scheme and an open ecosystem with the ambition to become a European reference for mobile identity and digital privacy, which makes the concept easy to deploy in other regions and countries. Itsme® is free of charge for users. Companies and institutions who want to offer itsme® to their clients contribute according to their number of users.

“Being able to on-board and keep digital customers is becoming increasingly important for businesses, especially with offerings that require a level of trust beyond a functional credit card. Our work with Belgian Mobile ID means that we can streamline customer onboarding and ongoing engagement for organizations looking to build trusted digital relationships with customers in Belgium,” said Gunnar Nordseth, CEO, Signicat. “The integration of itsme® into the Signicat platform further means that businesses across Europe can quickly and securely on-board Belgian customers, digitally, in minutes – and have trust in their identities – without any need for excessive paperwork.”

“Partnering with Signicat means that Belgian citizens now have access to a wide range of services from across Europe, effectively making itsme® a cross-border digital ID scheme,” said Kris De Ryck, CEO of Belgian Mobile ID. “The cooperation with Signicat offers interesting perspectives to expand the reach of itsme® in Europe.”

-ENDS-

About Signicat
Based in Trondheim, Norway, and founded in 2007, Signicat operates the largest Digital Identity Hub in the world, offering the only complete identity platform in the market and trusted to reduce the burden of compliance in highly regulated markets.
With Signicat, service providers can build and leverage existing customer credentials to connect users, devices and even ‘things’ across channels, services and markets transforming identity into an asset rather than a burden. By ditching manual, paper based processes and replacing them with digital identity assurance, customer on-boarding is accelerated and access to services is made simple and secure. Signicat’s Identity Hub is a complete solution to that offers compliance and a route to better customer engagement.

Signicat has over 200 financial services organisations as clients, connects to more than 20 schemes globally and verifies more than 10m identities per month.

For more information, visit: https://www.signicat.com/itsme/ or contact us https://www.signicat.com/contact/

Media Contacts:
CCgroup for Signicat
Nicole Louis, Martyna Borys
signicat@ccgrouppr.com
+44(0) 203 824 9200

Freja eID

Signicat and Verisec partner to offer Sweden’s Freja eID across Europe

Trondheim, Norway, June 12 2018 – Signicat, a leader in trusted digital identity, and IT security company Verisec, the developers of Freja eID, today announced a digital identity partnership using the Freja electronic ID (eID). As part of the deal Signicat will now offer Freja eID as a signing and authentication method—enabling retail, financial, and other organisations to use Freja eID to on-board and engage customers.

Freja eID is a digital identity with two levels of trust; the easily accessible basic Freja eID, and the more secure and trusted Freja eID+, which requires additional identity vetting. Freja eID+ is used for secure transactions across the private and public sector and is the first Swedish mobile eID approved by the Swedish E-identification Board, granting it the Svensk e-legitimation (Swedish Electronic Identity) quality mark.

Freja eID can be used to sign documents in accordance with the EU’s cross-border digital identity regulation (eIDAS). It also makes it possible for those with limited access to electronic identity schemes—such as recent immigrants—to use Freja eID at the basic level.

Signicat has added Freja eID support into the Signicat Digital Identity Platform and will resell Freja eID acceptance as part of the commercial arrangement. Through the Signicat platform, its customers will have access to Freja eID users through the same interface.

Gunnar Nordseth, CEO Signicat, comments:
“Signicat is pleased to be working with Verisec and to add support for Freja eID and Freja eID+ to the Signicat Digital Identity Platform. By supporting Freja eID we give our customers a new digital identity method for use in combination with all those we already support across Europe. Signicat fully supports Freja eID for authentication, customer on-boarding, and to digitally sign documents.”

Johan Henrikson, CEO Verisec, comments:
“Signicat, as an established digital identity service provider (DISP) in Europe, represents a new and important partnership for Freja eID, supporting its use across the region. For many major players in the banking, finance, insurance and eCommerce, Signicat is the preferred provider of electronic identity and signature solutions.”

For more information, please contact:
Johan Henrikson, CEO Verisec AB
Mobile: +46 733 45 89 02
E-mail: johan.henrikson@verisec.com

For more information, please contact:
CCgroup for Signicat
signicat@ccgrouppr.com
+44 203 824 9200

About Verisec
Verisec AB (publ) is a company on the cutting edge of digital security, creating solutions that make systems secure and easily accessible. The company provides a wide range of products and services within its two areas of business: Digital Identity and Information Security. Verisec has global distribution and operations in Stockholm, London, Belgrade, Madrid, Mexico City, Dubai and Frankfurt. Verisec is listed on Nasdaq First North Premier in Stockholm. Erik Penser AB is Verisec’s. Certified Adviser. For more information, please visit www.verisec.com and www.frejaeid.com

About Signicat
Based in Trondheim, Norway, and founded in 2007, Signicat operates the largest Digital Identity Hub in the world, offering the only complete identity platform in the market and trusted to reduce the burden of compliance in highly regulated markets.

With Signicat, service providers can build and leverage existing customer credentials to connect users, devices and even ‘things’ across channels, services and markets transforming identity into an asset rather than a burden. By ditching manual, paper based processes and replacing them with digital identity assurance, customer on-boarding is accelerated and access to services is made simple and secure. Signicat’s Identity Hub is a complete solution to that offers compliance and a route to better customer engagement.

Signicat has over 200 financial services organisations as clients, connects to more than 20 schemes globally and verifies more than 10m identities per month.

For more information, visit: https://www.signicat.com/contact/

Mitek and Signicat partner to improve digital customer on-boarding for financial institutions

Joint offering additionally helps customers to comply with PSD2, AMLD5 and eIDAS regulations

San Diego and Trondheim, June 4, 2018: Mitek (NASDAQ:MITK) a global leader in digital identity verification software solutions, and Signicat, the world’s leading trusted digital identity provider, today announced a partnership to improve the digital customer on-boarding process for Europe’s financial services companies, while helping clients in their efforts to comply with a number of regulations, including PSD2, AMLD5, and eIDAS.

For many European financial services companies, the battle to attract new customers is fierce. With new “challenger” banks emerging and smaller banks looking to capitalise on new technologies to provide a competitive advantage, every step of the customer acquisition process must be streamlined to achieve optimum success.

“At Signicat we commissioned a report, ‘The battle to on-board: The European perspective on digital on-boarding for retail banks’, to understand what consumers across Europe identify as problem areas when it comes to selecting new financial service providers,” said Gunnar Nordseth, CEO at Signicat. “We found that up 52% of European customers abandon the on-boarding process and one of the main reasons for this is the need to present paper-based ID documents. The research further found that 52% of respondents would be more inclined to register for a new service should the on-boarding process be 100% online.”

To compound this, new regulations throughout Europe are forcing institutions to more rigorously identify customers. In addition to AMLD5 and new KYC regulations, eIDAS opens the way for electronic identification and PSD2 places the focus on strong customer authentication. This multi-faceted focus on identity means that current on-boarding processes could become cumbersome and act as a deterrent to potential new customers.

Signicat has integrated Mitek’s Mobile Verify solution into the on-boarding engine within its Digital Identity Platform. This will enable financial institutions across Europe to verify identity documents though capture on a mobile device, and to seamlessly on-board customers.

Mitek’s Mobile Verify solution can verify the authenticity of identity documents by capturing an image with a mobile device and assessing its authenticity. This helps customers to ensure compliance with strict AML and KYC regulations.

“This partnership marks a watershed in the European identity market. Financial institutions can now on-board customers 100% digitally, doing away with the need to visit a branch,” René Hendrikse, VP and Managing Director, EMEA, Mitek commented. “With the arrival of PSD2 and increasingly stringent AML and KYC regulations, the ability to verify customers’ identity digitally is essential. Our partnership with Signicat offers one of the only platforms capable of this.”

“Partnering with Mitek enables us to jointly offer European financial services institutions a customer on-boarding solution that is 100% online. Our customers will not only be able to benefit from Mitek’s Mobile Verify solution, but also Signicat’s secure authentication, electronic signing and archiving of sealed documents, as well as our integration with over 30 public electronic ID schemes and registry lookups,” said Nordseth. “The partnership is designed to remove friction from the customer on-boarding process to ensure financial institutions can effectively compete in the marketplace.”

-Ends-

To download Signicat’s white paper, “The battle to on-board: The European perspective on digital on-boarding for retail banks”, click here: https://www.signicat.com/resources/battle-to-on-board-2-report/

About Mitek
Mitek (NASDAQ: MITK) is a global leader in digital identity verification solutions built on the latest advancements in AI and machine learning. Mitek’s identity verification solutions allow an enterprise to verify a user’s identity during a digital transaction. This enables financial institutions, payments companies and other businesses operating in highly regulated markets to mitigate financial risk and meet regulatory requirements while increasing revenue from digital channels. Mitek also reduces the friction in the users’ experience with advanced data prefill and automation of the onboarding processes. Mitek’s innovative solutions are embedded into the apps of more than 6,100 organizations and used by more than 80 million consumers. For more information, visit www.miteksystems.com or www.miteksystems.co.uk. (MITK-F)

Mitek Contact:
Ann Reichert
Senior Director of Marketing
pr@miteksystems.com

CCgroup
Mitek@ccgrouppr.com
+44 203 824 9200

Mitek Investor Contacts:
Todd Kehrli or Jim Byers
MKR Group, Inc.
mitk@mkr-group.com

About Signicat
Based in Trondheim, Norway, and founded in 2007, Signicat operates the largest Digital Identity Hub in the world, offering the only complete identity platform in the market and trusted to reduce the burden of compliance in highly regulated markets.
With Signicat, service providers can build and leverage existing customer credentials to connect users, devices and even ‘things’ across channels, services and markets transforming identity into an asset rather than a burden. By ditching manual, paper based processes and replacing them with digital identity assurance, customer on-boarding is accelerated and access to services is made simple and secure. Signicat’s Identity Hub is a complete solution to that offers compliance and a route to better customer engagement.
Signicat has over 200 financial services organisations as clients, connects to more than 20 schemes globally and verifies more than 10m identities per month.
For more information, visit: https://www.signicat.com/contact/

Media Contact
CCgroup for Signicat
signicat@ccgrouppr.com
+44 203 824 9200

Podcast

The Global Digital Banker podcast – episode 14 – The global state of digital identity

The Global Digital Banker podcast:

We take a look at the global state of digital identity. From the West we hear from John Erik Setsaas, Identity Architect at Signicat and from the East we hear from Jonathon Thorpe, Head of Identity at the Australian Govt. Digital Transformation Agency.

John Erik Setsaas shares how financial institutions can position themselves at the centre of this technology shift, the opportunities to banks for investing within this space and some great examples of institutions that are leading in market.

Jonathon Thorpe explains the next phase of work for the Digital Identity Framework, the organisations that they are partnering with to implement their solutions and how they build trust and mitigate against risks for consumers.

Listen to the podcast here

Research: Retail banks lose over half of European applicants during on-boarding

  • 72% want bank-led digital identity to ease on-boarding pain
  • 52% would apply for more services if process was entirely digital

Trondheim, Norway, 23rd May 2018 — New research released today reveals that retail banks now lose 52% of potential customers at the on-boarding stage, an increase of 35% in the last two years.

The Battle to On-Board II report was commissioned by Signicat, the world’s leading trusted digital identity provider. The report looks at digital identity and its effect on retail bank on-boarding in the UK, Germany, the Netherlands, and Sweden, and follows up on similar research carried out two years ago.

Banks must comply with Know Your Customer (KYC) and Anti Money Laundering (AML) requirements when on-boarding new customers. This requires personal information to be shared, and identity to be proven. While much of the process can be completed online, in many cases the proof of identity (checking passport, driving license, etc.) phase must be completed in person or documents sent through the post.

The initial 2016 report was focused solely on the UK and found that banks were struggling to on-board consumers thanks to over-reliance on paper processes and a lack of digital identity. 40% of customers were giving up at this last step, frustrated. The new research paints an even bleaker picture across Europe with 52% of respondents admitting abandoning applications. This is more disturbing in the UK where the number rises to 56%.

The 2018 report not only highlights the issue that is preventing customers from completing applications, but also reveals what consumers want to solve the problem. An overwhelming majority of Europeans, 72%, want their banks to offer a fully-digital on-boarding system. This won’t just make them more likely to complete an application, but will also help increase revenue from customers—52% of consumers would be more likely to use additional services from a bank that allowed them to on-board without the need to use paper-based identity. Indeed, the use of digital identity could help gain cross-border customers as the majority of respondents wanted an ID they could use across Europe. This is especially true in Sweden where only 22% did not want this.

Consumers are also clear on who should lead the charge on digital identity. Banks were the number one choice in every country surveyed, trusted to deliver a system over the government or a social media giant.

“The research uncovered some fascinating consumer behaviour around digital identities. It shows that customers that have verified and trusted digital identities are more likely to sign up for more financial products,” said Gunnar Nordseth, CEO, Signicat. “Customers trust banks to supply this identity above governments and social media and in markets where there isn’t a pervasive digital identity scheme, this presents a significant opportunity for banks to increase revenues. Given the potential upside of increased sales, it is clearly worth the banks’ while to explore this further.”

The report The Battle to On-Board II is available for download. It is based on a survey of 4000 consumers across the UK, Germany, The Netherlands and Sweden by Sapio Research.

 

The report is available here:

https://www.signicat.com/resources/battle-to-on-board-2-report/

– ENDS –

 

About Signicat
Based in Trondheim, Norway, and founded in 2007, Signicat operates the largest Digital Identity Hub in the world, offering the only complete identity platform in the market and trusted to reduce the burden of compliance in highly regulated markets.

With Signicat, service providers can build and leverage existing customer credentials to connect users, devices and even ‘things’ across channels, services and markets transforming identity into an asset rather than a burden. By ditching manual, paper based processes and replacing them with digital identity assurance, customer on-boarding is accelerated and access to services is made simple and secure. Signicat’s Identity Hub is a complete solution to that offers compliance and a route to better customer engagement.

Signicat has over 200 financial services organisations as clients, connects to more than 20 schemes globally and verifies more than 10m identities per month.

For more information, visit: https://www.signicat.com/contact/

Media Contacts:

CCgroup for Signicat:

Nicole Louis, Alan Miller

Signicat@ccgrouppr.com

+44(0) 203 824 9205

Exclusive interview with Rabobank: How do the Dutch identify themselves? With iDIN, of course

Wednesday, 16th May 2018, The PayPapers: In 2017, Rabobank and Signicat teamed up to enter the Dutch identity market by providing digital services to businesses and supporting them in servicing their clients.

This joint Digital Identity Service Provider (DISP) offers a range of online login, identity, signature and archiving solutions under the banner of Rabo eBusiness. The Paypers sits down with Alexander Zwart from Rabobank to discuss how Rabo eBusiness developed over the last year and how Dutch consumers prefer to identify themselves.

Could you please provide more details about Rabo eBusiness: what was the idea behind this initiative, what are the groups it addresses, and how is Rabo eBusiness helping these customer groups?

A few years ago, a group of Dutch banks have started iDEAL, a popular payment scheme in the Netherlands, used for online shopping. However, when these banks brought iDEAL to the Dutch market, Payment Service Providers like Adyen or Buckaroo acknowledged that merchants wanted to offer not only iDEAL, but also a wide variety of payment methods, e.g. credit card or PayPal. Therefore, the banks developed this service together, but what they failed to see is that one payment method does not solve all the problems of an online merchant.

Moreover, when the Dutch banks started an online identity scheme, such as iDIN, the question we asked ourselves was: does iDIN solve the whole challenge that merchants face with online identity? We believed that it did not: merchants need more identity options than what the iDIN offered – they required a Digital Identity Service Provider (DISP). We proceeded by looking for PSPs that were already offering identity options in Europe and found Signicat, an experienced and respected DISP in Europe. We wanted to create a solution that would meet identity needs on both sides of the online interaction; both for the consumers who want to identify themselves securely online, as well as for merchants who want to ease the customer’s journey.

So Rabo eBusiness is really a partnership; we have this business together with Signicat and we share its profits. Signicat and Rabobank operate together, both on the product management side, developing the product, as well as on the sales side. We entered the market with a basic proposition, i.e. we offer the possibility of using multiple identity services, like Google login, iDIN, and DigiD – an identity service delivered by the Dutch government, and we plan to expand our product portfolio in the near future.

Does Rabo eBusiness service all industries, or do you focus on specific segments of the market?

On the consumer side, when it comes to the people who use identity, Rabobank has a great coverage in the Netherlands. 94% of the Dutch population have an electronic ID, according to a survey commissioned by Signicat, which will be included in the Battle for Onboarding report that will be launched in May 2018. Of these people, 68 % use their ID to buy financial products.

Our primary focus, therefore, is the financial sector itself. Rabobank is the best launching platform for Signicat, because our customers, i.e. people who buy our products, are already used to identifying themselves via our bank. One of Rabo eBusiness’ first customer was Rabobank itself – Rabobank “bought” the product from itself, and used the identity proposition from Signicat to allow its clients who don’t have a Rabobank ID, but who might have an online ID solution from the competing banks, access the bank’s services.

What made Signicat’s implementation within Rabobank successful? Where there any challenges?

Signicat is very experienced in connecting complex IT parties like Rabobank. The biggest challenge, therefore, was not the part of cooperating with Signicat, yet for Rabobank to take a new look at identity. It took us some time to adapt our architecture to an open structure, accessible for people outside the bank.

Signicat has made connecting with other large parties a very easy experience, and as a result Rabobank is able to smoothly connect with large organizations now. I have mentioned earlier that one of our business focus is the financial services sector; for us financial institutions and insurance companies are a good match.

Therefore, we are proud to announce that we have recently partnered with Aegon, another large financial services provider in the Netherlands, and managed to integrate our solution in their IT systems frictionless due to the Signicat’s experience in connecting large parties.

Thanks to fintechs and challenger banks, incumbent financial service providers are under more pressure than ever for market share. It is critical, therefore, that customers can use applications as smoothly as possible—as any bumps in the road will lead to abandonment. In the Netherlands, what is still needed to drive adoption of identity services?

There are a few challenges ahead; firstly, we need to make identity services as easy to use as the big techs do, both on the consumer and the merchant side. On the consumer side, it is very important that the identity scheme you prefer is offered on all devices, especially on the mobile phone and within an IoT environment. This is why banks have invested a lot in making iDIN available for mobile. On the merchant side, it is important that you can offer a broad set of identity services/schemes to your customers (iDIN, DigiD, Google ID, Facebook ID, etc.), to maximize conversion rates.

Secondly, iDIN needs to be seen as a trustworthy, and preferred means of identifying oneself. However, things are pointing in the right direction: iDIN is used by an increasing number of people and organizations in the Netherlands, increasing the trust and goodwill towards this identity service.

Thirdly, we need to keep on working on the distribution on the merchant side. People have to see it in the market, so that consumers are convinced of its convenience and accessibility, and merchants are assured of its power to increase conversion. Luckily, Signicat has a lot of experience and expertise in creating a smooth onboarding process.

How do you see the identity services space evolving over the next 5-10 years in Europe?

Definitely identity will remain a key topic for the next decade. One can see that governments, companies, and people want to do more online. This makes digital identity increasingly important and will grow tremendously. Moreover, the Signicat research shows that banks are a trusted institution for consumers as their safe house for identity, more than social networks, so there is a big opportunity for banks to take the lead in identity services.

Webinar
For more great insights from Rabobank, Signicat and iDIN tune in on the 30th of May to The Battle to Onboard II webinar, in which they will discuss how you can keep your customers happy with the help of seamless on-boarding og digital identity. Click here to register.

Signicat featured in Lafferty Group’s new Bank-Fintech Partnership report

New research looks in-depth at this growing dynamic, including Signicat’s work with Rabobank

Trondheim, Norway, 27th April 2018—Signicat, the world’s leading digital identity provider, has been profiled in Lafferty Group’s in-depth research on the collaborations between financial providers often seen as rivals: Bank-Fintech Partnerships: Deployment Lessons from Around the World.

The report explores the opportunities available to both banks and fintechs by partnering rather than only competing, and includes 21 detailed case studies. It examines how banks are not just partnering with fintechs in order to provide new services to their customers, but also how banks can learn from fintech culture to solve business issues.

The deep dive into Signicat’s partnership with Rabobank covers the creation of a Digital Identity Service Provider (DISP) in the Netherlands, Rabo eBusiness, designed to replicate the success of BankID in Norway. As the report notes, “there is a gap between the metrics on an eID card and the requirements for digital onboarding of customers in financial institutions that is also sufficient for Customer Due Diligence…Rabobank will offer customers a trusted digital identity that they can then use to access all kinds of other services.”

“At Signicat, we believe that fintech providers and banks are not enemies, and a great deal of potential can be unlocked when they work together,” said Gunnar Nordseth, CEO, Signicat. “We’re delighted that Lafferty has chosen to profile our collaboration with Rabobank as an example of this working in practice.”

The report is part of Lafferty’s Retail Banking 2020 research, and a sample is available here: http://reports.lafferty.com/reports-store/retail-banking-2020-research-service/artificial-intelligence-and-robotics-in-banking.html

About Signicat
Based in Trondheim, Norway, and founded in 2007, Signicat operates the largest Digital Identity Hub in the world, offering the only complete identity platform in the market and trusted to reduce the burden of compliance in highly regulated markets.

With Signicat, service providers can build and leverage existing customer credentials to connect users, devices and even ‘things’ across channels, services and markets transforming identity into an asset rather than a burden. By ditching manual, paper based processes and replacing them with digital identity assurance, customer on-boarding is accelerated and access to services is made simple and secure. Signicat’s Identity Hub is a complete solution to that offers compliance and a route to better customer engagement.

Signicat has over 200 financial services organisations as clients, connects to more than 20 schemes globally and verifies more than 10m identities per month.

For more information, visit: https://www.signicat.com/contact/

Sales Executive

Sales Executive, Norway

Signicat is one of the leading providers of electronic identity and electronic signature solutions in Europe. The company, founded in 2007, delivers online trustbased services to the public and private sector globally.
The solutions fulfill operational capabilities in line with international standards and requirements, such as Privacy, Anti-Money Laundering (AML) and Anti-Terrorist legislation and regulations, as well as Know Your Customer (KYC) requirements for onboarding of new users.

Signicat offers some of the most advanced solutions for electronic identity and electronic signatures. The goal is to enable customers to do business more effectively by delivering great user experiences for the end users and at the same time reduce the risk by using advanced security technology.

The Signicat solutions are used by banks and financial institutions, insurance companies, government agencies and large corporations as well as small and medium sized businesses. Customers trust Signicat with the responsibility of authenticating users, providing electronic signing, identity proofing and document preservation.

Hovedarbeidsoppgaver:
• Ansvar for salg mot nye kunder og partnere i Norge
• Løpende oppfølging av eksisterende kunder
• Utarbeide og forhandle tilbud og avtaler
• Nettverksbygging

Kvalifikasjoner og egenskaper:
• Erfaring med salg/rådgivning eller konsulentvirksomhet knyttet til skytjenester eller annen programvare (crm, erp)
• Erfaring med kontraktsforhandlinger
• God teknisk innsikt og forretningsforståelse
• Evne til å arbeide selvstendig
• Motivert og med «drive»
• Dokumenterte resultater

Signicat kan tilby deg en jobb i et av Nordens ledende fintech selskap. Selskapet har konkurransedyktige betingelser og en rekke goder. Signicat har 95 ansatte fordelt på kontorer i Trondheim (hovedkontor), Oslo, København, Helsinki, Stockholm, Amsterdam og London.

Kontakt: Petter Iversen
Sales Director Nordic,
Tlf 95278678
Petter.Iversen@Signicat.com

Søknadsfrist: 22.04.18

Trusted Digital Identity

The Nordic countries rank high in trust, which means that people have trust in other people. And in organizations. And in the government. Trust is a core part of making a digital identity scheme work. There are countries where the uptake of digital identity is very slow, and one of the reasons is the lack of trust.

“Trust is a fundamental element of social capital – a key contributor to sustaining well-being outcomes, including economic development.” (Cite: Esteban Ortiz-Ospina and Max Roser (2016) – “Trust”. Published online at OurWorldInData.org. Retrieved from: https:/ourworldindata.org/trust)

One problem is of course also the lack of services which accept the digital identity, and as such it is a chicken-egg problem.

Then there is usability. If the digital identity scheme requires a card reader, which you must buy, and install drivers to make it work on a number of different PCs, or make it work with mobile devices or tablets, well, the stage is set for disaster. And if there are no services available, why would users want to set up an electronic Identity (eID)?

If you do not have trust in the government, perhaps due to fear of surveillance, you will also be very reluctant to share personal information online. There are countries with a history of not just surveillance but even eradication of groups of people, so this is understandable.

On the other hand, many people are more than happy to share an abundance of personal details on social media, and seem oblivious that this information is available to a lot of people, including the government. Many people seem to be more than eager to sell their private information in return for targeted marketing, for example through the use of store loyalty cards. Perhaps social media has given the users some sort of comfort, letting users believe that they are only sharing information between friends. We tend to forget that information such as which links we are clicking on, which posts and pages we like and comment on, as well as where we are and which device we are using, is also collected, and used to learn more about us. The sharing of information is motivated by yourself, possibly because you are you are being rewarded by other people liking or commenting on your information . Nobody is requesting the information from you; you are sharing. In return, you get paid in likes, as well as in ads, all the while (consciencly or not) trusting the social media platforms not to mis-use your data.

To make a solution trustworthy, it must be transparent. The user must understand what information has to be shared (e.g. uploading the image of a passport), why this information has to be shared (e.g. to verify who you really are, and to prevent someone from stealing your identity) as well as how the information is being used (for example for the sole purpose of verifying your identity).

The GDPR (General Data Protection RegulatIon: https://www.eugdpr.org/ ) will come into effect in May this year, and is good news for all of us. The GDPR was created to protect the privacy of the user. It is not for organizations. It is not for governments. It is all about protecting how our personal information is being used. The GDPR requires that anybody collecting and using PII (Personally Identifiable Information) also has to obtain consent from the user in order to be able to use their data.

And to show that that they truly mean this, the EU has put some substantial fines on breaches, up to 4% of global revenue. So hopefully, this should make collecting and using personal information more transparent, as well as help restore trust in identity data usage.

Signicat is currently working with some of our large customers to see how consent management can be integrated into our solutions, while at the same time putting as little stress as possible on the user.

Blogpost by John Erik Setsaas, Identity Architect, Signicat

The UK’s second-tier digital identity scheme will lead to a second-tier digital economy

The state of Identity in the UK is far behind that in the rest of Europe, and this is central to the success of consumer-focused fintech and financial services.

Link to the article from International Business Times, Business Fintech, February 15 2018

By Gunnar Nordseth

The UK currently enjoys a dominant position in European financial services, including fintech. London fintech firms have enjoyed £3.5bn of investment over the last five years—more than five times any other European city—with 2017 a record year. The hottest and most digitally advanced companies base themselves in London, with the effect that digitisation is sweeping the financial services market.

The UK attracts the talent, it is home to some of the most technologically ambitious companies in Europe, its regulatory structure encourages innovation and, as a global metropolis, it has the infrastructure needed to facilitate global trade. At first glance the UK is in an enviable position as the rest of the world focuses its attention on the wave of innovation in financial services, but all is not as rosy as it seems.

One key area of infrastructure has slipped through the cracks and now threatens to topple the UK from its perch. The state of Identity in the UK is far behind that in the rest of Europe. It might seem completely unconnected but it is, in fact, central to the success of consumer-focused fintech and financial services. The UK still operates a paper-based identity infrastructure where identity is proven with a passport, driving licence or other item such as a utility bill. This is then checked and verified by hand by someone not necessarily trained to do so. This takes time, is expensive, inefficient and subject to a catalogue of mistakes.

Why is identity central to financial services?

In order to access any financial service, a customer’s identity has to be established and proven to the satisfaction of regulations. Signicat’s survey in 2016 found that 40% of people have abandoned a signup process in the UK because of the time it took and the difficulty in proving their identity. If customers are unable to access services, how are businesses expected to succeed? Financial services companies have made much of being 100% digital, but for the moment access remains a barrier to that goal. In the UK, the vast majority of financial services organisations do not allow for anyone to prove their identity digitally to the satisfaction of regulations. Identity remains analogue and paper-based, relying on passports, driving licenses and even utility bills. A report into bank onboarding by analyst house PAID Strategies found that nearly all high street banks require consumers to go through manual processes for ID—and the only one that did have a digital process didn’t work on smartphones or tablets.

If consumers cannot access financial services digitally, the UK will face two main consequences. Firstly, thanks to the EU’s labour laws, Europe’s population enjoys freedom of movement and the right to work in any member state. As part of this, through the eIDAS regulation, the EU is mandating that electronic identity (eID) schemes are interoperable across the region. This helps with opening bank accounts, applying for mortgages and accessing other essential services. Since the UK does not have an eID scheme that satisfies financial regulations, it will be left out in the cold. If people are unable to open bank accounts, rent or buy properties or use government services, why would they choose to come?

Secondly, this inability to onboard new customers will make the outlook for these businesses rather bleak. For smaller fintech companies, funding and investment will start to dry up with countries that have embraced eID (such as those in Scandinavia, already a hotbed of fintech innovation) reaping the benefits. For the largest financial services firms, the millions spent on becoming digital businesses will be wasted.

GOV.UK Verify to the rescue?

All is not as dark as it seems however. The UK’s digital identity scheme, GOV.UK Verify, was created with big ambitions. In 2015, a business case predicted a 90% success rate for those people and businesses looking to identify themselves through the scheme. It was also predicted that up to 77 different public services would be likely to use the system.

GOV.UK Verify has, to date, fallen well short of these aims. Only fifteen services use it, and only 37% of those who have attempted to create a digital ID have been able to access the service they intended to.

On the face of it this looks like one more government IT failure of the type that so often gets press attention, as lofty goals don’t match the results achieved. But GOV.UK Verify isn’t fatally flawed—it actually needs to be more ambitious in order to succeed.

Unlike other European digital ID schemes GOV.UK Verify is limited to the public sector, does not support financial services and is not interoperable with its continental counterparts. Currently there are no plans to extend the schemes capabilities beyond vague promises with no timeline.

The UK needs to look to digital identity schemes elsewhere; to find success, they need to emulate success. One of the world’s leading digital ID successes is Norway’s Bank ID. Bank ID is used by 3.7m Norwegians, with over a million using the system on mobile. As the name suggests, its original use was for banking products, but this has now extended to signing leases, accessing secure post, and more.

GOV.UK Verify aimed to conquer public services first and then be made available for use by private services, and herein lies the flaw. People simply don’t engage with public services often enough for digital ID to be a regular part of their lives. Filing tax returns and renewing vehicle tax are performed annually, while other services such as renewing driving licenses are only necessary every decade. It’s unlikely that people will remember their credentials with such a long gap between uses. Using GOV.UK Verify won’t be a simple process for most—instead many users will need to go through the rigmarole of resetting passwords and recovering IDs, sometimes via post. If the process of using GOV.UK Verify is so painful, why would anyone want to use it more regularly?

The private sector provides online services people use every day. For example, people use banking for regular tasks such as paying bills, moving money between accounts, and checking their balance. Identity and signing is also common for more than just financial services: signing leases, receiving recorded deliveries and secure post, and proving your age when buying age-restricted items. Using eID for these purposes is far more convenient than the current methods that involve card readers, presenting utility bills or passports.

The new Public/Private Partnership

To make a success of digital identity, it’s vital to have buy-in from those corporations that have already performed the due diligence on so many identities—retail banks. A public/private partnership of government and banks is the only way l to get a digital identity system working across multiple sectors and—a must for success—getting individuals and businesses to see the benefit of such a system and use it.

It’s crucial to build a digital identity system that will be popular with everyone using it as Europe makes efforts to make each country’s digital identity interoperable. The EU’s eIDAS project is a framework where the ambition is that anyone or any business in the EU can safely and securely identify itself to any other business in the EU. eIDAS is part of the EU’s plan to create a digital single market, which aims to “tear down regulatory walls” and make goods and services more universal. If the plan is successful, there’s no reason why a business in Barcelona could not take advantage of an innovative new service created in Tallinn.

The EU estimates that a single digital market could contribute €415 billion per year to the economy and create hundreds of thousands of new jobs. Without a suitable digital identity scheme, the UK will be locked out of this opportunity, and may have to abdicate its financial services crown—a second tier digital identity scheme will ultimately simply mean a second-tier economy.

Gunnar Nordseth is CEO of Signicat.

Har du erfaring med Application Management?

Til Signicats hovedkontor i Trondheim er det nå en ledig stilling som IT Operations Specialist.

Om Signicat

Signicat er en av byens mest spennende gründerbedrifter som har opplevd stor suksess som en av de mest komplette tilbyderne av elektronisk identifikasjonstjenester (e-ID) for det Nordiske og Europeiske marked. Med stort fokus på trygghet og profesjonalitet bistår vi våre kunder med forretningsprosesser, analyser, sikkerhetsvurderinger og teknisk gjennomføring av løsninger knyttet til e-ID. Kontoret i Trondheim består av et ressurssterkt team på vel 40 personer hvor kreativitet og initiativ verdsettes høyt.

Om stillingen

Fornøyde kunder er Signicats viktigste motivasjon og verdi. Viktige forutsetninger for å oppnå fornøyde kunder er å tilby riktige tjenester av høy kvalitet og høyt kompetente medarbeidere. I forbindelse med Signicats ekspansjonsplaner opplever vi flere kunder men også økt etterspørsel blant eksisterende kunder. Vi søker derfor etter en ny IT Operations Specialist, en ny lagspiller som ønsker å være med videre på reisen.

Stillingen som IT Operations Specialist ligger under avdelingen Operations i Signicat. Avdelingen har ansvar for den daglige driften av kjernesystemer, interne systemer samt alt av servicetjenester til våre kunder.

Når det gjelder kjernesystemene er driftsansvaret delt mellom vår driftspartner Basefarm og Signicat. Basefarm utfører oppgaver som OS drift, infrastruktur og colocation tjenester, mens Signicat utfører all applikasjonsdrift. Signicat utfører all drift av interne systemer, som kjører delvis på fysiske servere i eget datasenter og delvis i skyen.

Som IT Operations Specialist vil du få en sentral rolle i vår driftsorganisasjon, og bli en del av et team med høyt kvalifiserte medarbeidere. Hovedoppgaven er å bidra til opprettholdelse av høy tjenestekvalitet og høy oppetid, som igjen bidrar til fornøyde kunder. Viktige oppgaver i denne forbindelse er:

Gjennomføring av daglige oppgaver understøttet av ITIL-prosesser som Release & Deployment, Change, Incident, Problem, Access og Event management
Regelmessig kontakt med våre driftsleverandører og andre partnere av Signicat
2 linje support
Administrasjon av VM-er, last balansering, brannmurer, routing
Tilpasning, videreutvikling og effektivisering av våre driftsrelaterte prosesser
Det er ingen ulempe om du har kvalifikasjoner utover det å håndtere daglige linjeoppgaver.
Du vil rapportere til leder for Operations.

Egenskaper

Listen nedenfor beskriver kompetanseområder og egenskaper/verdier som vi ønsker at du har, og som blir vektlagt i utvelgelsen:

Har minimum bachelor grad fra relevant IT-utdanning
Har flere års erfaring med basis- og/eller applikasjonsdrift
Har jobbet med VMWare og Linux/Apache/Tomcat/Open source plattform
Har erfaring med ITIL eller andre styringssystemer for driftsprosesser
Har erfaring med eller kjennskap til automatisering av driftsprosesser
Har kjennskap til performance testing
Har noe erfaring med applikasjonsdrift på Windows server plattform
Behersker minst ett skandinavisk språk flytende, med gode muntlige og skriftlige ferdigheter
Har gode muntlige/skriftlige engelskferdigheter
Har god serviceinnstilling, og kan representere Signicat på en profesjonell måte
Liker utfordringer og kan løse dem
Er i stand til å ta ledelsen når situasjonen krever det
Er pålitelig og ansvarsbevisst
Er lagspiller med gode samarbeidsegenskaper, målrettet, initiativrik, selvgående og har godt humør

Vi tilbyr

Konkurransedyktige betingelser, og en meget variert og dynamisk arbeidsdag i et internasjonalt miljø som vi er stolte av, innenfor et bransjesegment som er i sterk vekst. Full opplæring og støtte i etableringsperioden vil bli gitt. Vi kan også tilby selvstendig arbeid sammen med trivelige og dyktige kollegaer som gjerne trer støttende til. Vi holder til i nye, lyse og trivelige lokaler i midt i Trondheim sentrum. Vi legger stor vekt på den enkelte ansattes trivsel, og er kjent for vårt gode arbeidsmiljø.

Mer informasjon om stillingen og søknad
Se informasjon på finn.no om hvordan du finner mer informasjon og hvordan du søker: https://www.finn.no/job/fulltime/ad.html?finnkode=112691881

Innovation Horizon2020

Signicat secures second round of Horizon 2020 funding to develop ID Assurance as a Service

Signicat secures second round of Horizon 2020 funding to develop ID Assurance as a Service

Oslo, Norway, 25th January 2018 – Signicat, the first and largest identity assurance provider in the world, has secured phase two funding from the EU’s Horizon 2020 programme, the framework for funding research and innovation. The funding will be used to further develop Signicat’s IDAaaS (Identity Assurance as a Service) toolbox for use across Europe—helping to create a single digital identity market for Europe, one of the European Commission’s priorities for the latter half of the decade.

ignicat’s IDAaaS service will enable financial service providers and other businesses across Europe to verify the identity of a new customer—either an individual or an organisation—using electronic identity (eID) and digital verification of paper ID, as well as other technologies including registry lookup, facial recognition, and other innovations. This means businesses can comply with complex KYC (Know Your Customer) requirements, while still offering simple, digital on-boarding to their customers.

The grant follows the completion of phase one, undertaken by Signicat and funded by Horizon 2020 in December 2016. This analysed the need for and applicability of digital on-boarding in selected countries. Working with Innopay, Signicat discovered that on average, European eID schemes provide 69% of the information that financial institutions need in order to on-board a customer wholly digitally, and identified the gaps where Signicat could offer IDAaaS. This new project builds on this work.

“A single digital ID market in Europe is vital so that financial service providers can easily offer their services across borders without the customer struggling to assert their identity. Cross-border digital ID creates greater choice and convenience for the customer, and opens up new markets for financial institutions” said Gunnar Nordseth, CEO, Signicat. “While eIDAS is a step in the right direction, it does not yet go far enough. Our vision is to integrate eIDs across Europe, making on-boarding customers simple for financial institutions and their customers, while still meeting KYC regulations.”

The EU’s eIDAS regulations aim to help financial services across Europe meet KYC requirements through digital IDs. While eIDAS provides a standard regulatory environment with different levels of assurance for different levels of risk, it is up to member states to define the tools needed for each level of assurance. This has created a fractured ecosystem lacking consistency across borders.

Signicat is the first IDAaaS provider in the world and will develop its IDAaaS toolbox to meet the requirements in more countries, integrating identity assurance across Europe. As well as creating new business opportunities for Signicat in new markets, this will help the Financial Services industry develop as a single digital market.

Horizon 2020 is part of the Innovation Union, a Europe 2020 flagship initiative aimed at securing Europe’s global competitiveness.

-ENDS-

About Signicat
Based in Trondheim, Norway, and founded in 2007, Signicat is the first and largest Identity Assurance Provider in the world, providing regulated markets with the technology to create mutual trust between organizations and their potential customers.

With Signicat, service providers can build and leverage existing customer credentials to connect users, devices and even ‘things’ across channels, services and markets transforming identity into an asset rather than an obstacle. By ditching manual, paper based processes and replacing them with digital identity assurance, customer on-boarding is accelerated and access to services is made simple and secure. Service providers can rapidly grow market share, easily acquire new customers, and ensure compliance with financial, privacy and data protection regulations including AML and KYC.

Signicat has the technology to connect the market, the expertise to scale the systems, and the experience to build the trust.

For more information, visit: www.signicat.com

Media Contacts
CCgroup for Signicat
signicat@ccgrouppr.com
+44 203 824 9200

B2B functionality

Signicat Signature B2B functionality

Electronic signatures with B2B functionality

The use of electronic signatures is becoming more common. Typically today, an electronic signature is initiated, based on some end-user action, such as requesting a loan, leasing a car, requesting a money transfer and more. The user will be redirected to the signature interface, where he or she can immediately read through the document(s), and add the signature by performing an authentication. Alternatively, an e-mail is sent to the user, which links to the document(s) to be signed. These are typical B2C scenarios, and as said, becoming more and more common.

Electronic signatures B2B versus B2C

Electronic signatures in a B2B scenario differs from B2C signatures in several aspects. The main legal change, is that the document is signed by an organization (often called a legal person) instead of a (natural) person. But in the end, a person will have to sign, on behalf of the organization. This often means that the person doing all the initial work, may not be the same as the person adding the signature.

At Signicat we have extended Signicat Sign with B2B functionality making it possible to handles this every day scenario, where somebody else needs to sign the document bundle than the person making the documents ready for approval. This means that when an employee receives a signature request, and determines that he or she is not authorized to sign on the document, the request can be sent do another employee. It is also possible for the user to sign first, and then forward to another employee.

Another issue with B2B signing is knowing if the signer of a business signature is authorized to sign on behalf of the company. Signicat already has the mechanism for verifying this. After the document is signed, Signicat Sign will be able to verify that the signer is authorized to sign on behalf of the company. Not all countries have digitized the company information needed to verify the signing rights. The challenge is the source of this information. There are many business registries, however the challenge is that the information is mainly created for human consumption, and not very machine friendly. This is something we are working with the info-providers on.

We have implemented support for the business to business electronic signing for customers in Norway and Denmark and are adding new countries as the business information gets available.

Please get in contact if your company also want to make it easy and simple for your business client to do business with you.

Digitization and digital identity

Everybody needs a digital identity

Digitization needs digital identity
Financial services are moving towards 100% digital. But a fully digital financial services ecosystem is impossible unless it is underpinned by digital identity. How can we do digital business if we don’t know the identity of the person on-line, and how can we be digital if we still print lots of paper and send it out by post for signing?

Without interoperable digital identity, digitization will suffer
But digital identity need to be widely deployed to be effective. It also needs to be interoperable. Having separate digital identities for different services becomes too cumbersome and will not encourage digitization.

In some markets, infrastructure that enables sharing of digital identity across multiple services are being built. This type of infrastructure is called a digital identity scheme. A digital identity scheme enables individuals to have a single digitial identity that can be used whenever a service needs to know a verified fact about the user.

A digital identity gap opens up across Europe
Some countries, notably the Nordics, had an early start with digital identity as a common infrastructure since the beginning of the 2000s. Others are catching up, with digital identity schemes initiatives announced in the Netherlands and Germany recently. Still others are in the risk of being left behind without the digital identity infrastructure that is necessary for rapid digitization.

Take for instance the UK.

The UK has a dominant position in the financial services market and the fintech industry, and ties with Singapore in the top spot of Deloitte’s list of best fintech cities. This position could be endangered by the lack of a widely used, interoperable digital identity.

The UK does have a digital identity scheme, GOV.UK Verify, but it is under-used and has failed to meet key targets. Unlike other digital ID schemes such as those in Norway, Sweden, and the Netherlands, it is limited to the public sector, does not support financial services and is not interoperable with its European counterparties. Plans to remedy its shortcomings are vague.

This lack of digital identity is already having an effect: A recent study confirms that the UK’s digital infrastructure has fallen behind countries such as Germany and Spain

Slipping behind in digital identity carries real risks for the UK’s digital economy. Without the right digital identity system it will be tricky, if not impossible, for UK-based companies to operate in the EU, and vice versa. This will relegate the UK’s digital economy to a ‘second tier’, incompatible with one of its biggest partners.

Digital identity schemes need public-private partnership to succeed
If the UK wants to correct this course, it needs to rethink its approach to identity for the digital age. One of the experiences from the early adopters of digital identity schemes is that they stand little chance of success if they are limited to the public sector. The high volume use cases such as payment need to be included to drive adoption rate. The approach of a bank-led public-private partnership should be explored, and GOV.UK Verify needs to start to align with the commercial needs of the UK banks if it is to take off.

Norway-headquartered Signicat has unique experience of digital identity, supporting public identity schemes across Europe including Norway’s Bank ID, and is a world leader with 150 Million uses by the public of their digital identity platform. The company has been tasked by the EU’s Horizon 2020 innovation project to help deliver the EU’s vision of a digital economy underpinned by a single digital ID market.

Blog post by Gunnar Nordseth, CEO, Signicat

Sales Executive

Sales Executive, Stockholm

Sales Executive, Stockholm

Signicat är en av Europas ledande företag av molnbaserade elektroniska identitetstjänster och elektroniska signaturer. Signicat gör det enkelt att erbjuda inloggning, identifiering och elektroniska signaturer för webb- och mobillösningar, och stöder olika nivåer av autentisering beroende på kundens krav.

Signicat Sverige genomgår en kraftig tillväxtsatsning och söker stärka upp säljkontoret med en driven Sales Executive för att bearbeta nya kunder. Signicat är per idag starka inom bank, finans och försäkring. Fokus för den nya säljaren är att skapa foot print inom andra branscher och öka marknadsandelarna gentemot stora företag med behov av att digitalisera sin verksamhet. Din uppgift består i att prospektera, boka möten och genomföra interaktioner med nya kunder.

VI ERBJUDER:
– Ett arbete i en bransch som är i framkant
– Snabba beslutsvägar, platt organisation
– Entreprenöriell känsla
– Stor frihet under ansvar
– Marknadsmässig lön och teambonus
– God teamkänsla

OM DIG:
– Minst 3 års erfarenhet av B2B försäljning med fördel inom SaaS eller Payments
– God kunskap och intresse för IT och Digitalisering
– Erfarenhet av egen prospektering och att hålla möten på C-Level
– Starkt inre driv, orädd med skinn på näsan
– Vana av att jobba självständigt och att se möjligheter och våga fatta beslut

Vi söker dig som är en kommunikativ och lösningsorienterad affärsman/affärskvinna. Du är driven, har en stark initiativförmåga, är förtroendeingivande och har en naturlig affärsmässighet. Du är van vid att skapa resultat genom högt tempo, aktivitet och strukturerad bearbetning av marknaden.

I denna rekrytering samarbetar vi med SalesOnlys rekryteringskonsult Sara Sjölund. Önskas ytterligare information kring tjänsten är du välkommen att kontakta Sara på sara.sjolund@salesonly.se.

Alla ansökningar och kontakter behandlas konfidentiellt. Urval och intervjuer sker löpande varpå vi ser fram emot din ansökan så snart som möjligt.

Välkommen att söka här via länken!

Signicat är en av Europas ledande leverantörer av elektronisk identitet och elektronisk signatur. Företaget grundades 2007 i Trondheim, där huvudkontoret är placerat. Signicat erbjuder cloud baserade lösningar till både privat och offentlig sektor. Signcat har i dagsläget kontor i Norge, Sverige, Danmark, Finland, Holland, UK och Portugal men expanderar kraftigt och öppnar upp i nya länder succesivt. Signicat är idag den i särklass största leverantören av BankID i Sverige. Signicat erbjuder både signering och verifiering med BankID och BankID för mobiltelefoner. Målet är att hjälpa kunder leverera tidsbesparande och användarvänliga digital förtroende lösningar till sina slutkunder. Signicat lösningar används av banker, finansiella institutioner och försäkringsbolag, samt även myndigheter och stora och medelstora företag i olika branscher. Signicat hanterar autentisering av användare, erbjuder elektronisk signatur, användaridentifiering och bevarande av dokument. Bland våra kunder i Sverige är Nordnet, Klarna och KRY.

Password security

People don’t like passwords – and vice versa

When was the last time you looked forward to enter your username and password? Never, right? Authentication is a necessary evil which stands between you and what you want to do. Many of us understand why we need authentication, but is it really necessary to enter username and password  all the time? Popular services like Facebook, Google, Yahoo and LinkedIn, can have you logged in over long periods and allows you to be remembered on your devices. This sets expectations for how we want to interact with services and sets the bar for what a good user experience is.

The user expects quick access to an application. More than five seconds is not acceptable

In the digital world, people always value convenience over security, in most cases without realizing this. We use weak passwords (which as easy to guess, for example the ever popular “123456”). We use the same password for all applications (which means that an attack on one application may give the attackers access to other applications). We do not lock our mobile device. If we use different passwords, these are written in an open note on the mobile device (I was helping a friend, when I realized that her phone did not have a password, and all the application passwords were stored in an open note called «Passwords». And she didn’t understand why this was a problem). We write down the password and hide it under the keyboard.  Few people enable two-step (i.e. authentication which adds additional security, such as a one-time code to your cell phone, or a code generating application) authentication (this is even true for people with high technical knowledge). And in many cases, the users do not understand that any of this is a problem.

“Nearly one in five enterprise users have passwords that are weak or shared” (www.techrepublic.com)

But still, most of us lock the door to our house and our car. And we do understand that the threat is that somebody can steal our things. However, stealing your digital identity may inflict far more damage. So why have we, as the expert community, failed to communicate this to the users; that protecting your digital assets is equally important, if not more, than protecting your physical assets. The least we can do, is to try to reduce the burden on the user.

Security is seen as the responsibility of the service provider. This is partly correct, but if I am negligent (such as not protecting the password), I can be held responsible. Service providers must ensure that high security is also convenient for the user, and that this is enabled by default.

User input (such as typing your e-mail address and password) on a mobile device is not very convenient due to the small keyboard. It is important to avoid having the user typing in data as much as possible, for example by prefilling the input fields. Unfortunately, most of the eID methods (e.g. BankID in Norway) do NOT support pre-filling, so you have to type in your email and password every time. (A small helpful tip: On your mobile device, create a keyboard shortcut “gma” which enters your gmail address or “phn” which enters your phone number).

The fastest and easiest-to-use applications will win the race, regardless of security. The popularity of the Norwegian Vipps app (which is a person-to-person payment scheme), is based on its simplicity. In Norway, a typical pre-Vipps money transfer required a BankID authentication twice – both when opening the application and when transferring the money. With Vipps you only use your fingerprint once to transfer money.

 

Today it is possible to switch banks in minutes, with no (or very minimal) cost. With more and more self-service taking place, this means that the consumers will flow to the banks with the best and easiest-to-use interfaces, combined with the lowest cost for usage. The banks are pressured to provide cheap and easy-to-use services, as well as being responsible for the security, and brand loyalty can no longer save them from users switching to competition.

“Millennials are far more likely to switch banks than other consumers. Nearly one in five said they switched banks in the last year, with many moving to online-only banks” (www.thefinancialbank.com)

With PSD2 (the European Payment Services Directive 2), the requirement to do SCA (Strong Customer Authentication) will increase. This means that the user will have to authenticate using a two-factor method, much more often than today. To make this as painless as possible for the users, the friction of the authentication must be reduced.

Signicat MobileID is our secure authentication solution, using only a fingerprint or a PIN for authentication. After an app-download and a quick registration process, which involves binding the user’s mobile device to the account using a QR code, the app is ready to use. Whenever a second step authentication is required, the app will pop-up, and user will authenticate with fingerprint or PIN. That’s it. It is also possible to integrate the functionality into an existing business app, using our SDK.

The next generation authentication will be data-driven, and by using machine learning, your cell phone can determine if it is in your possession, and doesn’t even bother you with the fingerprint. This is done by analyzing things like your location (are you in a familiar place), the available WiFi networks (have these WIFI networks been in your vicinity before) and the gyro sensors (is this really you, or is somebody else carrying your phone?). Even more sensors may be added to make this identification even more secure.

Click here to learn more about low friction authentication using Signicat MobileID.

Blog post by Magnus Mauland and John Erik Setsaas, Signicat

PEP lookup as an integral part of Signicat Assure means even stronger identity assurance

Financial institutions are under strict requirements when onboarding clients, regardless of whether this is done digitally, or in the old-fashioned way, by meeting face-to-face. The driver behind this is the AMLD (Anti-Money Laundering Directive), which aims to prevent money laundering and terrorist financing.

One of the checks that has to be performed is checking whether the person being onboarded is a PEP (Politically Exposed Person). PEP is a term describing someone who has been entrusted with a prominent public function. A PEP generally presents a higher risk for potential involvement in bribery and corruption by virtue of their position and the influence that they may hold. there is not a global definition of a PEP. Still people with PEP status are typically politicians, judicial or military officials, senior executives of state owned political parties and important political party officials. PEP status also apply to family member and close associates of PEPs.

Enhanced Due Deligence

When onboarding a user with PEP status, the AMLD requires that EDD (Enhanced Due Diligence) is to be performed. This includes even more extensive background checks of the person.

Signicat has now included PEP check in our Signicat Assure solution. This means that when using Signicat Assure for onboarding digital customers, a PEP check can be performed in the background. Information about the PEP status is returned to the bank (or any organization requesting this information when onboarding). The bank can then execute additional EDD check, which may also be provided by Signicat.

Click here to get more information about Signicat Assure and simple, cost-efficient and user-friendly onboarding.

Blog post by John Erik Setsaas, Identity Architect, Signicat
Twitter: @jsetsaas

Nordic FinTech giants SDC and Signicat drive dramatic rise in digital-only mortgage applications

83% of SDC’s Danish banking clients’ customers now apply using electronic signatures

Oslo, Norway 12 October 2017 Signicat, the first and largest identity assurance provider in the world, and SDC, a full-service IT service partner for the financial sector in the Nordic countries, today announced that 83% of SDC’s Danish banking clients’ customers’ mortgage applications are processed wholly digitally. The fully digital process for application, approval and signing has reduced the time to complete the mortgage process from weeks to days — and sometimes, in markets where consumers have an electronic identity (eID), mere hours. SDC provides financial technology, including system operation and data processing services, to more than 120 banks in Denmark, Norway, Sweden and Faroe Islands.

Signicat’s digital signing solution – Sign – has removed the need for customers to visit their branch to complete a mortgage application. All this is now completed digitally — creating a process that is both fast and convenient dramatically enhancing the customer experience.

The news follows the announcement in June last year that SDC would be using Sign for transnational digital signing across financial service applications. The solution allows SDC customers to offer digital signing containing information on who signed the document, when it was signed, and the signatures validity. Customers in markets with an eID scheme, such as NemID in Denmark, can simply use their eID to sign and receive approval in just hours.

“Financial institutions have invested millions in digital transformation. Digitizing every interaction with customers, from the first mile to the last, is essential to truly capitalise on this investment,” said Gunnar Nordseth, CEO at Signicat. “Our pioneering work with SDC has dramatically accelerated the mortgage application process, resulting in positive customer feedback and, critically, fewer abandoned applications. At a time when revenue generation is more important than ever, banks must provide the fully-digital services customers demand.”

“Applying for a mortgage can be one of the most challenging and stressful processes people face. We wanted to make it as frictionless as possible,” said Nikolai Andersen, Head of R&D Digitization at SDC. “The collaboration with Signicat has created a truly digital-only process and the numbers speak for themselves. Adoption and critically conversion of applications using eSignatures is skyrocketing, especially in markets with eID schemes that accelerate the process. We look forward to exploring other ways our bank customers can benefit from eID schemes in relevant markets.”

SDC’s digital signing solution uses local eID schemes to verify identity. The eID schemes used are Bank ID in Norway and Sweden, and NemID in Denmark, mapping SDC’s footprint.

-ENDS-

About Signicat

Based in Trondheim, Norway, and founded in 2007, Signicat is the first and largest Identity Assurance Provider in the world, providing regulated markets with the technology to create mutual trust between organizations and their potential customers.

With Signicat, service providers can build and leverage existing customer credentials to connect users, devices and even ‘things’ across channels, services and markets transforming identity into an asset rather than an obstacle. By ditching manual, paper based processes and replacing them with digital identity assurance, customer on-boarding is accelerated and access to services is made simple and secure. Service providers can rapidly grow market share, easily acquire new customers, and ensure compliance with financial, privacy and data protection regulations including AML and KYC.

Signicat has the technology to connect the market, the expertise to scale the systems, and the experience to build the trust.

Media contact: signicat@ccgrouppr.com / +44 203 824 9200

About SDC

SDC is an IT-centre providing an all-round service for financial institutions in Scandinavia. Our clientele is made up of over 124 Danish, Norwegian, Swedish and Faroese financial institutions, which are also the owners of SDC.

SDC is based on the philosophy of common solutions for common needs – and the cost saving benefits which go with it. SDC’s services are supplied at cost price to the owning institutions.

SDC’s core business is the development, maintenance, operation and joint purchase of IT solutions for the financial sector. SDC’s services are provided by SDC itself or SDC’s partners in cooperation and sub-suppliers.

For more information, visit: http://www.sdc.dk/
Media contact: Michael Spence ms@sdc.dk / +45 2488 9124

 

Do I need multiple digital identities?

Do I need multiple digital identities?

From my point of view, it is good to have one, and only one, digital identity. And you protect the login information very well. Frequent logins ensures that you are familiar with how to log in, which user name and password, and how to use the second factor. Always authenticating in the same way  reduces friction, as you know exactly what to do. At the same time, this increases security, as you will know exactly how it works, and you will recognize deviations, which may be security attacks and fraud attempts.

Note that I am talking about your digital identity, and how to authenticate, i.e. prove that this digital identity is yours. I would of course like to be able to have different personas using this identity, so I can present a different part of myself to different organizations. This for example depends on whether I use my ID as an employee, as a member of voluntary work or as a private person. But this is not the topic for this blog post.

A word on frictionless. To be completely without friction, you would not have to do anything. The system would automatically recognize you. There are some interesting projects around behavioral biometrics, which are quite promising in this area. More about this in a later post.

Remember John from my previous post? Imagine if he had a separate digital identity for government. Government login is done very rarely, maybe as rarely as once per year, when you do your taxes. It is very probable that John would not remember the procedure for using this ID, nor his password, and maybe not even find his second factor token. This increases friction. As John (like most of us) does his taxes in the last minute, he would not be able to file his taxes on time, or he would occupy the support hotline leaving a bad and expensive experience.

Insurance is another case where login is not done very often, maybe two or three times a year, in some cases when you have had an accident, and need to get in touch regarding this. Having to authenticate in a way you are not familiar with will only increase the user tension.

As pointed out, there are huge advantages of using the same identity for bank identification, which you use weekly or even more often, also for less-used services like government, insurance and health. So how come that in Norway, you can use the same digital identity for multiple different services? Why are other countries struggling  with digital identity? Why won’t users start using it? Why are different schemes used for different purposes, as this is not helpful for the consumers and does not increase security?

One reason is that the Norwegian government and banks managed to work together on this. From the very start, the use of BankID was thought to be used by both the banks, but also for third parties, needing digital identity or signature. And this resulted in a critical mass of users, using BankID for banks, government and others.

On a side note, the only thing which is shared between BankID in Norway and BankID in Sweden is the name. They are completely separate.

Then of course there is the social security number; SSN, which is a number uniquely identifying an individual, and treated differently in different countries. In Norway, the banks are using the SSN as the login ID, and as far as I know, they have been doing this since Internet banking started. As in many countries, the banks MUST have the SSN for tax reasons. The government must know exactly who you are. For the health services, it is very important that our John is not confused with another John, and on and on. So it makes a lot of sense to use this as login identifier. Any Norwegian will be able to recite his or her 11-digit SSN without missing a beat. It does help that the first 6 digits is the date of birth on the format DDMMYY.

As an alternate example, let me use the Netherlands, not because they are doing badly with digital identity, but because there are two schemes emerging: iDIN and DigiD. The latter contains the BSN (the Dutch SSN), and is restricted in usage to government and health insurance only.

Which I personally find strange, as all banks are required by law (for tax reasons) to obtain the BSN of each customer, so the Dutch banks do have this number. This means that if a Dutch bank wants to onboard a new customer, iDIN can be used. However as iDIN does NOT supply the BSN, the customer must also upload a personal identity paper (for example a scan of the passport), to provide his BSN. In the rare situations where I need to use DigiD to log in; will I remember the procedure and the credentials? In any case, friction is increased, and I would claim that security is reduced.

The eIDAS (EU regulation 2014/910) regulation is put in place to let people use their digital identity across countries. There are some claims here that eIDAS will only be used to issue new “local” credentials, which then will be used for logging into one (or more) services in the foreign country. However, then we are back to my initial problem, with having multiple credentials.

From my perspective, always using the same way of logging in, also every time you log in over eIDAS to a foreign service will reduce friction and increase security.

Blogpost by John Erik Setsaas, Identity Architect, Signicat
Twitter: @jsetsaas 

Finnish Trust Network

Signicat registered as “ID-broker” by Finnish Communications Authority

Signicat has been approved to Finnish Trust Network, supervised by Finnish Communications Authority. This means that Signicats customers can utilize our merchant agreements with the TUPAS-banks. Signicat has offered the technical integration to all TUPAS banks for almost 10 years now, but the customers have been obligated to make separate contracts with each TUPAS banks. Now with one single contract, Signicat adds significant value to its customers; expected savings in transactional costs are 60-70%.

Signicat is now in progress to make all the agreements with TUPAS banks and will contact each customer individually to agree the migration details. For customers starting in Finland, we are already making agreements which makes it easy to test the solutions and then make the switch over to production when Signicat has all the TUPAS-agreements in place.

Please find our contact details here.

More information about FTN can be found from here.

One identity hub for Europe’s banks

 

Gunnar Nordseth, CEO, Signicat

Over the past 10 years, the Norwegian digital identity solutions pioneer, Signicat, has built and expanded the first cross-European Identity Hub for Europe’s 4,000 banks. Around 200 banks have already joined the hub.

Article from the official Money20/20 magazine MoneyMag by Michael Juul Rugaard, Norfico

One of the common characteristics of regulatory initiatives is how identity  is  increasingly  taking centre stage. This is unquestionably a reflection of a larger trend as expressed in David Birch’s book Identity is the New Money and in an interview in 2014 where he says, “Looking at the situation now,  you can’t help thinking that maybe some kind  of  Single  European  Identity Area would have made more sense that a Single Euro Payments Area.”

To enable banks and other players further to realise their digital ambitions by leveraging the existing eID solutions or by delivering their own, Signicat has built a dedicated identity on demand platform. With this in place, Signicat has established itself as Europe’s leading ‘Digital Identity Service Provider’ or simply ‘DISP’. One of the features of the DISP platform that will be of critical importance in the light of PSD2 is its ability to enable banks to handle the new requirements for Strong Customer Authentication (SCA).

PSD2 leading the way

Looking specifically at PSD2, one of the main themes of the comprehensive EU directive is authentication, which is all about the ability to verify a certain digital identity. Article 97 of PSD2 imposes Strong Customer Authentication (SCA), which means at least two-factor authentication, in all online-transactions  going forward.

Implications for the banks

These new SCA requirements are expected to have important implications for European banks for two reasons:

Firstly, the banks are by default liable and responsible for the handling of SCA in accordance with PSD2-related transactions made by Third Party Providers (TPPs) – whether PISPs or AISPs. Secondly, the number of SCA transactions is expected to increase massively as a direct consequence of PSD2 as soon as the directive is fully implemented and the TPPs have had some time to promote their new services (AIS and PIS) across Europe.

Gunnar Nordseth, CEO of Signicat, is prepared to help the European banks handle the PSD2 Strong Customer Authentication (SCA) requirements by providing ‘Authentication as a Service’ through the company’s cross-European DISP. Gunnar Nordseth explains:

“SCA is certainly an issue that European banks need to be prepared for – and the sooner, the better. The largest and most innovative European banks are already preparing, but this is just the tip of the iceberg and the vast majority of Europe’s banks still need to plan for the future handling of SCA. The problem is that they must comply and they have quite limited time to do so.”

All banks in Europe share this same challenge, which is to handle SCA in the most efficient, flexible, user-friendly and cost effective way. Yet SCA is not one of their core  competencies.

Authentication as a Service

This scenario obviously creates an opportunity for a specialist to step in and offer a pan- European ‘Authentication as a Service’ solution, which will effectively ease the banks’ SCA pains and enable them to focus on their core businesses.

“This is exactly what we are doing at Signicat. Based on ten years of experience working  with two-factor national eID schemes, we have developed our DISP platform as an online identity hub. This DISP platform offers Identity On Demand services for customers, regardless of geography or eID,” Gunnar Nordseth says and continues:

“Strong customer authentication is a fundamental part of the DISP platform, which means Signicat is best placed to scale its services to banks all over Europe in need of SCA assistance.

Today, more than 200 European banks and financial institutions, as well as insurance companies and government agencies, are connected to Signicat’s DISP platform. As well as the responsibility of authenticating users, many customers have mandated Signicat to provide electronic signing, identity proofing and document preservation.

Basic DISP services to banks

Under PSD2, Europe’s 4,000 banks will be required to offer SCA services to all authorised Third Party Providers (TPPs), which will require the banks themselves, or their current platform or service providers, to implement and maintain these SCA services. Alternatively, they can choose to outsource the SCA task to Signicat, making use of Signicat’s DISP platform and ‘Authentication as a Service’ solution, thereby freeing up time and resources to focus on their core business. The DISP platform’s main PSD2 related features are its services to identify and authenticate individual customers and to allow siloed information to be accessed by other banking areas. The DISP also opens the possibility for banks to be able to offer identity services to third parties – e.g. to AISPs and PISPs.

Beyond PSD2 – partnering with Rabobank “A common theme for our customers is the need to support all available eIDs in the markets in which they operate, and they do not want to invest heavily in order to implement this,” says Gunnar Nordseth.

Among financial institutions already using Signicat to support their eIDs are Banco Santander, BMW Financial Services and large Nordic region insurance and finance companies like SEB, If Insurance and Tryg.

“The fact that Signicat operates its DISP platform means that our customers can select which eIDs they want to activate and Signicat sets up a service providing access to the eIDs,” says Gunnar Nordseth.

Recently, leading Dutch bank Rabobank announced that it had joined forces with Signicat to launch a Digital Identity Service Provider (DISP) for businesses in the Dutch market. Rabobank wants to utilise the DISP to offer a range of online login, identity, signature and archiving solutions under its own eBusiness banner.

Rabobank initially intends to focus on five customer groups: energy, telecom and insurance companies, healthcare institutions and financial services providers. The idea is that Rabo eBusiness services will make it easy for businesses to enable functions such as onboarding new customers, digitally signing contracts and offering a dashboard for invoices or expense claims.

“What we are doing together with Rabobank is a good example of how Signicat’s Digital Identity Hub can assist not only with PSD2- related SCA compliance services but at the same time offer a bank a uniform way of handling identities across all platforms and channels,” Gunnar Nordseth concludes.

Link to the official Money20/20 magazine here

Signicat wins “2017 Innovation Award” at Smart Security Week!

2017 Innovation Award

We are very proud to get this recognition. The announcement took place in Marseille yesterday evening during the World eID and cybersecurity and Identity World conference 2017. The award was handed over by Detlef Houdeau from Infineon (left in the picture) to John Erik Setsaas, Identity Architect from Signicat (right in the picture).

Link to the webpage with the announcement here

State of the art electronic signatures

As a part of our Digital Identity Service Provider platform (DISP) we find more and more customers realizing the benefits and using electronic signatures to replace paper processes. We have offered electronic signature services for almost 10 years and support signing with eIDs in a vast number of countries. To succeed with electronic signing we think there is three key elements that needs to be in place:

1) A great user experience on any device

People are used to great mobile user experience from their daily interactions with applications and they expect nothing less from your electronic signing processes. You should make it easy to sign documents electronically from your smartphone in a user friendly way and give users the ability to quickly sign documents wherever they are. At Signicat this is a top priority and we continuously try to make our products work better on all devices.

2) Becoming paperless – and staying compliant
The goal with signing documents electronically is to decrease the amount of manual paper process, both for the end user and for your company. The evidence of the signed document is important and you need to be sure that you can prove that the contract was signed in a legally binding way and ensure that the electronic signature is correctly embedded into the document. With over 10 years of evolution, Signicat’s signature solutions gathers and integrates all the needed legally binding data into the document, making it the preferred choice of financial institutions, insurance companies and government institutions.

3)  Integrate once and scale up your digital processes
Whether you are targeting one or multiple countries, you should focus creating digital processes replacing paper processes instead and spend less time integrating and understanding electronic signature technology. By integrating with Signicat, you will get a single point of integration to multiple signing methods, with a vast amount of features ensuring that you are covering your needs for today, and tomorrow. A trend for businesses integrating with Signicat for electronic signing is that they start in one market and gradually expand to multiple markets – seeing the ability to scale their digital business cross border.

Read the latest press release related to this topic; Nordic FinTech giants SDC and Signicat drive dramatic rise in digital-only mortgage applications

Signicat is 10 years this year

Signicat was started in 2007, which means we are 10 years old this year.

During the 10 years Signicat has existed, there has been a rapid development in the use of electronic identity. A combination of forces have driven this development. On the one hand, the desire for digitization of services that previously required physical attendance and manual steps. On the other hand, stricter requirements for security and privacy. As the leading provider of identity services to regulated industries in the Nordics, Signicat has played an important part in this development.

When we started in 2007, the eID market in the Nordic region was just about to take off. All four Nordic countries had their solutions for electronic identity, and after a long introductory phase, the markets were reaching a critical mass both with regard to issued IDs and service providers where the eIDs could be used. In Norway, BankID was the leading solution for electronic identity and the first banks began issuing eID to their customers already in 2003. But it was only when service providers with support for eID began to appear that the usage of eID started to grow rapidly.

Signicat was an early facilitator of the use of eID for banking and financial services. Fully digitized consumer loan processing with eID and eSignature was developed for the online store Komplett.no already in 2005, while Signicat was still a department in the consulting company we were spun out of. Since then, we have helped many other banks and finance institutions with replacing tedious manual procedures with electronic identity and electronic signature.

After more than 10 years of rollout of electronic identity in the Nordic region, there is little evidence that the growth is slowing. New and easy-to-use solutions like BankID on mobile continue to drive growth. In Sweden alone there were more than 2.5 billion logins with BankID in 2016. The potential for digitization is far from exhausted.

But what about Europe outside the Nordic region?

Signicat has had presence in the Netherlands since the autumn of 2015, and since December 2016 also in London. Currently we work with customers in the Netherlands, UK, Germany, Spain and several other European countries. There is no doubt that the use of eID in these countries is not as far developed as in the Nordic countries. Perhaps the level of maturity is about the same as in the Nordic region 10 years ago. The question is whether it will take another 10 years before Europe is on par with the Nordic countries.

I think the answer to this question is “no”. The reason is that drivers that were strong in 2007 have become even stronger over the past 10 years. Electronic identity is in many cases the last missing piece to get full-digitized processes. We have smart phones that can be used for two-factor authentication replacing inconvenient and expensive technologies that required purpose built hardware. On top of this, European initiatives such as PSD2, OpenBanking and GDPR are pushing for better and more widespread solutions for electronic identity.

Signicat’s value proposition to customers in Europe is the same as in the Nordic countries: A single point of connection for easiest access to a wide range of electronic identity services. This is especially important when technology and infrastructure are in rapid development. Our services for the initial proofing of electronic identity are also important in markets where there is no established third party electronic identity infrastructure, as we have in the Nordic countries. The fact that our online services meet or will meet requirements in regulations and directives such as eIDAS, GDPR and PSD2 are also helping users to get started with electronic identity.

For Signicat, the first 10 years have been an exciting journey where we have contributed to making electronic identity a critical community infrastructure in the Nordic region. In the next few years, we hope to be able to repeat this journey, and bring the experience of the first 10 years to the larger European market, making electronic identity just as widespread here as well.

Get in touch!
If you have comments or questions, feel free to contact me either by e-mail or phone:

E-mail: gunnar.nordseth@signicat.com
Telephone:+47 930 60 408

Sommerjobb i Trondheim 2019

UTVIKLERSPIRER ØNSKES TIL UTFORDRENDE SOMMERJOBB

Signicat leverer markedsledende skybaserte løsninger for elektronisk identifisering og signatur. Vi støtter et stort utvalg av nasjonale og selvutstedte ID-typer som gjør det mulig for våre kunder å tilby tjenester på tvers av landegrenser.

Signicat er i kraftig vekst og er kontinuerlig på jakt etter utviklere og testutviklere til hovedkontoret i hjertet av Trondheim.

Vår utviklingsavdeling har nå blitt så stor at vi ønsker å ta inn to studenter fra 4.-klasse på Master eller 2.-klasse Bachelor sommeren 2019. Signicats id- og signaturtjenester er hovedsaklig skrevet i Java, men vi har naturligvis også bruk for noe database- og JavaScript for å få det hele til å snurre. Det siste året har vi også jobbet mye med både testautomatisering og løsninger for å automatisere utrulling av programvare på en enda mer smidig måte. Vi releaser og installerer i produksjon flere ganger i uka, og må samtidig sørge for at kvalitet, sikkerhet, oppetid og ytelse oppfyller strenge krav – både fra myndigheter og fra kunder.

Vi er ikke helt sikre på hvilket konkret prosjekt dere vil jobbe med men vi kan love store utfordringer og mulighet til å lære mye. Dere vil bli plassert i et team som både har variert utviklerkompetanse og tilgang til en UX-designer for å få et best mulig resultat. Det er helt klart en fordel om du har litt programmeringserfaring fra før – enten fra hobbyprosjekter eller fra tidligere sommerjobber.

PS: Hvis du har en god idé til en oppgave som også passer inn i vårt interesseområde, tilpasser vi gjerne sommerjobben til deg. Vi har luktet litt på bruk av maskinlæring/AI for log-analyse, Docker for mer automatisert testing/deployment, og NoSQL-alternativer til MySQL. Vi har med andre ord også bruk for deg som skyr JavaScript som pesten og er mer glad i APIer og databaser.

Søk her innen 31. oktober 2018 og ta kontakt med leder for utviklingsavdelingen, Lars Klemetsaune, på e-post lars.klemetsaune@signicat.com for spørsmål.

An identity fairytale from fantasyland

An identity fairytale from fantasyland

Once upon a time, in a country up North, John had finally decided to buy a new camera, and needed to pay for this. He logged into his bank, and he used BankID to authenticate himself. Within a few seconds the bank recognized John. Of course, John realized that he does not have sufficient funds for this camera (the Sony A9 is not cheap), and needs to borrow the money. He runs through the wizard, enters the amount and the payback time, and then gets a loan contract to sign. The loan contract is signed digitally, using BankID. And immediately he has the money on his account and he can pay for the camera. Again, this payment is authorized using BankID.

Later the same day, John realized that he was running out of his blood pressure medication, and had to get some more. But he couldn’t remember if the last prescription was still valid. So he logged into the government health portal, again using his BankID, and found that indeed, the prescription was still valid, so no need to bother the doctor to have it renewed. John walked down to the pharmacy on the corner, and identified himself with his driver’s license, and got another dose of the medication. As the pharmacy is electronically connected to the central prescription database, the good old paper prescriptions, with the doctor’s unintelligible handwriting are long since history.

Later that night, John had to do his taxes (good thing he got more blood pressure medication), and went to the government portal. Of course again, he used his BankID to log in, and he could then update the tax report, before submitting it.

Verify identity by using BankID

A few days later, John’s camera arrived in the post, and he realized that he should take out insurance. So he logs into his insurance company. Guess what, he uses BankID to identify himself, and adds the camera to his insurance. He also decides that he wants to sell his old camera, and goes to the C2C platform finn.no. He creates an account, and is asked if he wants to be a verified seller. Of course he wants to, and guess what. Again, BankID is used to verify his identity.

(And if John wants to open a new bank account, with another bank, he can use BankID, and his identity is verified. No need to visit a branch. No need to provide additional information. Easy and simple).

Quite a fairytale, right? Well, actually no. The fantasyland I’m describing is Norway, but Sweden, Denmark and Finland, and let’s not forget Estonia, are all on the same page. In these countries, the same digital identity can be used for more and more purposes. It all started with banks. But these days it is used for government, health, insurance and others.

At Signicat we had our first customer on our BankID cloud-service back in 2007. With 10 years of experience in the Digital Identity space we find it our call to spread the fairytale message to rest of the world.

Blogpost by: John Erik Setsaas, Identity Architect
Twitter: @jsetsaas

Download your free copy of Signicats report, “The Rise of Digital Identities” based on exclusive Innopay research.

Please fill in the form below to get your free copy.

As the leading provider of identity services to regulated industries in the Nordics, Signicat has played an important part in this development.

  • European eID schemes provide 69% of ID information needed to digitally apply for financial services
  • 3 European eID schemes provide all the necessary information
  • Digital Identity Service Providers (DISP) are the key to bridging the gap

Oslo, Norway, 22th June 2017 – New research launched today by Signicat, the world’s first and largest identity assurance provider, shows that through electronic identity (eID) schemes in Europe, consumers are closer to being able to apply for financial services 100% digitally, although gaps still exist. The report, “The Rise of Digital Identities”, is based on exclusive Innopay research and looks at how eIDs are currently used to onboard consumers to financial services across seven European countries.

On average, European eID schemes provide 69% of the information that financial institutions need in order to onboard a customer wholly digitally, and three schemes provide all the necessary information. These existing schemes could provide the vital staging point to develop digital identities that enable a truly digital financial services landscape.

Banks are under pressure to reduce costs, increase profits and to comply with ever more stringent regulations. Their customers have, at the same time, moved to embrace digital channels, meaning banks can reduce the number of branches and better target these customers to reduce costs and increase profits. However financial institutions are missing a vital link in the digital chain – onboarding. 40% of consumers have abandoned a bank sign up process because of the time and effort needed. This, combined with the upcoming eIDAS regulation means that financial institutions need to be able to onboard customers 100% digitally.

The paper was developed with research from Innopay, the payments, digital identity and e-business consultant. Innopay surveyed the onboarding landscape across Austria, Belgium, Germany, Luxembourg, The Netherlands, Switzerland and the UK to look at KYC/AML requirements and how available eID schemes map to these requirements. While current schemes do cover the majority of information needed by financial institutions to confirm a prospective customer’s identity, gaps exist.

It found that in Belgium, for example, the eID covers all the necessary attributes but the scheme is only relevant in a consumer-to-government context. In The Netherlands, the bank-operated scheme offers the right coverage but, on its own, won’t satisfy Know Your Customer (KYC) requirements.

To fully verify a customer’s identity, financial institutions must supplement eID information from a variety of sources including national ID schemes, various digital assets and traditional ID documents such as passports. The challenge is that information is not always available, there are inconsistencies across regions and difference stages of onboarding require different levels of assurance, including examination of the physical document. To succeed, institutions must plug the gaps and ensure they have access to the right information in the right geographies.

Gunner Nordseth, CEO at Signicat, said: “As the market becomes more competitive, financial institutions are under increasing pressure to attract and retain more customers but at lower costs. It’s a huge challenge and the old analog process for onboarding has proved cumbersome and outdated. There is enormous scope for digital identities to reduce inefficiencies as well as ease compliance with KYC. But building those identities is a complex task and financial institutions need to create interoperability between regions in a fragmented European landscape.”

Gunnar added: “The real strength lies in combining the various identity information sources to create a complete and validated digital identity. That’s where a digital identity service provider, or DISP, can help. It facilitates connections to the relevant schemes and other forms of verification to build a trusted picture of the customer. Financial institutions can not only comply but also gain a lead in the race to a truly digital future for onboarding.”

– Ends –

About Signicat

Based in Trondheim, Norway, and founded in 2007, Signicat is the first and largest Identity Assurance Provider in the world, providing regulated markets with the technology to create mutual trust between organizations and their potential customers.

With Signicat, service providers can build and leverage existing customer credentials to connect users, devices and even ‘things’ across channels, services and markets transforming identity into an asset rather than an obstacle. By ditching manual, paper based processes and replacing them with digital identity assurance, customer on-boarding is accelerated and access to services is made simple and secure. Service providers can rapidly grow market share, easily acquire new customers, and ensure compliance with financial, privacy and data protection regulations including AML and KYC.

Signicat has the technology to connect the market, the expertise to scale the systems, and the experience to build the trust.

For more information, visit: www.signicat.com

Media Contacts
CCgroup for Signicat
signicat@ccgrouppr.com
+44 203 824 9200

Download your free copy of Signicats report, “The Rise of Digital Identities” based on exclusive Innopay research.

Please fill in the form below to get your free copy.

 

Signicat report maps out Strong Customer Authentication (SCA) requirement for PSD2

Report from Signicat and Consult Hyperion provides industry guidance to comply with requirement central to PSD2

Oslo, Norway, 13th June 2017Signicat, the world’s first and largest identity assurance provider, has released a white paper with Consult Hyperion to prepare financial institutions for the Strong Customer Authentication (SCA) requirement of the second Payment Services Directive (PSD2). The report, “Strong Customer Authentication in Practice – limitations and possibilities with PSD2”, demonstrates the importance of SCA and highlights the implications for identity and authentication to the payments and commerce industries. It also seeks to provide guidance on how to incorporate SCA into existing services.

SCA is being introduced to ensure consumer identities are secure when paying electronically and to guard against fraud. The requirement will come into effect in Q4 2018, six months after the deadline for all EU member countries to implement PSD2 as national law on 13th January 2018. PSD2 mandates SCA for transactions above €30, meaning Two Factor Authentication will be required to verify the transaction. SCA mandates that authentication is based on at least two of the three elements of Knowledge, Possession and Inherence.

Signicat released the report following concern in the industry that SCA could damage business by creating more friction for the consumer at the checkout. Once SCA is triggered, providers will be forced to look for ways to simplify the transaction process either through exemptions or low-friction SCA. The report seeks to guide the industry on how the requirement will work in practice, who will be expected to perform SCA, and puts forward suggestions to minimize the burden of the authentication process for consumers.

“If not done right, SCA will impose a huge burden on consumers forced to endure a painful authentication process when confirming transactions with a retailer,” said Tim Richards, Principal Consultant, Consult Hyperion. “Providers and banks responsible for implementing SCA must look at ways to simplify the check-out process to ensure a smooth transition to SCA in a post-PSD2 world. The aim of this white paper is to set out the intentions of SCA and to identify how the challenges faced can be addressed.”

“All parties in the PSD2 ecosystem face the challenge of creating a frictionless payment experience for consumers,” said Gunnar Nordseth, CEO, Signicat. “With SCA coming into force in 2018, failing to respond is simply not an option. It’s important that banks and third party providers understand their responsibilities and create systems to both comply with PSD2’s SCA requirements and ease the pain of the process for consumers.”

The report, “Strong Customer Authentication in Practice – limitations and possibilities with PSD2”, is available for free download.

-ENDS-

About Signicat

Based in Trondheim, Norway, and founded in 2007, Signicat is the first and largest Identity Assurance Provider in the world, providing regulated markets with the technology to create mutual trust between organizations and their potential customers.

With Signicat, service providers can build and leverage existing customer credentials to connect users, devices and even ‘things’ across channels, services and markets transforming identity into an asset rather than an obstacle. By ditching manual, paper based processes and replacing them with digital identity assurance, customer on-boarding is accelerated and access to services is made simple and secure. Service providers can rapidly grow market share, easily acquire new customers, and ensure compliance with financial, privacy and data protection regulations including AML and KYC.

Signicat has the technology to connect the market, the expertise to scale the systems, and the experience to build the trust.

For more information, visit: www.signicat.com

Media Contacts
CCgroup for Signicat
signicat@ccgrouppr.com
+44 203 824 9200

Download your free copy of Signicats PSD2 White Paper
If you want to read the PSD2 White Paper, please fill in the form below to get your free copy.

The PSD2 White Paper has been produced on behalf of Signicat by Norfico (www.norfico.net) and Consult Hyperion (www.chyp.com)

Press Release: Signicat launches MobileID authentication to meet PSD2 requirements

ID assurance provider now offers multiple authentication methods – including biometric

Oslo, Norway, 30 May 2017Signicat, the first and largest identity assurance provider in the world, has launched MobileID, its mobile authentication product. In addition to offering financial service providers speedy onboarding and identity assurance using a number of digital identity schemes, Signicat now also offers Strong Customer Authentication (SCA) using the end-user’s smart device.

Upcoming PSD2 legislation will demand that many transactions over €30 must be authorized with at least two-factor authentication. MobileID will put financial services providers ahead of this legislation, not only by offering multi-factor authentication, but offering it in a way that is convenient to consumers and will not result in abandonment.

MobileID works by turning a consumer smart device into a security credential. The device becomes the ‘something you have’ factor for authentication, while a PIN code becomes the ‘something you know’ and biometric data such as fingerprints can be used as a third ‘something you are’ factor.

MobileID allows banks and other financial service providers to offer multi-factor authentication without the need to provision additional hardware or demand that customers copy and paste a one-time password from an SMS or a separate application. Instead MobileID harnesses smart device capabilities, including the latest biometrics, to deliver simple but secure access to digital channels.

“A speedy onboarding and application experience is a must for financial services providers who don’t want to lose 40% of their potential customers at this stage,” said Gunnar Nordseth, CEO, Signicat. “Keeping these customers means giving them the best experience possible when accessing services and authorizing transactions – MobileID gives customers that simple experience while meeting PSD2 requirements way ahead of these regulations being adopted.”

MobileID’s features include:

  • Device agnostic, with support for both the latest iOS and Android devices
  • The ability to add existing and future device-based authentication technologies
  • Device and user intelligence, including geolocation, for risk-based authentication
  • An offline mode so the smart device can be used to authenticate without a data connection
  • Defenses against jailbroken devices and debugging attempts

-ENDS-

About Signicat

Based in Trondheim, Norway, and founded in 2007, Signicat is the first and largest Identity Assurance Provider in the world, providing regulated markets with the technology to create mutual trust between organizations and their potential customers.

With Signicat, service providers can build and leverage existing customer credentials to connect users, devices and even ‘things’ across channels, services and markets transforming identity into an asset rather than an obstacle. By ditching manual, paper based processes and replacing them with digital identity assurance, customer on-boarding is accelerated and access to services is made simple and secure. Service providers can rapidly grow market share, easily acquire new customers, and ensure compliance with financial, privacy and data protection regulations including AML and KYC.

Signicat has the technology to connect the market, the expertise to scale the systems, and the experience to build the trust.

For more information, visit: www.signicat.com

Media Contacts
CCgroup for Signicat
signicat@ccgrouppr.com
+44 203 824 9200

 

For more information about MobileID, visit: MobileID