Sales Executive

German speaking product manager

We are looking for a Product Manager to be part of our growing activities in German speaking countries. We need a team member who can work together with our German sales- and business development team, to ensure perfect product market fit and contribute to the overall success of our products. It is important that you enjoy working with customers, sales and markets in general, and find it inspiring to develop use cases and solution-stories as a part of the product management process. You will join a team of talented Product Managers, UX designers and Technical Writers. You will work collaboratively with developers, quality engineers, product managers, and usability experts to deliver best in class products for the German market.

Signicat has grown rapidly, and has great ambitions in the future. We are delivering electronic ID-services as a cloud service to several European countries and with 10 years of experience from the Nordic countries we are well positioned to take next step into the German market. We are seeking for highly qualified product manager to our team. Working location: Trondheim (preferred), Oslo or Copenhagen

Responsibilities:
· Handle the local national dependencies of the products
· Ensure optimal product market fit
· Managing parts of the product line life cycle from strategic planning to tactical activities
· Specifying market requirements for current and future products by conducting market research supported by on-going visits to customers and non-customers.
· Driving a solution set across development teams (primarily Development/Engineering, and Marketing Communications) through market requirements, product contract, and positioning.
· Analyzing potential partner relationships for the product in close cooperation with Sales and Business Development
· Handle3rd party contracts related to the products
· Maintain roadmap plans
· Maintain overview of prioritizations including potential risk and consequence analysis.
· Contribute to develop online content like blog posts related to the product area

Requirements:
· Fluent German language – in speech and writing
· Excellent communication skills
· Analytic and innovative mindset
· Familiarity with Agile framework
· Experience with maintaining and developing a product roadmap
· Experience with SaaS distribution model
· High degree of technical understanding

Personal qualities:
· Good cooperation skills
· Positive, polite and pro active
· Enjoy working with new technology
· Innovative thinking and good to ask questions
· Self-motivated

Want to know more?
· Please send an e-mail to Vice president products, Lars Møller Kristensen ( lars.kristensen@signicat.com ) for more questions, or just send your CV and some lines of why you want to be working with us.

B2B functionality

Signicat Signature B2B functionality

Electronic signatures with B2B functionality

The use of electronic signatures is becoming more common. Typically today, an electronic signature is initiated, based on some end-user action, such as requesting a loan, leasing a car, requesting a money transfer and more. The user will be redirected to the signature interface, where he or she can immediately read through the document(s), and add the signature by performing an authentication. Alternatively, an e-mail is sent to the user, which links to the document(s) to be signed. These are typical B2C scenarios, and as said, becoming more and more common.

Electronic signatures B2B versus B2C

Electronic signatures in a B2B scenario differs from B2C signatures in several aspects. The main legal change, is that the document is signed by an organization (often called a legal person) instead of a (natural) person. But in the end, a person will have to sign, on behalf of the organization. This often means that the person doing all the initial work, may not be the same as the person adding the signature.

At Signicat we have extended Signicat Sign with B2B functionality making it possible to handles this every day scenario, where somebody else needs to sign the document bundle than the person making the documents ready for approval. This means that when an employee receives a signature request, and determines that he or she is not authorized to sign on the document, the request can be sent do another employee. It is also possible for the user to sign first, and then forward to another employee.

Another issue with B2B signing is knowing if the signer of a business signature is authorized to sign on behalf of the company. Signicat already has the mechanism for verifying this. After the document is signed, Signicat Sign will be able to verify that the signer is authorized to sign on behalf of the company. Not all countries have digitized the company information needed to verify the signing rights. The challenge is the source of this information. There are many business registries, however the challenge is that the information is mainly created for human consumption, and not very machine friendly. This is something we are working with the info-providers on.

We have implemented support for the business to business electronic signing for customers in Norway and Denmark and are adding new countries as the business information gets available.

Please get in contact if your company also want to make it easy and simple for your business client to do business with you.

Digitization and digital identity

Everybody needs a digital identity

Digitization needs digital identity
Financial services are moving towards 100% digital. But a fully digital financial services ecosystem is impossible unless it is underpinned by digital identity. How can we do digital business if we don’t know the identity of the person on-line, and how can we be digital if we still print lots of paper and send it out by post for signing?

Without interoperable digital identity, digitization will suffer
But digital identity need to be widely deployed to be effective. It also needs to be interoperable. Having separate digital identities for different services becomes too cumbersome and will not encourage digitization.

In some markets, infrastructure that enables sharing of digital identity across multiple services are being built. This type of infrastructure is called a digital identity scheme. A digital identity scheme enables individuals to have a single digitial identity that can be used whenever a service needs to know a verified fact about the user.

A digital identity gap opens up across Europe
Some countries, notably the Nordics, had an early start with digital identity as a common infrastructure since the beginning of the 2000s. Others are catching up, with digital identity schemes initiatives announced in the Netherlands and Germany recently. Still others are in the risk of being left behind without the digital identity infrastructure that is necessary for rapid digitization.

Take for instance the UK.

The UK has a dominant position in the financial services market and the fintech industry, and ties with Singapore in the top spot of Deloitte’s list of best fintech cities. This position could be endangered by the lack of a widely used, interoperable digital identity.

The UK does have a digital identity scheme, GOV.UK Verify, but it is under-used and has failed to meet key targets. Unlike other digital ID schemes such as those in Norway, Sweden, and the Netherlands, it is limited to the public sector, does not support financial services and is not interoperable with its European counterparties. Plans to remedy its shortcomings are vague.

This lack of digital identity is already having an effect: A recent study confirms that the UK’s digital infrastructure has fallen behind countries such as Germany and Spain

Slipping behind in digital identity carries real risks for the UK’s digital economy. Without the right digital identity system it will be tricky, if not impossible, for UK-based companies to operate in the EU, and vice versa. This will relegate the UK’s digital economy to a ‘second tier’, incompatible with one of its biggest partners.

Digital identity schemes need public-private partnership to succeed
If the UK wants to correct this course, it needs to rethink its approach to identity for the digital age. One of the experiences from the early adopters of digital identity schemes is that they stand little chance of success if they are limited to the public sector. The high volume use cases such as payment need to be included to drive adoption rate. The approach of a bank-led public-private partnership should be explored, and GOV.UK Verify needs to start to align with the commercial needs of the UK banks if it is to take off.

Norway-headquartered Signicat has unique experience of digital identity, supporting public identity schemes across Europe including Norway’s Bank ID, and is a world leader with 150 Million uses by the public of their digital identity platform. The company has been tasked by the EU’s Horizon 2020 innovation project to help deliver the EU’s vision of a digital economy underpinned by a single digital ID market.

Blog post by Gunnar Nordseth, CEO, Signicat

Sales Executive

Sales Executive, Stockholm

Sales Executive, Stockholm

Signicat är en av Europas ledande företag av molnbaserade elektroniska identitetstjänster och elektroniska signaturer. Signicat gör det enkelt att erbjuda inloggning, identifiering och elektroniska signaturer för webb- och mobillösningar, och stöder olika nivåer av autentisering beroende på kundens krav.

Signicat Sverige genomgår en kraftig tillväxtsatsning och söker stärka upp säljkontoret med en driven Sales Executive för att bearbeta nya kunder. Signicat är per idag starka inom bank, finans och försäkring. Fokus för den nya säljaren är att skapa foot print inom andra branscher och öka marknadsandelarna gentemot stora företag med behov av att digitalisera sin verksamhet. Din uppgift består i att prospektera, boka möten och genomföra interaktioner med nya kunder.

VI ERBJUDER:
– Ett arbete i en bransch som är i framkant
– Snabba beslutsvägar, platt organisation
– Entreprenöriell känsla
– Stor frihet under ansvar
– Marknadsmässig lön och teambonus
– God teamkänsla

OM DIG:
– Minst 3 års erfarenhet av B2B försäljning med fördel inom SaaS eller Payments
– God kunskap och intresse för IT och Digitalisering
– Erfarenhet av egen prospektering och att hålla möten på C-Level
– Starkt inre driv, orädd med skinn på näsan
– Vana av att jobba självständigt och att se möjligheter och våga fatta beslut

Vi söker dig som är en kommunikativ och lösningsorienterad affärsman/affärskvinna. Du är driven, har en stark initiativförmåga, är förtroendeingivande och har en naturlig affärsmässighet. Du är van vid att skapa resultat genom högt tempo, aktivitet och strukturerad bearbetning av marknaden.

I denna rekrytering samarbetar vi med SalesOnlys rekryteringskonsult Sara Sjölund. Önskas ytterligare information kring tjänsten är du välkommen att kontakta Sara på sara.sjolund@salesonly.se.

Alla ansökningar och kontakter behandlas konfidentiellt. Urval och intervjuer sker löpande varpå vi ser fram emot din ansökan så snart som möjligt.

Välkommen att söka här via länken!

Signicat är en av Europas ledande leverantörer av elektronisk identitet och elektronisk signatur. Företaget grundades 2007 i Trondheim, där huvudkontoret är placerat. Signicat erbjuder cloud baserade lösningar till både privat och offentlig sektor. Signcat har i dagsläget kontor i Norge, Sverige, Danmark, Finland, Holland, UK och Portugal men expanderar kraftigt och öppnar upp i nya länder succesivt. Signicat är idag den i särklass största leverantören av BankID i Sverige. Signicat erbjuder både signering och verifiering med BankID och BankID för mobiltelefoner. Målet är att hjälpa kunder leverera tidsbesparande och användarvänliga digital förtroende lösningar till sina slutkunder. Signicat lösningar används av banker, finansiella institutioner och försäkringsbolag, samt även myndigheter och stora och medelstora företag i olika branscher. Signicat hanterar autentisering av användare, erbjuder elektronisk signatur, användaridentifiering och bevarande av dokument. Bland våra kunder i Sverige är Nordnet, Klarna och KRY.

Password security

People don’t like passwords – and vice versa

When was the last time you looked forward to enter your username and password? Never, right? Authentication is a necessary evil which stands between you and what you want to do. Many of us understand why we need authentication, but is it really necessary to enter username and password  all the time? Popular services like Facebook, Google, Yahoo and LinkedIn, can have you logged in over long periods and allows you to be remembered on your devices. This sets expectations for how we want to interact with services and sets the bar for what a good user experience is.

The user expects quick access to an application. More than five seconds is not acceptable

In the digital world, people always value convenience over security, in most cases without realizing this. We use weak passwords (which as easy to guess, for example the ever popular “123456”). We use the same password for all applications (which means that an attack on one application may give the attackers access to other applications). We do not lock our mobile device. If we use different passwords, these are written in an open note on the mobile device (I was helping a friend, when I realized that her phone did not have a password, and all the application passwords were stored in an open note called «Passwords». And she didn’t understand why this was a problem). We write down the password and hide it under the keyboard.  Few people enable two-step (i.e. authentication which adds additional security, such as a one-time code to your cell phone, or a code generating application) authentication (this is even true for people with high technical knowledge). And in many cases, the users do not understand that any of this is a problem.

“Nearly one in five enterprise users have passwords that are weak or shared” (www.techrepublic.com)

But still, most of us lock the door to our house and our car. And we do understand that the threat is that somebody can steal our things. However, stealing your digital identity may inflict far more damage. So why have we, as the expert community, failed to communicate this to the users; that protecting your digital assets is equally important, if not more, than protecting your physical assets. The least we can do, is to try to reduce the burden on the user.

Security is seen as the responsibility of the service provider. This is partly correct, but if I am negligent (such as not protecting the password), I can be held responsible. Service providers must ensure that high security is also convenient for the user, and that this is enabled by default.

User input (such as typing your e-mail address and password) on a mobile device is not very convenient due to the small keyboard. It is important to avoid having the user typing in data as much as possible, for example by prefilling the input fields. Unfortunately, most of the eID methods (e.g. BankID in Norway) do NOT support pre-filling, so you have to type in your email and password every time. (A small helpful tip: On your mobile device, create a keyboard shortcut “gma” which enters your gmail address or “phn” which enters your phone number).

The fastest and easiest-to-use applications will win the race, regardless of security. The popularity of the Norwegian Vipps app (which is a person-to-person payment scheme), is based on its simplicity. In Norway, a typical pre-Vipps money transfer required a BankID authentication twice – both when opening the application and when transferring the money. With Vipps you only use your fingerprint once to transfer money.

 

Today it is possible to switch banks in minutes, with no (or very minimal) cost. With more and more self-service taking place, this means that the consumers will flow to the banks with the best and easiest-to-use interfaces, combined with the lowest cost for usage. The banks are pressured to provide cheap and easy-to-use services, as well as being responsible for the security, and brand loyalty can no longer save them from users switching to competition.

“Millennials are far more likely to switch banks than other consumers. Nearly one in five said they switched banks in the last year, with many moving to online-only banks” (www.thefinancialbank.com)

With PSD2 (the European Payment Services Directive 2), the requirement to do SCA (Strong Customer Authentication) will increase. This means that the user will have to authenticate using a two-factor method, much more often than today. To make this as painless as possible for the users, the friction of the authentication must be reduced.

Signicat MobileID is our secure authentication solution, using only a fingerprint or a PIN for authentication. After an app-download and a quick registration process, which involves binding the user’s mobile device to the account using a QR code, the app is ready to use. Whenever a second step authentication is required, the app will pop-up, and user will authenticate with fingerprint or PIN. That’s it. It is also possible to integrate the functionality into an existing business app, using our SDK.

The next generation authentication will be data-driven, and by using machine learning, your cell phone can determine if it is in your possession, and doesn’t even bother you with the fingerprint. This is done by analyzing things like your location (are you in a familiar place), the available WiFi networks (have these WIFI networks been in your vicinity before) and the gyro sensors (is this really you, or is somebody else carrying your phone?). Even more sensors may be added to make this identification even more secure.

Click here to learn more about low friction authentication using Signicat MobileID.

Blog post by Magnus Mauland and John Erik Setsaas, Signicat

PEP lookup as an integral part of Signicat Assure means even stronger identity assurance

Financial institutions are under strict requirements when onboarding clients, regardless of whether this is done digitally, or in the old-fashioned way, by meeting face-to-face. The driver behind this is the AMLD (Anti-Money Laundering Directive), which aims to prevent money laundering and terrorist financing.

One of the checks that has to be performed is checking whether the person being onboarded is a PEP (Politically Exposed Person). PEP is a term describing someone who has been entrusted with a prominent public function. A PEP generally presents a higher risk for potential involvement in bribery and corruption by virtue of their position and the influence that they may hold. there is not a global definition of a PEP. Still people with PEP status are typically politicians, judicial or military officials, senior executives of state owned political parties and important political party officials. PEP status also apply to family member and close associates of PEPs.

Enhanced Due Deligence

When onboarding a user with PEP status, the AMLD requires that EDD (Enhanced Due Diligence) is to be performed. This includes even more extensive background checks of the person.

Signicat has now included PEP check in our Signicat Assure solution. This means that when using Signicat Assure for onboarding digital customers, a PEP check can be performed in the background. Information about the PEP status is returned to the bank (or any organization requesting this information when onboarding). The bank can then execute additional EDD check, which may also be provided by Signicat.

Click here to get more information about Signicat Assure and simple, cost-efficient and user-friendly onboarding.

Blog post by John Erik Setsaas, Identity Architect, Signicat
Twitter: @jsetsaas

Nordic FinTech giants SDC and Signicat drive dramatic rise in digital-only mortgage applications

83% of SDC’s Danish banking clients’ customers now apply using electronic signatures

Oslo, Norway 12 October 2017 Signicat, the first and largest identity assurance provider in the world, and SDC, a full-service IT service partner for the financial sector in the Nordic countries, today announced that 83% of SDC’s Danish banking clients’ customers’ mortgage applications are processed wholly digitally. The fully digital process for application, approval and signing has reduced the time to complete the mortgage process from weeks to days — and sometimes, in markets where consumers have an electronic identity (eID), mere hours. SDC provides financial technology, including system operation and data processing services, to more than 120 banks in Denmark, Norway, Sweden and Faroe Islands.

Signicat’s digital signing solution – Sign – has removed the need for customers to visit their branch to complete a mortgage application. All this is now completed digitally — creating a process that is both fast and convenient dramatically enhancing the customer experience.

The news follows the announcement in June last year that SDC would be using Sign for transnational digital signing across financial service applications. The solution allows SDC customers to offer digital signing containing information on who signed the document, when it was signed, and the signatures validity. Customers in markets with an eID scheme, such as NemID in Denmark, can simply use their eID to sign and receive approval in just hours.

“Financial institutions have invested millions in digital transformation. Digitizing every interaction with customers, from the first mile to the last, is essential to truly capitalise on this investment,” said Gunnar Nordseth, CEO at Signicat. “Our pioneering work with SDC has dramatically accelerated the mortgage application process, resulting in positive customer feedback and, critically, fewer abandoned applications. At a time when revenue generation is more important than ever, banks must provide the fully-digital services customers demand.”

“Applying for a mortgage can be one of the most challenging and stressful processes people face. We wanted to make it as frictionless as possible,” said Nikolai Andersen, Head of R&D Digitization at SDC. “The collaboration with Signicat has created a truly digital-only process and the numbers speak for themselves. Adoption and critically conversion of applications using eSignatures is skyrocketing, especially in markets with eID schemes that accelerate the process. We look forward to exploring other ways our bank customers can benefit from eID schemes in relevant markets.”

SDC’s digital signing solution uses local eID schemes to verify identity. The eID schemes used are Bank ID in Norway and Sweden, and NemID in Denmark, mapping SDC’s footprint.

-ENDS-

About Signicat

Based in Trondheim, Norway, and founded in 2007, Signicat is the first and largest Identity Assurance Provider in the world, providing regulated markets with the technology to create mutual trust between organizations and their potential customers.

With Signicat, service providers can build and leverage existing customer credentials to connect users, devices and even ‘things’ across channels, services and markets transforming identity into an asset rather than an obstacle. By ditching manual, paper based processes and replacing them with digital identity assurance, customer on-boarding is accelerated and access to services is made simple and secure. Service providers can rapidly grow market share, easily acquire new customers, and ensure compliance with financial, privacy and data protection regulations including AML and KYC.

Signicat has the technology to connect the market, the expertise to scale the systems, and the experience to build the trust.

Media contact: signicat@ccgrouppr.com / +44 203 824 9200

About SDC

SDC is an IT-centre providing an all-round service for financial institutions in Scandinavia. Our clientele is made up of over 124 Danish, Norwegian, Swedish and Faroese financial institutions, which are also the owners of SDC.

SDC is based on the philosophy of common solutions for common needs – and the cost saving benefits which go with it. SDC’s services are supplied at cost price to the owning institutions.

SDC’s core business is the development, maintenance, operation and joint purchase of IT solutions for the financial sector. SDC’s services are provided by SDC itself or SDC’s partners in cooperation and sub-suppliers.

For more information, visit: http://www.sdc.dk/
Media contact: Michael Spence ms@sdc.dk / +45 2488 9124

 

Do I need multiple digital identities?

Do I need multiple digital identities?

From my point of view, it is good to have one, and only one, digital identity. And you protect the login information very well. Frequent logins ensures that you are familiar with how to log in, which user name and password, and how to use the second factor. Always authenticating in the same way  reduces friction, as you know exactly what to do. At the same time, this increases security, as you will know exactly how it works, and you will recognize deviations, which may be security attacks and fraud attempts.

Note that I am talking about your digital identity, and how to authenticate, i.e. prove that this digital identity is yours. I would of course like to be able to have different personas using this identity, so I can present a different part of myself to different organizations. This for example depends on whether I use my ID as an employee, as a member of voluntary work or as a private person. But this is not the topic for this blog post.

A word on frictionless. To be completely without friction, you would not have to do anything. The system would automatically recognize you. There are some interesting projects around behavioral biometrics, which are quite promising in this area. More about this in a later post.

Remember John from my previous post? Imagine if he had a separate digital identity for government. Government login is done very rarely, maybe as rarely as once per year, when you do your taxes. It is very probable that John would not remember the procedure for using this ID, nor his password, and maybe not even find his second factor token. This increases friction. As John (like most of us) does his taxes in the last minute, he would not be able to file his taxes on time, or he would occupy the support hotline leaving a bad and expensive experience.

Insurance is another case where login is not done very often, maybe two or three times a year, in some cases when you have had an accident, and need to get in touch regarding this. Having to authenticate in a way you are not familiar with will only increase the user tension.

As pointed out, there are huge advantages of using the same identity for bank identification, which you use weekly or even more often, also for less-used services like government, insurance and health. So how come that in Norway, you can use the same digital identity for multiple different services? Why are other countries struggling  with digital identity? Why won’t users start using it? Why are different schemes used for different purposes, as this is not helpful for the consumers and does not increase security?

One reason is that the Norwegian government and banks managed to work together on this. From the very start, the use of BankID was thought to be used by both the banks, but also for third parties, needing digital identity or signature. And this resulted in a critical mass of users, using BankID for banks, government and others.

On a side note, the only thing which is shared between BankID in Norway and BankID in Sweden is the name. They are completely separate.

Then of course there is the social security number; SSN, which is a number uniquely identifying an individual, and treated differently in different countries. In Norway, the banks are using the SSN as the login ID, and as far as I know, they have been doing this since Internet banking started. As in many countries, the banks MUST have the SSN for tax reasons. The government must know exactly who you are. For the health services, it is very important that our John is not confused with another John, and on and on. So it makes a lot of sense to use this as login identifier. Any Norwegian will be able to recite his or her 11-digit SSN without missing a beat. It does help that the first 6 digits is the date of birth on the format DDMMYY.

As an alternate example, let me use the Netherlands, not because they are doing badly with digital identity, but because there are two schemes emerging: iDIN and DigiD. The latter contains the BSN (the Dutch SSN), and is restricted in usage to government and health insurance only.

Which I personally find strange, as all banks are required by law (for tax reasons) to obtain the BSN of each customer, so the Dutch banks do have this number. This means that if a Dutch bank wants to onboard a new customer, iDIN can be used. However as iDIN does NOT supply the BSN, the customer must also upload a personal identity paper (for example a scan of the passport), to provide his BSN. In the rare situations where I need to use DigiD to log in; will I remember the procedure and the credentials? In any case, friction is increased, and I would claim that security is reduced.

The eIDAS (EU regulation 2014/910) regulation is put in place to let people use their digital identity across countries. There are some claims here that eIDAS will only be used to issue new “local” credentials, which then will be used for logging into one (or more) services in the foreign country. However, then we are back to my initial problem, with having multiple credentials.

From my perspective, always using the same way of logging in, also every time you log in over eIDAS to a foreign service will reduce friction and increase security.

Blogpost by John Erik Setsaas, Identity Architect, Signicat
Twitter: @jsetsaas 

Finnish Trust Network

Signicat registered as “ID-broker” by Finnish Communications Authority

Signicat has been approved to Finnish Trust Network, supervised by Finnish Communications Authority. This means that Signicats customers can utilize our merchant agreements with the TUPAS-banks. Signicat has offered the technical integration to all TUPAS banks for almost 10 years now, but the customers have been obligated to make separate contracts with each TUPAS banks. Now with one single contract, Signicat adds significant value to its customers; expected savings in transactional costs are 60-70%.

Signicat is now in progress to make all the agreements with TUPAS banks and will contact each customer individually to agree the migration details. For customers starting in Finland, we are already making agreements which makes it easy to test the solutions and then make the switch over to production when Signicat has all the TUPAS-agreements in place.

Please find our contact details here.

More information about FTN can be found from here.

One identity hub for Europe’s banks

 

Gunnar Nordseth, CEO, Signicat

Over the past 10 years, the Norwegian digital identity solutions pioneer, Signicat, has built and expanded the first cross-European Identity Hub for Europe’s 4,000 banks. Around 200 banks have already joined the hub.

Article from the official Money20/20 magazine MoneyMag by Michael Juul Rugaard, Norfico

One of the common characteristics of regulatory initiatives is how identity  is  increasingly  taking centre stage. This is unquestionably a reflection of a larger trend as expressed in David Birch’s book Identity is the New Money and in an interview in 2014 where he says, “Looking at the situation now,  you can’t help thinking that maybe some kind  of  Single  European  Identity Area would have made more sense that a Single Euro Payments Area.”

To enable banks and other players further to realise their digital ambitions by leveraging the existing eID solutions or by delivering their own, Signicat has built a dedicated identity on demand platform. With this in place, Signicat has established itself as Europe’s leading ‘Digital Identity Service Provider’ or simply ‘DISP’. One of the features of the DISP platform that will be of critical importance in the light of PSD2 is its ability to enable banks to handle the new requirements for Strong Customer Authentication (SCA).

PSD2 leading the way

Looking specifically at PSD2, one of the main themes of the comprehensive EU directive is authentication, which is all about the ability to verify a certain digital identity. Article 97 of PSD2 imposes Strong Customer Authentication (SCA), which means at least two-factor authentication, in all online-transactions  going forward.

Implications for the banks

These new SCA requirements are expected to have important implications for European banks for two reasons:

Firstly, the banks are by default liable and responsible for the handling of SCA in accordance with PSD2-related transactions made by Third Party Providers (TPPs) – whether PISPs or AISPs. Secondly, the number of SCA transactions is expected to increase massively as a direct consequence of PSD2 as soon as the directive is fully implemented and the TPPs have had some time to promote their new services (AIS and PIS) across Europe.

Gunnar Nordseth, CEO of Signicat, is prepared to help the European banks handle the PSD2 Strong Customer Authentication (SCA) requirements by providing ‘Authentication as a Service’ through the company’s cross-European DISP. Gunnar Nordseth explains:

“SCA is certainly an issue that European banks need to be prepared for – and the sooner, the better. The largest and most innovative European banks are already preparing, but this is just the tip of the iceberg and the vast majority of Europe’s banks still need to plan for the future handling of SCA. The problem is that they must comply and they have quite limited time to do so.”

All banks in Europe share this same challenge, which is to handle SCA in the most efficient, flexible, user-friendly and cost effective way. Yet SCA is not one of their core  competencies.

Authentication as a Service

This scenario obviously creates an opportunity for a specialist to step in and offer a pan- European ‘Authentication as a Service’ solution, which will effectively ease the banks’ SCA pains and enable them to focus on their core businesses.

“This is exactly what we are doing at Signicat. Based on ten years of experience working  with two-factor national eID schemes, we have developed our DISP platform as an online identity hub. This DISP platform offers Identity On Demand services for customers, regardless of geography or eID,” Gunnar Nordseth says and continues:

“Strong customer authentication is a fundamental part of the DISP platform, which means Signicat is best placed to scale its services to banks all over Europe in need of SCA assistance.

Today, more than 200 European banks and financial institutions, as well as insurance companies and government agencies, are connected to Signicat’s DISP platform. As well as the responsibility of authenticating users, many customers have mandated Signicat to provide electronic signing, identity proofing and document preservation.

Basic DISP services to banks

Under PSD2, Europe’s 4,000 banks will be required to offer SCA services to all authorised Third Party Providers (TPPs), which will require the banks themselves, or their current platform or service providers, to implement and maintain these SCA services. Alternatively, they can choose to outsource the SCA task to Signicat, making use of Signicat’s DISP platform and ‘Authentication as a Service’ solution, thereby freeing up time and resources to focus on their core business. The DISP platform’s main PSD2 related features are its services to identify and authenticate individual customers and to allow siloed information to be accessed by other banking areas. The DISP also opens the possibility for banks to be able to offer identity services to third parties – e.g. to AISPs and PISPs.

Beyond PSD2 – partnering with Rabobank “A common theme for our customers is the need to support all available eIDs in the markets in which they operate, and they do not want to invest heavily in order to implement this,” says Gunnar Nordseth.

Among financial institutions already using Signicat to support their eIDs are Banco Santander, BMW Financial Services and large Nordic region insurance and finance companies like SEB, If Insurance and Tryg.

“The fact that Signicat operates its DISP platform means that our customers can select which eIDs they want to activate and Signicat sets up a service providing access to the eIDs,” says Gunnar Nordseth.

Recently, leading Dutch bank Rabobank announced that it had joined forces with Signicat to launch a Digital Identity Service Provider (DISP) for businesses in the Dutch market. Rabobank wants to utilise the DISP to offer a range of online login, identity, signature and archiving solutions under its own eBusiness banner.

Rabobank initially intends to focus on five customer groups: energy, telecom and insurance companies, healthcare institutions and financial services providers. The idea is that Rabo eBusiness services will make it easy for businesses to enable functions such as onboarding new customers, digitally signing contracts and offering a dashboard for invoices or expense claims.

“What we are doing together with Rabobank is a good example of how Signicat’s Digital Identity Hub can assist not only with PSD2- related SCA compliance services but at the same time offer a bank a uniform way of handling identities across all platforms and channels,” Gunnar Nordseth concludes.

Link to the official Money20/20 magazine here