We are increasingly living our lives online. And, because of that, we are handing more and more personal data and sensitive information—credit card details and passwords, for example—over to websites, often without contemplating exactly whether the process is secure.
At Signicat, we understand the importance of security and safety. We are dedicated to ensuring consumers and organisations alike are able to perform tasks in an environment that safeguards and protects private information, while also increasing levels of efficiency and productivity.
TUPAS has been an integral cog in the online authentication wheel for a number of years, but it is soon set to become obsolete. So what exactly is changing and what do the changes mean to your organisation? Here are seven things you should know.
The Finnish TUPAS eID will become obsolete on 30 September 2019, as the transition period of Traficom’s regulation on electronic identification comes to an end in line with EU eIDAS regulation. Under the regulation, the TUPAS protocol will no longer meet the threshold of strong authentication, with organisations that rely on TUPAS for eIDs required to switch to new strong authentication protocols, such as OIDC or SAML 2.0.
The TUPAS protocol—also known as the Finnish Online Bank Identification platform—is a Strong Customer Authentication (SCA) method owned and administered by several Finnish banks. TUPAS identification serves as the primary identification method for Finnish citizens, and has become the de facto standard for digital identification in Finland.
Online bank identification allows online service providers, be they businesses or public bodies, to authenticate their customers through the online bank identification platform by using the online banking credentials issued by participating Finnish banks. The service relies on the same bank-specific identifiers that customers use to access their bank's services and accounts; their online bank user IDs. These IDs can be used across a broad range of services including e-commerce, telecoms, and government eServices.
To be considered a strong authentication method under Finnish law, the protocol must include two of the following three identification methods:
TUPAS doesn't have encryption at the message level so, come 1 October 2019, it will no longer be compliant with EU eIDAS regulation and Finnish law. Secure authentication providers will need to adopt a more advanced and secure protocol.
TUPAS has been operated by the Finnish banks, and required service providers to negotiate contracts and perform integrations with each separate bank they deal with. As no real competition existed, TUPAS authentication was expensive to service providers. The eIDAS regulations provide the government with the opportunity to open up eID services to market competition. To that end, the government has established the Finnish Trust Network (FTN), a framework that allows strong authentication service brokers to resell eID solutions in Finland using a single standardised service contract.
These eID brokers act as intermediaries between the identity providers (banks and telecom operators) and online service providers, which enables them to operate as 'one-stop-shop' resellers of eIDs, as well as giving them the capacity to manage contracts and technical integrations. This new competitive environment has removed the main obstacles to developing strong identification services by:
With TUPAS coming to an end, all businesses and services that use strong authentication will be required to switch to the new, more secure eID protocols, such as OIDC and SAML. The first decision they need to make is whether to rely on the Finnish banks for this service, or sign up with an FTN approved eID broker.
The benefits of using an eID broker over the banks are clear, as we demonstrate below:
The bank option
The eID broker option
Signicat is the recognised leader in the Nordic digital identity market and is considered a key enabler for the digital economy. Some of the benefits include:
Want to learn more about the Finnish Trust Network? Download our latest eGuide below.
Solutions Marketing Manager at Signicat
June 17 2019