BankID Phone
The BankID Phone authenticator provides the ability for users to be authenticated using Swedish BankID directly on their phone. It allows for the use of test and production versions of BankID.
BankID version 6 has functionality for authenticating users you are in a phone call with. Using this functionality allows you to start an authentication transaction with a personal number, which the user can fulfill using their BankID app. In the app, the authentication screen will be enriched with information that they are supposed to be in a call with the operator, as well as a way to report if the authentication started without them actually being in a call with an operator. In the Curity Identity Serverthis is implemented using a Back-channel Authenticators , to be used with OpenID Connect CIBA Flow .
Configuration#
The configuration for the BankID Phone back-channel authenticator shares concepts with the regular (front-channel) BankID authenticator .
| Configuration Setting | Description |
|---|---|
allowed-bankid-types | BankID type. See Kinds of BankIDs . |
http-client | The HTTP client used to communicate with the BankID API. |
mode | Test mode or production mode. |
call-initiator | A value that describes who initiated the call. This is used by the BankID app to show information for how the user should proceed. |
user-message | A message to show to the user in the app. The value may be a message-key, or the actual message. The message may be overridden by the client sending a binding message in the authentication request. |
card-reader-type | The allowed card reader type. |
add-extended-bankid-attributes | Whether or not to include extended BankID attributes. |
