European Workshop on Trust & Identity

In cooperation with GeantLogo184x80

EIW 2013 Tue Session 3A

Banks and Telcos as strong Identity Porviders in Finland (Business model)

Finnish business case for telco's, banks etc as strong authN providers

Tax calculation is available as on-line service, e.g. for home service employees. FI National ID card has only very low penetration. However, TUPAS provides bank ids as eID service; technically similar to payment. TUPAS provides first and last name and national id – the id contains the birth date as well. TUPAS is provided by 9 banks and their branches. The banks do not federate, so one bank-id cannot be used at another bank.

  • TUNNISTUS.FI is in between as a proxy. (Tax office, social security, ministry of labor). A competing system (VETUMA) is offering almost identical system, run by ministry by state treasury). Both hubs exchange sessions by using common domain cookies.
  • Telcos federate with Tunnistus using ETSI MSS (mobile signature service). There is a SIM toolkit with an SIM app with 2 keys for signature and authentication. (WPKI). Need extra SIM card. One GSM provider rolled out these SIMs some time ago, and allows late binding using BankID.
  • Banks charge 0,35€ per transaction, plus 2 per month to the customer for netbanking.
  • Banks are also using Telco MSS AuthN for login.
  • Issue with foreign users: Netbank users need to get a national ID first.
  • Telcos have infrastructure to sell credit ratings.

 

  • Banks are offering this service where they deliver back the data of the user (provided by the gov) thus saving the cost of not having to dela with that themselves (and with vetting etc)
  • Banks act as IdPs for Gov SPs (via TUPAS and GOV. proxy)
  • Banks charge for handing out attributes to e.g. government
  • Banks Authenticate + give some attributes including first and last name and nationalID
  • Teclo's now also IdP, roaming between Telcos, SIMtoolkit based solution. After pin by user, certificate gets send to sp
  • Why does this not work in other countries?
    • no open interfaces in between banks; authN is bank specific
    • national ID cannot be used as is possible in Finland
    • Banks cannot do anything in every country, there are laws on what a bank is.