When should companies use biometrics?

Secure, fast and safe

BankID with biometrics is based on unique physical characteristics such as facial features or fingerprints, and is a secure alternative, even though the service operates at a lower level of assurance than BankID High, where the end user must use the BankID app or code device and personal password. In addition, BankID with biometrics complies with the EU’s requirements for Strong Customer Authentication (SCA). This requirement ensures that electronic payments are carried out with multi-factor authentication to increase the security of electronic payments.

“The Everyday ID”

BankID thinks of the biometric solution as the “everyday BankID”, because BankID with biometrics can be used for all purposes that do not involve particular risk for the user or the company operating the service. It is up to each individual company to make these risk assessments, in order to determine which BankID method is appropriate in each use case.

For some companies, it may be out of the question to use BankID with biometrics because they are subject to strict industry regulations where the level of assurance is especially important. For others, it may be relevant to use biometrics for login, but not for carrying out transactions, for example if they sell goods in the higher price range that require authentication at a High level of assurance.

A guide

When you are considering whether to use BankID with biometrics, you can follow this guide, which gives you an indication of what to think about when deciding which solution to choose.

Use BankID High when the user is going to

• have access to sensitive personal data – either your own or someone else’s
• sign documents
• change important personal information (such as your registered address, etc.)
  perform actions that require greater user involvement. For example, this could be when the user has to confirm something, such as cancelling a subscription, switching electricity provider, etc.
• carry out transactions that involve an unusually high risk for the user or the merchant, for example due to unusually large amounts

Use BankID with biometrics when the user is going to

• authenticate themselves, for example when logging in to the service
• pay amounts that do not involve large sums
• verify their age
• authenticate with customer service – have users confirm their identity by authenticating with BankID using biometrics
• log in to the app. BankID then ensures a seamless app login using face, fingerprint or PIN. This can give your users extra confidence in the service they are using.

We protect our user accounts with an advanced anti-fraud system so you can be extra sure that only the right person gets access. By using BankID with biometrics for app login, you will also be able to retrieve users’ contact information.