Secure Online Identification Enters a New Phase

Author

Alain Hiltgen

Published

8 March 2024

Reading time

minutes

International standardization is critical to the framework within which Switzerland can operate. Swift and the Technical Committee for Banking of the International Organization for Standardization (ISO/TC 68), in which the Swiss Association for Swift & Financial Standards (SASFS) actively represents Switzerland’s interests, play a key role in payment traffic. International standardization is also of central importance for the Swiss financial center in technological matters, as the example of electronic identities shows. In addition to interoperability and user-friendliness, the focus here is on the security of online identification.

The Key to Greater Security

The "Protected Confirmation" security function represents key technology for digital identity wallets, as envisaged by the European Union with the eIDAS Regulation and Switzerland with the Swiss E-ID. This security function enables the end user to confirm a sensitive transaction or log in to a sensitive service via a trusted user interface while retaining sole control over the confirmation process. This should also be the case with a compromised end device.

This may sound trivial on the surface, but it is extremely challenging. Until now, the technical implementation of this security feature has been too complex, which is why its implementation has been postponed several times. The SASFS therefore supports the standardization activities in this area, which are being promoted by UBS and the Bern University of Applied Sciences as part of an Innosuisse project and are also likely to be important for the E-ID. The Federal Council’s ambi­tious timetable calls for E-ID to be introduced from 2026, in line with EU plans.

Without this security feature, end users could be easily tricked into sharing their securely stored digital identity wallet credentials for fraudulent transactions. For example, fraudsters could fake identification for an innocent activity while accessing online banking in the background.

New Security Feature Proves Its Worth

The practicality of the new security feature was clearly demonstrated in last year’s pilot with the UBS Access App. In addition to this successful pilot with Google, another milestone is now on the horizon: a collaboration with the FIDO Alliance (FIDO = Fast IDentity Online), a California-based non-profit organization that promotes open and royalty-free industry standards for global authentication on the internet. Through the technologies it supports on devices and in browsers, FIDO largely defines the de facto stand­ards of the future and thus the technical possibilities of future online identification solutions.

 

Dr. Alain Hiltgen
Member of the Board, SASFS

Find Out More

Artificial Intelligence: Payment Data that Makes the Difference

Focus

Artificial Intelligence: Payment Data that Makes the Difference

AI has become indispensable in everyday banking. High-quality payment data is critical for personalized experiences and efficient AI applications. Payment enrichment improves data quality and optimizes key processes.

8 July 2026

5 minutes
Dynamic Security for Card Data Protection

Experts

Dynamic Security for Card Data Protection

The PCI DSS 4.0 standard protects credit card data with enhanced security measures such as multi-factor authentication and risk-based approaches. These measures increase the security and transparency of payment transactions.

8 July 2026

4 minutes
"Security Is the Be-All and End-All"

Talk

"Security Is the Be-All and End-All"

Professor Thomas Ankenbrand of the Lucerne University emphasizes the importance of security in payment solutions. In a study, his team shows that eBill scores well in all eleven criteria examined. The closed system of eBill avoids media breaks and thus makes fraud more difficult.

5 December 2024

4 minutes
PSR and PSD3 – An Overview of the Implications

Experts

PSR and PSD3 – An Overview of the Implications

The EU has proposed PSD3 and PSR to revise PSD2. The aims include improving customer authentication, combating fraud and promoting open banking. The new regulations are to apply from 2026 and create harmonized standards for payment service providers.

5 September 2024

5 minutes
The People, the Ballot and the Future of Money

Panorama

The People, the Ballot and the Future of Money

Central bankers like CBDCs, but the risks often outweigh the benefits. In Nigeria, a CBDC has failed despite high approval. In Canada and the EU, interest is low. In Japan and Switzerland, the people will ultimately decide on their introduction.

5 September 2024

2 minutes
Banks Just Before the New Age of Credit Transfers

Focus

Banks Just Before the New Age of Credit Transfers

From 20 August 2024, instant payments will enable immediate and final transfers. Six leading Swiss banks, covering over 90% of payment transactions, are preparing for this. They are developing customer-oriented strategies and integrating instant payments into their systems.

6 June 2024

7 minutes