Despite the Scandinavian countries being close to one another and similar in nature, they have taken very different approaches to solving the same problem.
Denmark, Norway and Sweden all have different digital solutions when it comes to online signatures. Some are better than others, and it leaves one to wonder why they chose not to collaborate.
In 2002 the Ministry of Science and Technology announced a project competition where the goal was to simplify the system for digital signatures, by only needing one authorisation system to access public services on the internet.
On 1st July 2010, NemID became operational. Since then, it has functioned as the common login system for the Danish banks' online services, and for other public service websites. Gaining access to one's online bank or E-box could now be done through a little piece of paper with a lot of numbers on – keys to the digital services.
Almost eight years later, and Denmark are ready with an app-version of NemID. Behind the app are Finance Denmark and The Danish Agency for Digitization. According to Michael Busk-Jepsen, the Director of Digitalization in Finance Denmark, the app has been made to meet the users where they are. “It simply gives a faster and more comfortable user experience,” he told DR (Danish Radio).
The vision of a mobile app that could maintain all of the keys to access online services was already on the table for Sweden back in 2010. Martin Orgarp, Nordea's in-house futurologist, predicted back in 2010 that a mobile banking app would be the future, but at the time he said, “Mobiles simply aren't mature enough, although the technology is rapidly evolving, and I'm sure we'll have fully fledged security solutions in place soon.”
In 2015, mobile banking (mBanking) became a part of everyday lives for the Swedes, and when the mobile BankID solution became a reality in 2014, 48% of the Swedes enrolled.
Whilst Sweden and Denmark have embraced the one-code-one-signature-system, Norway is more concerned about the risk of being hacked. Norway has BankID, which also covers different self-service sites and banks. However, it uses different codes to make it more difficult for hackers to break into the system.
A demonstration of how easy it is to hack into a one-key system was performed by Version 2 and Ingeniøren in 2011 when they, under a test set-up, acquired login codes from a NemID user by hiding behind a fake library site. Afterwards, they used the information to empty a (test) account.
The new NemID app in Denmark supplies users with access to services and websites such as Netbank, citizen.dk, healthcare.dk, the labour union and the unemployment office. It can be accessed through a four-digit code, fingerprint, Touch ID or Face ID.
Norway supplies its citizens with almost the same as in Denmark, but there is more security on the Norwegian system. A new code is sent every time the user needs to log in.
Safety ElementsWhen questioned on whether the new Danish app was less safe because it combined the two elements into one, Busk-Jepsen answered, “The safety element here is, that the app is provided with a code. The key card is not, so here exactly you have an extra safety layer.” He added that the security of the mobile app was on the same level as the paper key card.
The Counsel for Digital Safety (CDS) agreed with Busk-Jepsen. “We are strengthening the security by doing this, in general. Not that the key card is unsafe, but we are eliminating a lot of the misuse," says Henrik Larsen, board member of CDS.
At present, there are no plans for the Danish paper key card to be omitted and it can still be used as usual.
We believe that information should be free and will therefore never put up a paywall.
If you like reading our reports about the Scandinavian business scene and would like to donate towards the upkeep of the site, we would be very grateful. Click here to donate.