PRODUCT UPDATES

AUTHENTICATION

Wultra Now Supports OIDC — Here’s What It Means for Secure Identity Verification

November 6, 2024
Icons on blue background: user, bank, confirmation check, code flow and connecting lines

We’re excited to announce that our latest update to our mobile token now incorporates OIDC-based activation.

OpenID Connect (OIDC) has become a leading interoperable authentication protocol built on OAuth 2.0, the industry-standard protocol for authorization. OIDC offers tangible benefits for banks, fintech companies, and users alike — to highlight its potential to transform secure identity identification, let’s explore how OIDC works and how our solution is expanding its real-world applications.

How OIDC Works

OIDC enables third-party applications to verify an end user’s identity and gather basic profile information through trusted third-party providers. You’ve likely encountered this protocol when logging into one of many services that use Google, LinkedIn, or Facebook accounts.

While social accounts and emails are common in general verification, these methods aren’t robust enough for businesses in the financial sector that require top-tier security. It’s for this reason that banks and fintech companies turn to more secure methods — like digital bank IDs — that prove a user’s identity while also ensuring full compliance with regulatory standards.

For example, banking customers in the Czech Republic can now verify their identity via OIDC using Bank iD. Similar capabilities extend across Europe, as a growing number of national bank IDs support OIDC, including Finland’s Bank ID (part of the Finnish Trust Network), Belgium’s itsme®, Norway’s BankID, Denmark’s MitID, and the Netherlands' eHerkenning, among others.

Wultra’s Mobile Token: What’s New

Our mobile token — part of our Mobile-First Authentication solution — is linked to the OIDC protocol via standardized API. We offer several methods for activating our standalone mobile token app. Users have the option of activating the mobile token directly through their internet banking, when visiting an in-person branch, when transferring between devices, and with a quick scan of their government-issued ID.

Now, we’re excited to announce that our latest update to our mobile token incorporates OIDC as a new feature. This additional functionality allows users to verify their identity through third-party methods (Web Login). Activating our mobile token via Web Login is simple — here’s what the setup process looks like: 

It’s important to note that this is an example of the process, as the instructions will differ based on a user’s digital bank ID.

Real-World Examples of OIDC in Action

There are a number of important use cases in which Wultra’s OIDC-based authentication can be put to use:

  • Forgotten credentials: If a user forgets their password or login details, they can use OIDC (through a verified third-party account) to regain access.
  • New device activation: When a user gets a new phone, they can seamlessly transfer the mobile token, which prevents any disruptions to their access.
  • Digital bank IDs: As mentioned above, our integration enables users to verify themselves via the array of European digital bank IDs that support OIDC.

Benefits of Using OIDC

In a nutshell, OIDC enhances user experience, supports broad compatibility for easy scalability, and enables banks to meet compliance standards through eKYC. 

  • Positive user experience: The ability to log in with a familiar third-party service makes accessing one’s accounts quicker and easier, reducing login fatigue and enhancing user satisfaction. Minimizing steps results in faster registration, fewer abandoned accounts, and increased engagement.
  • Standardization and interoperability: OIDC is an open standard, which makes it both widely compatible with various platforms and services and easy to implement. Banks and fintech companies can easily scale and adapt authentication systems during various stages of growth.
  • Identity assurance support (eKYC): Through OIDC, banks can implement electronic Know Your Customer (eKYC) processes. This ensures regulatory compliance and aligns with industry standards for identity assurance.

What’s Next for OIDC With Wultra?

The demand for robust identity verification continues to rise, and we’ve risen to the challenge by advancing our mobile token technology with OIDC-based authentication — always keeping the convenience of the end user in mind.

By integrating the OIDC protocol into our mobile token, we aim to help more banks, fintech companies, and other financial service providers leverage verification that’s both secure and user-friendly.

Related articles

CONTACT US

get in touch

Consider partnering with Wultra to meet compliance standards, deliver a secure and seamless user experience, and deliver additional value to your customers while improving your bottom line.

Ondřej kupka
ACCOUNT EXECUTIVE
ondrej.kupka@wultra.com
Picture of Account Executive Ondrej Kupka
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.