Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Usage of Swedbanks EasyLogin API #318

Open
ghost opened this issue Oct 30, 2014 · 3 comments
Open

Usage of Swedbanks EasyLogin API #318

ghost opened this issue Oct 30, 2014 · 3 comments
Assignees
@goober
Labels
Bank Feature

Comments

@ghost
Copy link

ghost commented Oct 30, 2014

As the personal number is of the sensitive side it would be good if Bankdroid didn't store the personal number if it isn't needed. Swedbank have the EasyLogin API that works as following.

  1. User logs in with any of Swedbank authentication methods
  2. A call to the Easy Login service returns a easy login token which is a randomized token that is in Swedbanks system translated to the personal number of user that is currently logged in.
  3. Next time the user needs to login the easy login token can be sent instead of the personal number.

This means that for Swedbank and Savingsbank only users there is no need to actually store the personal number of the user on the device.
@liato liato added the Feature label Nov 3, 2014
@liato
Copy link
Owner

liato commented Nov 3, 2014

We have a feature that let's the user automatically login to the bank website with the credentials stored in the app. If we implement the EasyLogin authenthication we'd lose that feature and the user experience would suffer.

@liato liato added Bank and removed Feature labels Nov 3, 2014
@liato liato mentioned this issue Nov 3, 2014
Closed
@goober goober added the Feature label Feb 26, 2015
@goober goober self-assigned this Feb 26, 2015
@auno
Copy link
Contributor

auno commented Mar 17, 2015

I just got a notice while logging in to Swedbank using password that that authentication option is being retired some time this year:

"Personlig kod upphör som inloggningsmetod till internet-och mobilbanken under 2015"

This might give some added urgency to this issue.

@auno
Copy link
Contributor

auno commented Aug 11, 2015

I got a further notice from Swedbank that the date is now set to September 3, so less than a month away. Full notice from Swedbank:

Hej,

I linje med Datainspektionens rekommendation kommer banken under 2015 att ta bort personlig kod som inloggningsmetod till internet-och mobilbanken.
Här får du information om hur det påverkar om du använder en eller flera s.k. tredjepartstjänster, t.ex. Tink, Mitt saldo, Bankdroid eller Bankhubben.

Personlig kod tas bort till tredjepartstjänster
Efter 3 september 2015 kommer det inte längre vara möjligt att logga in via tredjepartstjänster med den personliga koden. Använder du en tredjepartstjänst kontaktar du det företaget för att få information om hur du gör för att fortsätta använda tjänsten. Tänk på att dina inloggningsuppgifter är personliga och har till syfte att ge dig tillgång till dina konton och övriga tjänster som du använder.

Har du frågor är du välkommen att kontakta vår support för internet- och mobiltjänster på 0771 - 97 75 12. Öppet alla dagar 07-23 med undantag för storhelger.

Med vänlig hälsning,
Swedbank och Sparbankerna

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@goober goober

Labels
Bank Feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@auno @liato @goober