BankID Secure start in Lime products
What is "BankID Secure start"?
The Swedish e-identification service “BankID” sharpens the requirements on starting an identification or signing process in their applications in order to increase the security and prevent risk of fraud. Details about the requirements, reasons behind and an FAQ is available on https://www.bankid.com/en/foretag/secure-start
What will be changed?
Lime Technologies will build a new version of Lime BankID API and JavaScript application that fully supports “Secure start”. It will no longer be possible to start a BankID identification/signing in someone's BankID app just by providing the personal identity number. Instead, the user can choose to autostart the BankID app on the same device, as where it is requested, or on another device by scanning the animated QR code. The identification/signing can still be locked to a specific personal identity number, for example in authentication or signature processes.
Timeline
1st of January 2024 - New version of Lime BankID API available that fully supports BankID “Secure start”. Documentation is now available at https://bankid.lime-technologies.com/api/v2/docs
10th of January 2024 - New version of Lime Forms available with support for the new Lime BankID API. Lime Forms v2.87.2 have full support for Lime BankID API v2 as well as an updated frontend package.
1st of January - 30th of April 2024 - Adaptation period for services and applications consuming the Lime BankID API.
1st of May 2024 - “Secure start” is required and non adapted services will not be functional
Affected applications and necessary actions
Lime Forms
An upgrade is highly recommended for all customers having BankID enabled in Lime Forms. Contact your customer responsible to schedule it during the adaptation period. Lime Forms v2.87.2 available from 2024-01-10 has full support for Secure start.
Lime Portal
No changes are required for customers using BankID for Lime Portal authentication.
eSign
An upgraded version of Lime eSign will be released in the beginning of 2024 and announced separately to affected customers. Lime Technologies will take care of all necessary upgrades for Lime CRM cloud customers but Lime CRM on-premise customers need to make sure that eSign is upgraded well before 1st of May 2024.
BankID desktop application in Lime CRM
An updated version will be released in February 2024 and communicated separately to affected customers.
The installer portal (För- & Färdiganmälan)
Lime Technologies will take care of all necessary upgrades.
Custom integrations towards Lime BankID API
Customers that have built their own integrations towards Lime BankID API are responsible to redirect the integration towards the new version of the API. The same goes for any necessary UI changes used with the integration. The documentation of v2 of Lime BankID API is now available at https://bankid.lime-technologies.com/api/v2/docs