Are you ready for DigiD on mobile?

More government institutions are adopting the DigiD log-in procedure and providing a suitable mobile app. DigiD is a safe log-in method but it comes at a cost in ease of use, especially if the user name and password have to be repeatedly typed in from a tablet or smartphone.

Onegini makes it possible to log-in to mobile apps using DigiD

DigiD does not permit the user name and password to be saved in the browser for ease of log-in afterwards. From a security perspective this is a logical restriction. But how does it work with mobile applications? Consumers do not want to start up a mobile app then enter a user name and password each time they log in.

new_002.jpg

This is your challenge?

Your company is one of the following: Government department, The Belastingdienst (Dutch tax office), Gemeenten (city municipalitie) and their partners, Pension fund, The Dutch police, Dutch province, Regional water board, Healthcare provider (including pharmacies), Health insurance company and you want to offer consumers a way to log in to your apps using the digital identification (DigiD) issued by the Dutch government? 

What Onegini offers

With Onegini for DigiD your users can log in safely from their mobile device with, optionally, a PIN code. Your customers complete a one-time registration process and then have secure access to your services. After registration the end user can log in easily with a PIN. Onegini runs security checks to prevent misuse or unauthorized access.

Why Onegini?

We offer a total solution that easily integrates with your current IT infrastructure. Our solution is continuously tested, audited and improved. Trusted solution by many big brand names for protecting their mobile applications and keeping their sensitive data safe.

How does Onegini work with DigiD

DigiD does not permit the user name and password to be saved in the browser for ease of log-in afterwards. From a security perspective this is a logical restriction. But how does it work with mobile applications? Consumers do not want to start up a mobile app then enter a user name and password each time they log in. Onegini Mobile Login offers a solution that is already widely used in the market.

 

 

DigiD flow using Onegini Mobile Security Platform

 

Unique

The unique point about this solution is that the mobile app no longer knows who the end user is. This information remains within your organisation. After connecting the device and choosing a PIN code the end user can log in easily with a PIN, Onegini runs security checks to prevent misuse or unauthorized access.

USPs

  • Ease of use
  • No login details on the device itself
  • Linked to DigiD

Onegini in more detail

Onegini for DigiD increases the security of your mobile applications and so allows you to offer services that normally carry increased risk. The mobile app integrates with Onegini through a standard interface. The Onegini software is easy to install in your own IT infrastructure.

 

1. Server authorization - OAuth 2.0 compliant

Basically the Onegini Mobile Security Platform is responsible for token management tasks such as issuing, revoking, granting of access, and prevention of misuse. Each registration of a new device is stored in Onegini so that you can see how it is being used. This also allows organization wide (de)activation of a specific device.

 

 

Prevention of misuse

The prevention of identity fraud is a complex process that many organizations do not implement. With Onegini you benefit at once from features which are delivered as standard. Onegini logs all events concerning log-in and authorization in an operations data store. These events are analyzed in real-time by our risk-based engine which looks for signs of possible misuse.

Extra authentication (Multi-Factor)

Onegini offers the facility to demand further authentication from the end user in the light of certain events or analyses. This can be done with, for example, an SMS (text), a TAN code, or a PIN code. Only then is the user granted access. Moreover, it is possible to immediately “disconnect” the device. This is essential in the event of a device being stolen.

 

 

2. Monitoring and auditing

All activities to do with logging in, such as connection of the device, logging in, and the management of tokens, are logged. This forms the basis for your organizations monitoring dashboard. It also makes you compliant with the legal requirements for audit-trails.

 

 

3. Management console

An extensive management console is provided for the configuration and administration of the system. From here, administrators can carry out configuration tasks, study event logs, and manage users. Onegini supports various roles including operators, help-desk workers, and administrators, each with their own set of privileges.

 

 

4. API Interface

Onegini offers an extensive set of management and user APIs which are simple to integrate into your own applications or mobile apps. Using this you can for example decide whether end users may disconnect a trusted device.

Onegini Mobile Security Platform Brochure download button