Content of BankID Release

The content of this release is summarized in this chapter.

BankID Web-client

There are two major changes to the BankID Web-client in this release, both of which are made in order to comply with the PSD2 regulation:

  • The One Time Code, which was previously shown in clear text, has been masked;
  • The Show button, which was previously available in the password input field, has been removed.

Furthermore, new functionality in the BankID 2.1 signing client has been added as follows:

  • Support for pinch to zoom on touch devices when displaying PDF documents to be signed;
  • The showConfirmation flag now works in the same manner for both single document and multi document signing.

Additionally, for merchants using PAdES signing, the Web-client now has new functionality supporting this signing mode.

Please see the WebUDD [WEBUDD] for more details about the Web Client. 

BankID on mobile

There are no changes introduced to BankID on Mobile in this release. 

BankID Server

BankID Server (both the C and Java version) has been extended to support PAdES-signing of PDF documents. The validation data and visual seals that can be embedded in PAdES-documents, can either be generated by the BankID COI (so-called turnkey flows), or by the merchant application (so-called self-assembler flows).

The new PAdES flows support signing documents by both the merchant and the end-user, or only by the end-user.

Maintenance updates:

  • The Bouncy Castle version used in BankID Java Server is upgraded to 1.60
  • Java Server is built with Java 1.8
  • Bug fixes
  • C Server JNI API updated to support all new functions for PAdES generation

Please read BankID Upgrade Guide BankID C and Java Server for details.

BankID Client Proxy

The Client Proxy has been upgraded to support PAdES, resulting in three supported signing modes:

  • Parallel mode (legacy SEID-SDO)
    • Legacy multi document BankID signing, supporting PDF, XML and TXT
    • Parallel signing of documents
  • Turnkey mode (PAdES)
    • Serial signing. Visual seals and document assembly is managed by the ClientProxy
    • Optional visual seals
  • Self-assembler mode (PAdES)
    • Serial signing. Visual seals and document assembly is managed by the merchant server through callbacks

Maintenance updates:

  • Upgraded Java version to 8
  • Upgraded Jetty to 9.4, Cassandra to 3.x
  • Upgraded misc. dependencies
  • Various bug fixes

PAdES summary

Merchants eager to implement PAdES are recommended to start reading PAdES impact on merchants (summary).

BankID tools

The test site with tools for testing the BankID clients has been updated for the release to support PAdES signing. Please note that this only pertains to BankID 2.1 signing.

The site can be found here:

Please use the Demosite BankID 2.1 to test the new PAdES functionality. Please note that in the preproduction environment, the certificates in use for Demosite have not been issued on an eIDAS compliant CA; thus signatures will not validate correctly. 

Documentation

The structure of the documentation is mainly as for the recent releases.

We recommend readers unknown to BankID to read BankID COI White Paper [WP] first and then read the BankID Quick Start Guide [BIDG] and the implementation guides [IMPL] and [IMPLW].

For implementation of the BankID Web-client to the merchant web pages we recommend to study BankID Merchant Application Frontend Considerations [IMMC] to get guidance.

Please note that in a previous release, the document BankID Error Messages and Error Codes Overview [BEMEC] was split into two separate documents, namely BankID Error Codes [BEMEC] and BankID Services Error Codes [BSEC]. The target groups of these documents are customer support services at Banks/Merchants and developers integrating an application with BankID. Note that developers should be familiar with both of these documents.