Page tree

Registration Form BankID Fraud Detection
version  03.02.15

 

 

This form must be filled in by the BankID vendor and merchant requesting access to BankID COI Anti-Fraud Services.

 

General Registration Data

Must be filled in for all requests

 

BankID Vendor (forhandler/formidler):

 

Date:

 

Contact person Vendor:

Tel:

e-mail:

Merchant or service name (subscriber):

Contact person merchant:

 

Tel:

 

e-mail:

 

 

Request type

Type

Tick below

Smtp based fraud data

 

Http based fraud alarms

 

BankID Security Data Service (Data-til-brukersted)

 

 

Access to Smtp based fraud data broadcast

Precondition: This service is only available to certified merchants, i.e. currently only banking services. Production data only.

 

Merchant e-mail address

 

 

Procedure:

Action

Subscribe to Nets BankID SMTP based fraud alarms (broadcast)

Responsible

1.

Send the this form, including e-mail address and pgp public key for the receiving e-mail address to bankidirt@nets.eu

Subscriber

2.

Send the pgp public key fingerprint in hexadecimal out-of-band to BankID IRT

Subscriber

3.

BankID IRT will verify the pgp public key

Nets

4.

Send a pgp signed email to bankidirt@nets.eu from the mail address that shall be the receiver of the alarms.

Subscriber

5.

BankID IRT will verify the email and add the mail address to receive alarms.

Nets

6.

BankID IRT will send a confirmation email to the subscriber

Nets

 

 

 

 

 

 

 

 

Access to HTTP based fraud alarms (unicast)

Precondition: This service is only available to Merchants with extranet connectivity to Nets. Production data only.

 

Connectvity:

Merchant endpoint IP

Merchant Endpoint URL

Nets Fraud IP

Port

Service

Env

 

 

 

443

Fraud

PROD

 

Procedure:

Action

Subscribe to Nets BankID HTTP based fraud alarms (unicast)

Responsible

1.

Send the this form and pgp public key for the organizations communication endpoint to bankidirt@nets.eu

Subscriber

2.

Send the pgp public key fingerprint in hexadecimal out-of-band to BankID IRT

Subscriber

3.

BankID IRT will verify the pgp public key

Nets

4.

Send a pgp signed email to bankidirt@nets.eu from the organizations communication endpoint. This mail must contain the complete URL of the endpoint that shall receive the alarms and the domain name(s) where end customers will access the merchants BankID authentication/signing service.

Subscriber

5.

Nets will open firewall for traffic to target URL

Nets

6.

Open up for inbound traffic from Nets

Subscriber

7.

BankID IRT will add the URL to receive alarms using HTTP POST.

Nets

8.

BankID IRT will send a confirmation email to the subscriber

Nets

 


Access to BankID Security Data Service “data-til-brukersted”

Preconditions:

1)         RA must grant specific OrderID at Merchant access to the relevant OID for “data-til-brukersted”

2)         For extranet merchants firewall openings

Please contact issuer and provide the following information:

Data element

Value

Merchant OrderID (string)

 

Access type (java or javascript)

 

 

Connectivity extranet:

Merchant endpoint IP

Nets Extranet Fraud IP

Port

Service

Env

 

91.102.24.241

443

Security Data Service

PREPROD

 

91.102.25.220

443

Security Data Service

PROD

 

Procedure:

Action

Subscribe to Nets BankID HTTP based fraud alarms

Responsible

1.

Apply for access to the “Data til brukersted” API call by contacting the merchants own BankID issuer.

Subscriber

2.

The merchants BankID issuer must grant access to the merchant by sending an RA message with the OIDs the merchant shall have access to. The following OIDs currently apply:

 

BankID Web-client: 2.16.578.1.16.6.2

 

Subscribers issuer

3.

Send the pgp public key for the organizations communication endpoint to bankidirt@nets.eu

Subscriber

4.

BankID IRT will verify the pgp public key

Nets

5.

Apply for a firewall opening for inbound traffic in Nets from the merchant to  services.bankid.no port 443 by filling out a firewall scheme and send it in a signed email to bankidirt@nets.eu

Subscriber

6.

Nets will open firewall for traffic from merchant

Nets

7.

Open up for outbound traffic to services.bankid.no port 443.

Subscriber

8.

BankID IRT will send a confirmation email to the subscriber

Nets