Important updates in Secure Implementation Guide for e-service providers
In November, we published the Smart-ID and Mobile-ID Secure Implementation Guide for all e-service providers to help them to protect them from attacks carried out by cybercriminals. We have now supplemented this document with instructions for authentication with ID-card.
In order to assure that ID-card authentication in your e-service is organised securely, you need to make sure ASAP that you have followed the important guidelines in the updated Secure Implementation Guide. If your e-service configuration does not follow the guidelines, it may be possible to access your e-service with another authentication tool instead of an ID-card, without your ability to identify it.