Regarding digital transformation in the financial sector, our European neighbors were quite ahead, but now things are also starting to move in Switzerland: regulatory adjustments are paving the way for modern methods of digital identification and electronic signatures in the financial sector. Until recently, the only options for registering a qualified electronic signature (QES) in accordance with the Federal Act on the Electronic Signature were a personal visit or video identification in compliance with the Anti-Money Laundering Act. The latter is considered secure and has therefore been the gold standard for identifications requiring special due diligence, such as bank account openings. Call center employees make video calls to customers and verify their identity using identification documents and personal information. However, such video calls are inconvenient for users: waiting for available staff is not uncommon. As a result, the user experience suffers.
ETSI standard opens new possibilities
The adoption of the international ETSI standard ETSI TS 119 461 has driven the development of auto identification in Switzerland. Financial intermediaries can now also electronically obtain a copy of their customers' ID cards with a QES. In accordance with the requirements of the Swiss Financial Market Supervisory Authority FINMA, this is equivalent to the authenticated copy of an identity document and serves to identify clients in accordance with the applicable provisions of Swiss anti-money laundering legislation. This also creates the basis for modern identification solutions with a high degree of automation in our country. What sounds complicated is actually a simple process for which users only need their smartphone and a valid ID. After auto identification, which includes an ID scan, biometric face matching and liveness detection, the identification is checked in the background. As soon as it has been verified, the customer receives a personal QES, which can then be used to sign the copy of the ID card and any contract set. Unlike before, this does not require a reference bank transfer or proof of residence. A significant time saving - for both bank employees and customers.
Creating future-proof systems
To ensure that applications for digital identification and electronic signatures offer sustainable added value, it is worth building them up as a platform. Depending on the use case or regulatory requirements, different points must be taken into account. Opening a bank account has significantly higher requirements in terms of the probative value of digital identification and the associated electronic signature than it is the case when registering in an online store. However, with the option of different security levels for identification, such contracts can also be signed with an advanced electronic signature (AES), for example. Modular identification and signature platforms such as m_IDeal can meet precisely these challenges by connecting different service providers to the same platform. This makes it possible to cover a wide range of use cases without having to integrate a new application in each case. Not only does this make the application versatile, it also makes it fit for new use cases and therefore future-proof.
For example, a bank already uses an identification and signature platform for the digital self-onboarding of new customers. If people now visit the bank directly to open an account, it can use a different combination of identification and signature services for this use case to conclude the contract digitally. For face-to-face meetings in the branch, other identification and signature solutions are available than for digital self-onboarding, which do not interrupt the consultation but rather enrich it. This creates a win-win situation: the conversation is not interrupted by a face scan, but the ID data of the person to be identified is still recorded digitally directly in the system. Downstream administrative work such as archiving the copy of the ID card, signing contracts by hand and subsequent checks are no longer necessary. As the bank has already integrated the identification and signature platform into its system landscape, it can add such a scenario with simple configuration adjustments.
Meeting new technologies securely
Despite these significant advances, there are still numerous other areas in which digital identification and electronic signatures are only in the early stages of being used. Especially when dealing with new technologies such as deep fakes, applications for digital identification and electronic signatures could help to meet the associated challenges. Deep fakes are manipulated media content that appears deceptively genuine and can therefore call the authenticity of content into question. However, these manipulative technologies can not only affect media portals, but also everyday situations such as a video call: Thus, it is possible that in future, video meetings will also have to be signed accordingly so that the other party can be identified beyond doubt. The electronic signing of media content could be an ideal solution to counter such threats as deep fakes. Qualified electronic signatures guarantee maximum security regarding the identity of the other party and allow to verify the authenticity of content. They can therefore make a decisive contribution to maintaining the trust of users in digital applications and preventing the misuse of new technologies. And this is not only relevant for providers of financial services, but for all of us.
The original article can be read in the Finance 2023 Special 2023 of Netzwoche from 03.17.2023.
Frequently asked questions
All blog posts
Qualified electronic signature (QES) – simply explained
In an increasingly digital world, legally valid electronic signatures are essential. The qualified electronic signature (QES) is the most secure and legally binding form of digital signature. Learn how QES works, when it is required, and how you can sign your documents securely and without media discontinuity using signeer from mesoneer.
Advanced electronic signature (AES) – simply explained
Legally valid and secure electronic signatures are essential in the digital business world. The advanced electronic signature (AES) offers significantly higher security than the simple electronic signature (SES), as it requires a verified identity of the signatory and uses technical protection mechanisms against manipulation. As a result, it offers greater legal certainty and probative value, for example for business contracts or sensitive documents. However, the FES is not sufficient if written form is required by law. In such cases, a qualified electronic signature (QES) is mandatory, as only it replaces the legally required written form.
SES - Simple electronic signature: Explained simply
Digital signatures have become an integral part of the modern business world. However, not every signature requires the highest security standards. The simple electronic signature (SES) enables fast and uncomplicated digital processing—ideal for companies that value efficiency and flexibility. But when is an SES sufficient, and how can it be used in a legally compliant manner? We explain.