How to use external identity provider for Nexus’ security services
Many new use cases have emerged from the new partnership between the new European identity platform Verimi and the identity and security company Nexus Group. The joint offering helps end users and organizations manage access to all kinds of resources, as well as digitally sign documents and transactions in a smooth and secure way, while staying in control of their personal data.
Sweden has set a benchmark with Swedish Bank ID to help citizens keep control of their data with one single digital identity. With the rising number of applications where this kind of identity is accepted, people are receiving a higher value for committing to one IdP (Identity Provider). Based on standards like OpenID connect, additional external IdPs are entering the market. Nexus enables these trusted identities from such IdPs for further scenarios like managing access to all kinds of resources and digitally signing documents and transactions in a smooth and secure way.
The external identity platform Norwegian BankID and German company Verimi, with its strong focus on transparency and data protection, together with the identity-based services from Nexus, form a comprehensive solution for managing digital identities and using them for various purposes. In these cases, an external IdP such as Verimi can serve as an identity provider for authentication, signing, and other services offered by Nexus.
Flexible multi-factor authentication for easy access to all digital resources
External IDs from such providers can be used to authenticate to the digital access platform Nexus Hybrid Access Gateway (HAG), which allows strong multi-factor authentication with single sign-on to locally installed applications as well as web resources. If a person wants to log on, he/she selects VERIMI ID as the authentication method. This request is then sent to VERIMI who carries out the authentication. All the authentication methods supported from HAG can be used as well as if HAG is set up as IdP.
From version 5.13 on, Hybrid Access Gateway supports OpenID Connect, which is also the standard that the Norwegian BankID and Verimi ID authentication is based on.
External IdPs provide comprehensive information for Customer Identity Management (CIAM)
Together with the Nexus HAG, the foundation for Customer Identity Management (CIAM) is set. The external IdP is connected via standard interface to the HAG and provides the necessary information to it. This means that the Nexus HAG can manage the new generated IDs and provides a set of various authentication methods.
Corporates and institutions benefit from:
- Utilizing already verified data until LoA 4 [Symbol] cost saving through outsourced verification
- Fulfilling the need-to-know principle, as only information necessary for the services (e.g. address information for shipping and not the ID card number) is transferred
- Strong authentication to customer information, which can be enforced to secure the customers’ data
Strong offering with external IdPs and Nexus Security Offering
Nexus has a proven track record and experience working with external IdPs. For many years, Nexus has been cooperating with Swedish Bank ID. Together with VERIMI, Nexus offers a comprehensive solution for managing digital identities and usage in a secure and flexible way.
Further use cases for trusted identities as Digital signing for paper-less workflows
As an important step towards a more digitalized and mobile way-of-working, many organizations want to replace paper-based processes with digital signatures. This is easily achieved by setting up the external IdP as the identity provider to Nexus GO Signing services.
Therefore, external IDs like the Verimi ID can then be used to authenticate and digitally sign documents or banking transactions in Nexus’s signing services, to achieve advanced electronic signatures, according to the eIDAS regulation.
Published 2/11 2018