iDIN is a service by the banks, that allows customers to identify themselves with websites, using the same secure methods as their own bank uses. It is similar to the iDEAL system in how it works and operates.
In addition to identification, it can also provide the connecting website with information about name, address and age of the consumer, if the consumer agrees to provide these.
CM provides a simple API to integrate these options into your website.
How does it work ?
The merchant asks the customer to select his bank
Start the request for authentication/information
The customer is redirected to this bank
The customer logs into his bank and approves the transaction
The bank sends the customer back to the merchants (your) landing page
The merchant rejoins the customer to his session and retrieves the transaction.
You check with the CM iDIN system if the transaction was successful and receive the requested customer information.
If you are curious about how your consumers would be using iDIN, then you can experiment with CM's iDIN demonstration.
This API is preliminary. Changes might follow and simplified higher level API's will likely be developed, based on customer and pilot feedback.
Additional security restrictions on the API might follow.
The iDIN system currently is still in a pilot phase. That means you should not depend on it just yet.
The iDIN system allows you to service several use cases
Checking if someone is known with a bank.
To see if the user is a legal entity known to a bank
To be able to trace the user in case of fraud.
Being guaranteed that this is always the same person. For instance:
To log a user into your system
To avoid people registering multiple (fake) accounts in your system.
To check if a user is above a certain age limit
Retrieving name, address and age information of that person.
You should always allow the user to override or change this information,
because it is not guaranteed that the information is always correct or complete
(someone could have moved but not yet have informed his bank).
Match this against your own information and trigger audit signals
Things you should not do:
Matching an account in your system on the basis of name/address attributes.
Either create a new account after user identified with iDIN
or have the user log into your system before coupling with an iDIN identity
There is a visual style that you are required to follow when using the iDIN brand.
To the docs