Archive: September 11th, 2018

Update: BankID Security Hole Patched

A previous post described a security hole used for big-time fraud abusing the Swedish BankID.

The company behind BankID, Finansiell ID-Teknik AB, announces a remedy, available immediately.
Continue »

The Gaping Security Hole in Swedish BankID

The Swedish BankID, a digital authentication and signature framework, is a huge success. Even with the small (10 M) population of Sweden, the number of authentications runs into billions annually.

However, unfavourable publicity recently hit BankID. A number of very public big time fraud convictions broke the hush-up wall that banks traditionally build around their security. All of a sudden customers of banks and financial institutions were flooded with information on how to handle their BankID in order to protect themselves.

Can BankID really be broken? A “yes” seems obvious, but, well, not exactly.
Continue »