Belgian banks bid to banish passwords with itsme app

Belgium's major banks and mobile network operators have joined forces to create an app that lets people replace their various online usernames and passwords with a single code or fingerprint.

Developed by banks Belfius, BNP Paribas Fortis, KBC/CBC and ING, with telcos Orange, Proximus and Telenet, the itsme app is aiming to replace the laundry list of passwords, user names, tokens and card readers Belgians currently need to use the Web.

Users simply download the app and then when carrying out a task on a participating website that requires some form of security, enter a five digit code. The app checks the code, as well as the actual handset and its SIM card to ID the user.

Launched earlier this year, the app can now be used by ING customers to sign into their accounts and approve transactions.

Later this year, Belgians are expected to use itsme for government services, including submitting tax returns. A number of insurance companies and retailers are also expected to sign on.

Related Companies

BNP Paribas Fortis ING KBC Bank itsme

Channels

Retail banking Security Payments Identity

Keywords

Mobile & online banking Authentication

Comments: (4)

Bradley Howard - Endava - London 12 September, 2017, 10:27

1 like

Let me get this right... they have replaced a password with a 5 digit numerical PIN? And this is called "banishing passwords"?

There are many alternatives which truly banish passwords and make it customers' lives easier.

Report abuse

Arjeh Van Oijen - Icon Solutions - Amsterdam 14 September, 2017, 21:04

Be the first to give this comment the thumbs up

0 likes

@Bradley It's a 2-factor authentication where the SIM in the mobile phone is used for the authentication process. The PIN is used to access the SIM. So its not a replacement of a password by a PIN. Because a mobile phone (SIM) is required to authenticate, it is a significant higher security level than only a password that can be stolen or intercepted. I only do not understand why it is not possible to scan a QR code instead of entering phone number. If this mechanism could be lifted to a European standard, the economic value could run into billions of euros (reduction of fraud, improvement efficiencies).

Report abuse

Bradley Howard - Endava - London 15 September, 2017, 09:50

0 likes

Hello @Arjeh - thanks for the clarification. I still think that from the user's experience replacing a password with a PIN is poor.

Having the fingerprint recognition is a nice step forward, and perhaps FaceID will further improve the experience.

Report abuse

Arjeh Van Oijen - Icon Solutions - Amsterdam 15 September, 2017, 11:33

0 likes

@Bradley I agree with you on the user experience. I guess it's a matter of time that also biometric authentication will be supported to access the App (as the PIN is used to access the App, not the website). As long as not all phones support biometric authentication, a PIN is always needed. But five years from now PINs will be a rare phenomena for mobile phones authentication.