Identification

In Switzerland, Swisscom continously expands the possibilities to enable identification in the Swisscom shops. We will report about this on this main web page. Abroad, identification will only be possible via partners who offer this. In the medium term, Swisscom is looking for a connection to existing identities (e.g. identity verification online by a bank or a state eID, like the German Personalausweis or SwissID).

During identification, the means of authentication (e.g. specifically the mobile phone number) is queried. With this, a first signature is already executed (step-up authentication), typically the signature of the terms of use that have been accepted. This signature is transferred to the All-in Signing Service. This means that the All-in Signing System knows exactly the means of authentication.

An RA agency is associated to a storage area (a so-called “tenant”) in which only those persons identified by the RA master agent or other RA agents of its agency are managed. The RA-Master Agent has access to this tenant and can appoint any identified person of this tenant as a RA agent.

If a person was identified by another method of the Smart Registration Service (e.g. video identification in the EU), the RA-Master Agent cannot appoint that person as an RA agent due to the fact that he is associated to another tenant (the SRS tenant). The RA Master Agent must reidentify him by use of the RA-App.

The only exception is the very first RA-Master Agent: He is identified anyway by a person of Swisscom, Swisscom Partner or e.g. a video identification and thus ends up in the “wrong” tenant by default. When the agency is set up, the named RA master agent is searched and moved to the correct new tenant of the RA agency. However, further postponements are not possible.

On this Signature Check page you can check at any time whether you can sign electronically or whether you need a new registration:

https://check-signing.trustservices.swisscom.com/

If the result is positive, you will see with which signature type (QES, FES) and in which legal area (EU, Switzerland) you can sign electronically.

In case of a negative result, you will find out the reason for a new registration and identification for the electronic signature.

Please find a table with all accepted ID documents and passports:

List of documents suported by the RA App

This happens indirectly. In practice, the procedure is as follows: The RA agency first appoints a RA master agent. This agent is identified by Swisscom or a Swisscom partner and undergoes training. He then receives a user interface with which he can turn other persons identified by him alone into RA agents or RA master agents. However, they must also undergo an automated requested e-Learning training.

In principle, Swisscom must retain the data for a very long time (11 years in Switzerland or 35 years in the EU). But persons can be deactivated by the RA master agent or by Swisscom so that they can no longer sign.

On average, an identification is completed within 2 minutes.

Hold the camera up so that the entire ID document is captured by the cut-out (still blurred if necessary). Move the camera slowly closer to the badge and it will start to focus again.

RA agencies act on behalf of the Swisscom registration office. In addition to the duties of careful execution of the registry’s activities, data protection is also a priority. The data protection principles from Art. 28 DSGVO apply, which are reflected in precise form in the technical-organisational measures (TOM) in the RA Agency contract. They are based on 2 sections of Art. 28, which reflect the use of the app on the mobile device:

• The measure must “ensure the ability to ensure the confidentiality, integrity, availability and resilience of the systems and services in connection with the processing on a long-term basis” and
• Include a procedure for regular review, evaluation and evaluation of the effectiveness of technical and organisational measures to ensure the security of processing.
• The controller and the processor shall take steps to ensure that natural persons under their authority who have access to personal data process them only on instructions from the controller, unless they are required to do so by Union or national law.

This means that in addition to the use of carefully selected and trained employees, the protection of the app on the mobile device and also the protection of access must be guaranteed. Are the devices adequately protected against viruses? Will it be prohibited to download programs from other app stores that do not offer sufficient protection? Do employees keep their PINs and passwords secret? Are devices not rooted?

The most important task of the RA agent is the strict examination of the identification documents submitted to him and in particular the strict verification of the field information read out by OCR from the ID card / passport as well as the correct recording of the mobile number.

Based on data protection laws we do not offer any RA Agency contracts with RA Agencies outside of the mentioned jurisdictions. RA Agents working in jurisdictions other than EEA/EU/CH shall not identify people which are residents of EEA/EU/CH.

There are no special instructions necessary, because the process is exactly the same as for a “live” identification with the RA App. The demo mode is described in the basic training for RA agents.

You can access the demo mode of the RA App by logging in with the following information:

• Mobile number: +41123456789
• Company name: demo

Correct. If a person does not have a machine-readable ID or passport, they cannot get identified with the RA app for electronic signature and therefore cannot use the signing service.

No. It is prohibited to scan copies of ID documents or passports with the RA App. The reason is that the security features cannot be checked on a copy.

No, this is not permitted. The RA App has been certified for face-to-face identification and may accordingly only be used in personal contact.

As Mobile ID is a personal authentication method, the user must activate it himself. The user should always activate Mobile ID prior to identification with the RA App or Smart Registration Service so that the user can use Mobile ID as an authentication method for signature. The user should follow the instructions on www.mobileid.ch menu item “MY MOBILE ID”. User can also find a detailed FAQ on the Mobile ID website

Notify your RA-Master agent and ask him to search the portal for the mobile number. You can resend the SMS with the terms of use by clicking on the link with the PDF symbol:

Make sure that you have not registered the person in the RA-App Demo Mode (mobile number +41001234567, company “demo”).

Check the Service Status page (https://trustservices.swisscom.com/service-status/) to see if there are any faults. If no SMS arrives after another attempt, please inform the support.

If you are already registered (with RA app or the Smart Registration Service), you have to observe the following:

• If you have confirmed the terms of use with PWD/OTP during identification, you have defined this method as a declaration of will method. Now, if you enable the Mobile ID app as a method, you can no longer sign until you have been newly identified.
• If you already use the Mobile ID on SIM card and want to use the Mobile ID app, you should use the recovery code when activating or to authenticate with the Mobile ID SIM at activation and not to activate as a “new Mobile ID”. Otherwise, this app will also be considered as a new method of declaration of will and you will need to be re-identified.
• The same happens the other way round if you want to switch from an installed Mobile ID app to the Mobile ID SIM card.

Typical error message in such a case is an error message with “serial mismatch”.

The Smart Registration Services tries 5 times all 3 days to send out the SMS again. Only if all attempts fail after 15 days a reidentification is necessary.

As far as you did not already accept the terms of use there is always the possibility to deny the terms of use. If you accepted the terms of use and also used our service we must record your usage log and registration data for a retention period of 35 years in the EU and 11 years in Switzerland. But you could easily stop issuing electronic signatures.

With the password/SMS code method, there is unfortunately no possibility of recovery; a user must be re-identified in any case after he has changed his password.