icon-srs-identifikation-starten

Start identification

 check_mark_2_circle_BOLD (1)

Check registration status

 digital_signature_BOLD

Check signature

 person_BOLD

Partner area

 Contact sales

Contact sales

 check_mark_2_circle_BOLD

Service status
Solutions
close-navy
Legal and compliance
Business potential
Technology & Integration
Applications
Industries
Legal and compliance aspects for ...
Signature platforms
The connection of a trust service provider to a platform solution enables compliance with laws in the European legal area, e.g., EU Regulation eIDAS or federal law ZertES.
Read more
ERP providers and enterprises
ERP providers or large companies using ERP systems should ensure that their software complies with regulatory requirements and follows standards and best practices. They should also know...
Read more
Financial Services and Fintech
Important compliance aspects must be observed in the highly regulated financial sector, e.g., FINMA regulations or AML conformity. Trust services play an essential role here.
Read more
SaaS and PaaS Provider
By connecting Trust Services, you can offer customers legally valid electronic signatures while complying with necessary regulations and laws.
Read more
Legal and compliance insights

Stay informed about the latest updates on pan-European regulations and laws and their impact on digital trust service provider

Visit our regulation radar
Business potentials of e-signature solutions for ...
Signature platforms

Working with a signature platform TSP and PaaS provider offers many benefits, including improving the quality, efficiency, and security of their signature solutions, increasing the confidence of...

Read more
ERP providers and large enterprises

In the case of electronic signatures, an integrated solution can help solve these problems by digitizing process gaps and speeding up and simplifying document processing.

Read more
Financial Services & Fintech

Electronic signatures are an essential part of the digital transformation for the fintech and banking industry. Electronic signatures can help improve the efficiency and accuracy of processes such as...

Read more
SaaS & PaaS Provider

A TSP for SaaS providers offers many benefits, including improving the quality, efficiency, and security of their signature solutions, increasing the trust of their customers, and reducing risks.

Read more
Technological aspects for integration of e-signature solutions for...
Signature platforms

The technical integration of trust solutions in a signature platform offers cloud providers many advantages, e.g. scaliability, latest security standards or standardized APIs.

Learn more
ERP provider and enterprises

Enterprises and ERP providers face complex technical challenges, such as company size or internationalization, when implementing e-signature solutions and integrating a TSPs.

Learn more
Fintech and Financial Service Provider

Financial service providers can boost conversion rates by seamlessly integrating trust solutions and efficiently navigating compliance requirements.

Learn more
SaaS and PaaS provider

The technical integration of TSP's digital identity and e-signature solutions enables SaaS and PaaS providers to comply with the latest security and interface standards.

Learn more
Technology and Integration trends

Discover future-proof technological solutions and innovations for your business success.

Learn more
Specific use cases for…
Digital Onboarding
For legally secure contracts to be concluded digitally, customers must be identified once.
Read more
Form processes
Companies should design digital processes that can be tracked in real-time, require little administrative effort, and meet all security and compliance requirements.
Read more
Signature platforms
A signature platform's introduction takes place quickly, as a trust service provider already integrates the legally valid electronic signature.
Read more
Messenger Integration
Customer communication via messenger services is already standard in many places. Concluding a contract via this channel is the next logical step toward a seamless customer experience in the 21st...
Read more
eSignature solutions by industry
Human Resources
Digital transformation affects all areas of companies, and HR departments are not unaffected. Digitizing their processes offers an excellent opportunity to increase efficiency in the department and...
Read more
Healthcare
The health sector is severely affected by a shortage of skilled workers and staff overload. This is reflected in stress and can cause waiting times for patients. The data protection-compliant...
Read more
Finance & Banking
On the one hand, they have to digitalize their processes; on the other hand, innovative fintech is attacking established business models. The following applies to both: Today, customers expect...
Read more
Real estate sector
The use of electronic signatures in the real estate sector has made significant progress in recent years and offers numerous advantages. In particular, using electronic signatures enables processes...
Read more
eSignature Hub
close-navy
Trust Blog
Downloads
Knowledge Base & Help Center
Insights with experts
Customer success stories and use cases
Welcome to our Trust Blog
Welcome to the Trust Blog! Here it's all about signature services technology and how it strengthens trust in digital processes. Learn about the latest developments and best practices for secure and...
Latest blog posts
25.04.2024
5 ways eIDAS 2.0 will impact your business
Read latest blog article
Downloads

Here you can find all the essential downloads for our products

Documentation
Knowledge Base & Help Center
Click here to go to our Help Center.

In our Help Center, you will find the answers to our frequently asked questions.

Help Center
Insights with experts
Exciting insights with industry experts

This section will offer exciting interviews and discussions from various sectors, such as finance, HR, and health. Our experts describe the current challenges in their fields, provide compelling...

Learn more
Customer Stories and Use Cases
Customer Stories and Use Cases

Our customers and partners have successfully streamlined their processes and digitized the final step to legally valid contract conclusion. Find out how they benefit from our digital identity, secure...

Read customer stories
Products
close-navy
Electronic signature
Electronic seal
Identification
Authentication
Service packages
Electronic signature
Electronic signature

  • Learn what an electronic signature is

  • What types of electronic signatures there are

  • How to sign a document electronically

Read more
Repetitve e-signature eIDAS

The embedded e-signing platform Smart Registration und Signing Service provides qualified and advanced electronic signatures for the EU jurisdiction.

E-signatures for Europe
One-shot e-signature eIDAS

The embedded e-signing platform Smart Registration and Signing Service offer a combined solution of identification and one-time e-signatur for KYC-processes in the European jurisdiction.

One-shot e-signing Europe
Repetitve e-signature ZertES

The embedded e-signing platform Smart Registration and Signing Service provides qualified and advanced electronic signatures for the Swiss jurisdiction.

E-signatures Switzerland
One-shot e-signature ZertES

The embedded e-signing platform Smart Registration and Signing Service offer a combined solution of identification and one-time e-signatur for KYC-processes in Swiss jurisdiction.

One-shot e-signing Switzerland
Fast track e-signature ZertES

The embedded e-signing platform Smart Registration and Signing Service offer identification via valid Swiss mobile number and advanced electronic signtuare in Switzerland

Fast track procedure Switzerland
Electronic seals
Electronic seals

  • Learn what an electronic seal is here

  • What types of electronic seals there are

  • How a company successfully seals electronically

Read more
Authroity e-seal

The embedded e-sealing software Smart Registration and Signing Service provides regulated electronic seal for Swiss public authorities in accordance with ZertES and TAV.

Authority e-seal Switzerland
E-Seal ZertES

The reptetive e-sealing solution Smart Registration and Signing Service provides regulated and advanced electronic seals for organizations in the Swiss jurisdiction

E-seal for Switzerland
E-Seal eIDAS

The embedded e-sealing solution Smart Registration and Signing Service provides qualified and advanced electronic seals for organizations in the European jurisdiction.

E-seal for Europe
Identification
Online Identification

  • Learn what an online identity check is

  • What current identification methods are available on the market

  • What the areas of application and advantages of online identification are

Online Identification
Identification methods for eIDAS e-signatures

The embedded e-signature platform Smart Registration and Signing Service offers a wide range of identification methods to register for eIDAS-compliant e-signatures.

Ident-methods for Europe
Identification methods for ZertES e-signatures

The embedded e-signature platform Smart Registration and Signing Service offers a wide range of identification methods to register for ZertES-compliant e-signatures.

Ident-methods for Switzerland
RA App

Simple and intuitive Face-2-Face identification hub solution for businesses to register people for electronic signature.

RA App
Authentication
Authentication

  • Learn what two-factor authentication is

  • Why it takes an authentication solution for the electronic signature

Read more
Portfolio of signature approval methods

The embedded e-signature platform Smart Registration and Signing Service provides a diverse array of authentication methods for approving electronic signatures.

Signature approval methods
Services Packages

Explore our range of e-signature and e-seal service packages for partners, SMEs, and enterprises. Choose from various packages tailored to your needs.

Service packages
09.02.2024
A password-free futures: enhancing security and convenience with passkey
Read blog post
Support & Services
close-navy
Help Center
Product documentations
Developer Section
Contact support
Support for RA agencies
Help Center
Access to the Help Center

Here are the frequently asked questions about our products and services.

To the Help Center
Here you can find our product documentation

Here you will find all the essential information about our products.

Documentation
Information for developers
Trust Services Developer Hub

On our Dev Hub, you will find all the essential information about using the interfaces provided by Swisscom.

STS Dev Hub
Trust Service GitHub

Our GitHub page contains Postman examples and four Java/C#-based clients for the signature service that use the iText/PDF Box libraries and the signature service wiki.

STS GitHub
Repository

In our repository, you will find the documentation on Swisscom CA and PKI, our CP/CPS, and terms of use.

Repository
PDF Library Provider

Here you will find a selection of PDF Library providers that support the interfaces provided by Swisscom.

PDF Library Provider
Swisscom Bug Bounty Program

You can inform Swisscom about potential security vulnerabilities here.

Swisscom Bug Bounty Program
Contact support
Here you will find answers to your questions

You are welcome to contact us via the support page.

Support Page
Support for RA agencies

Please visit our Help Center.If you can't find an answer to your question, please don't hesitate to contact our support team.

Contact RA Agency Support
References & Partner
close-navy
Partner Directory
References and use cases
Become a partner
Partner Login
Our solution partners
Partner Directory

Our products are integrated into ready-made digital customer solutions, enabling processes without media discontinuity. Here is an overview of our solution partners.

Partner Directory
References and Use Cases

Customer success stories

Discover how customers are benefiting from our digital identity, secure authentication, and e-signature solutions and services. Our customers are active in various industries

Customer success stories
28.08.2024
smartaxxess supports young SMEs

together with Swisscom Trust Services and fino kanzleidrive GmbH.

Get success story
Become a Swisscom Trust Services partner now
Become a partner

Expand your application with legally valid electronic signature and online identification solutions. Become a partner now and enjoy the benefits.

Become a partner now
Partner Login

Our partner log-in area is aimed at our solution partners.Are you still waiting for a partner log-in? Get in touch.

To the login
About us
close-navy
Team
Associations & Memberships
Jobs
News
Media
Our team of experts
About Swisscom Trust Services

Swisscom Trust Services is a leading provider of trust services and provides qualified electronic signatures in the legal areas of the EU and Switzerland.

About us
Team

We are a team of more than 30 experts providing innovative, complete, compliant, and easy-to-integrate identity-based and electronic signature services.

Team
Wir sind Mitglieder in zahlreichen Verbänden
European Signature Dialog

The European Signature Dialogue is an association of the most important European providers of electronic signatures.

Learn more
Bitkom

Today, the registered association Bitkom represents more than 2,000 member companies - including around 1,000 high-performing SMEs, over 500 innovative tech start-ups, almost half of the 40 DAX...

Learn more
eco association

With around 1,000 member companies, eco is Europe's largest Internet industry association. Since 1995, eco has been instrumental in shaping the internet, promoting new technologies, creating...

Learn more
CAST e.V.

The Competence Center for Applied Security Technology, CAST e.V. offers a wide range of services in the security of modern information technologies. It is the contact for IT security issues.

Learn more
TeleTrust

The Bundesverband IT-Sicherheit e.V. (TeleTrusT) is a competence network comprising domestic and foreign members from industry, administration, consulting and science, and thematically related...

Learn more
Open vacancies
Our jobs

We seek experts with an exciting track record who want to contribute to our growth.

Open vacancies
Latest news and insights
News, Insights, and Press Releases

Here, you will find the latest news, insights, and press releases about our developments, services, and partnerships.

News Overview
Media & Press
Media and press

In this section, you will find our press contact, the latest press releases, company information, and media content for download.

More information
Solutions
Legal and compliance
Business potential
Technology & Integration
Applications
Industries
Legal and compliance aspects for ...
Signature platforms
The connection of a trust service provider to a platform solution enables compliance with laws in the European legal area, e.g., EU Regulation eIDAS or federal law ZertES.
Read more
ERP providers and enterprises
ERP providers or large companies using ERP systems should ensure that their software complies with regulatory requirements and follows standards and best practices. They should also know...
Read more
Financial Services and Fintech
Important compliance aspects must be observed in the highly regulated financial sector, e.g., FINMA regulations or AML conformity. Trust services play an essential role here.
Read more
SaaS and PaaS Provider
By connecting Trust Services, you can offer customers legally valid electronic signatures while complying with necessary regulations and laws.
Read more
Legal and compliance insights

Stay informed about the latest updates on pan-European regulations and laws and their impact on digital trust service provider

Visit our regulation radar
Business potentials of e-signature solutions for ...
Signature platforms

Working with a signature platform TSP and PaaS provider offers many benefits, including improving the quality, efficiency, and security of their signature solutions, increasing the confidence of...

Read more
ERP providers and large enterprises

In the case of electronic signatures, an integrated solution can help solve these problems by digitizing process gaps and speeding up and simplifying document processing.

Read more
Financial Services & Fintech

Electronic signatures are an essential part of the digital transformation for the fintech and banking industry. Electronic signatures can help improve the efficiency and accuracy of processes such as...

Read more
SaaS & PaaS Provider

A TSP for SaaS providers offers many benefits, including improving the quality, efficiency, and security of their signature solutions, increasing the trust of their customers, and reducing risks.

Read more
Technological aspects for integration of e-signature solutions for...
Signature platforms

The technical integration of trust solutions in a signature platform offers cloud providers many advantages, e.g. scaliability, latest security standards or standardized APIs.

Learn more
ERP provider and enterprises

Enterprises and ERP providers face complex technical challenges, such as company size or internationalization, when implementing e-signature solutions and integrating a TSPs.

Learn more
Fintech and Financial Service Provider

Financial service providers can boost conversion rates by seamlessly integrating trust solutions and efficiently navigating compliance requirements.

Learn more
SaaS and PaaS provider

The technical integration of TSP's digital identity and e-signature solutions enables SaaS and PaaS providers to comply with the latest security and interface standards.

Learn more
Technology and Integration trends

Discover future-proof technological solutions and innovations for your business success.

Learn more
Specific use cases for…
Digital Onboarding
For legally secure contracts to be concluded digitally, customers must be identified once.
Read more
Form processes
Companies should design digital processes that can be tracked in real-time, require little administrative effort, and meet all security and compliance requirements.
Read more
Signature platforms
A signature platform's introduction takes place quickly, as a trust service provider already integrates the legally valid electronic signature.
Read more
Messenger Integration
Customer communication via messenger services is already standard in many places. Concluding a contract via this channel is the next logical step toward a seamless customer experience in the 21st...
Read more
eSignature solutions by industry
Human Resources
Digital transformation affects all areas of companies, and HR departments are not unaffected. Digitizing their processes offers an excellent opportunity to increase efficiency in the department and...
Read more
Healthcare
The health sector is severely affected by a shortage of skilled workers and staff overload. This is reflected in stress and can cause waiting times for patients. The data protection-compliant...
Read more
Finance & Banking
On the one hand, they have to digitalize their processes; on the other hand, innovative fintech is attacking established business models. The following applies to both: Today, customers expect...
Read more
Real estate sector
The use of electronic signatures in the real estate sector has made significant progress in recent years and offers numerous advantages. In particular, using electronic signatures enables processes...
Read more
eSignature Hub
Trust Blog
Downloads
Knowledge Base & Help Center
Insights with experts
Customer success stories and use cases
Welcome to our Trust Blog
Welcome to the Trust Blog! Here it's all about signature services technology and how it strengthens trust in digital processes. Learn about the latest developments and best practices for secure and...
Latest blog posts
25.04.2024
5 ways eIDAS 2.0 will impact your business
Read latest blog article
Downloads

Here you can find all the essential downloads for our products

Documentation
Knowledge Base & Help Center
Click here to go to our Help Center.

In our Help Center, you will find the answers to our frequently asked questions.

Help Center
Insights with experts
Exciting insights with industry experts

This section will offer exciting interviews and discussions from various sectors, such as finance, HR, and health. Our experts describe the current challenges in their fields, provide compelling...

Learn more
Customer Stories and Use Cases
Customer Stories and Use Cases

Our customers and partners have successfully streamlined their processes and digitized the final step to legally valid contract conclusion. Find out how they benefit from our digital identity, secure...

Read customer stories
Products
Electronic signature
Electronic seal
Identification
Authentication
Service packages
Electronic signature
Electronic signature

  • Learn what an electronic signature is

  • What types of electronic signatures there are

  • How to sign a document electronically

Read more
Repetitve e-signature eIDAS

The embedded e-signing platform Smart Registration und Signing Service provides qualified and advanced electronic signatures for the EU jurisdiction.

E-signatures for Europe
One-shot e-signature eIDAS

The embedded e-signing platform Smart Registration and Signing Service offer a combined solution of identification and one-time e-signatur for KYC-processes in the European jurisdiction.

One-shot e-signing Europe
Repetitve e-signature ZertES

The embedded e-signing platform Smart Registration and Signing Service provides qualified and advanced electronic signatures for the Swiss jurisdiction.

E-signatures Switzerland
One-shot e-signature ZertES

The embedded e-signing platform Smart Registration and Signing Service offer a combined solution of identification and one-time e-signatur for KYC-processes in Swiss jurisdiction.

One-shot e-signing Switzerland
Fast track e-signature ZertES

The embedded e-signing platform Smart Registration and Signing Service offer identification via valid Swiss mobile number and advanced electronic signtuare in Switzerland

Fast track procedure Switzerland
Electronic seals
Electronic seals

  • Learn what an electronic seal is here

  • What types of electronic seals there are

  • How a company successfully seals electronically

Read more
Authroity e-seal

The embedded e-sealing software Smart Registration and Signing Service provides regulated electronic seal for Swiss public authorities in accordance with ZertES and TAV.

Authority e-seal Switzerland
E-Seal ZertES

The reptetive e-sealing solution Smart Registration and Signing Service provides regulated and advanced electronic seals for organizations in the Swiss jurisdiction

E-seal for Switzerland
E-Seal eIDAS

The embedded e-sealing solution Smart Registration and Signing Service provides qualified and advanced electronic seals for organizations in the European jurisdiction.

E-seal for Europe
Identification
Online Identification

  • Learn what an online identity check is

  • What current identification methods are available on the market

  • What the areas of application and advantages of online identification are

Online Identification
Identification methods for eIDAS e-signatures

The embedded e-signature platform Smart Registration and Signing Service offers a wide range of identification methods to register for eIDAS-compliant e-signatures.

Ident-methods for Europe
Identification methods for ZertES e-signatures

The embedded e-signature platform Smart Registration and Signing Service offers a wide range of identification methods to register for ZertES-compliant e-signatures.

Ident-methods for Switzerland
RA App

Simple and intuitive Face-2-Face identification hub solution for businesses to register people for electronic signature.

RA App
Authentication
Authentication

  • Learn what two-factor authentication is

  • Why it takes an authentication solution for the electronic signature

Read more
Portfolio of signature approval methods

The embedded e-signature platform Smart Registration and Signing Service provides a diverse array of authentication methods for approving electronic signatures.

Signature approval methods
Services Packages

Explore our range of e-signature and e-seal service packages for partners, SMEs, and enterprises. Choose from various packages tailored to your needs.

Service packages
09.02.2024
A password-free futures: enhancing security and convenience with passkey
Read blog post
Support & Services
Help Center
Product documentations
Developer Section
Contact support
Support for RA agencies
Help Center
Access to the Help Center

Here are the frequently asked questions about our products and services.

To the Help Center
Here you can find our product documentation

Here you will find all the essential information about our products.

Documentation
Information for developers
Trust Services Developer Hub

On our Dev Hub, you will find all the essential information about using the interfaces provided by Swisscom.

STS Dev Hub
Trust Service GitHub

Our GitHub page contains Postman examples and four Java/C#-based clients for the signature service that use the iText/PDF Box libraries and the signature service wiki.

STS GitHub
Repository

In our repository, you will find the documentation on Swisscom CA and PKI, our CP/CPS, and terms of use.

Repository
PDF Library Provider

Here you will find a selection of PDF Library providers that support the interfaces provided by Swisscom.

PDF Library Provider
Swisscom Bug Bounty Program

You can inform Swisscom about potential security vulnerabilities here.

Swisscom Bug Bounty Program
Contact support
Here you will find answers to your questions

You are welcome to contact us via the support page.

Support Page
Support for RA agencies

Please visit our Help Center.If you can't find an answer to your question, please don't hesitate to contact our support team.

Contact RA Agency Support
References & Partner
Partner Directory
References and use cases
Become a partner
Partner Login
Our solution partners
Partner Directory

Our products are integrated into ready-made digital customer solutions, enabling processes without media discontinuity. Here is an overview of our solution partners.

Partner Directory
References and Use Cases

Customer success stories

Discover how customers are benefiting from our digital identity, secure authentication, and e-signature solutions and services. Our customers are active in various industries

Customer success stories
28.08.2024
smartaxxess supports young SMEs

together with Swisscom Trust Services and fino kanzleidrive GmbH.

Get success story
Become a Swisscom Trust Services partner now
Become a partner

Expand your application with legally valid electronic signature and online identification solutions. Become a partner now and enjoy the benefits.

Become a partner now
Partner Login

Our partner log-in area is aimed at our solution partners.Are you still waiting for a partner log-in? Get in touch.

To the login
About us
Team
Associations & Memberships
Jobs
News
Media
Our team of experts
About Swisscom Trust Services

Swisscom Trust Services is a leading provider of trust services and provides qualified electronic signatures in the legal areas of the EU and Switzerland.

About us
Team

We are a team of more than 30 experts providing innovative, complete, compliant, and easy-to-integrate identity-based and electronic signature services.

Team
Wir sind Mitglieder in zahlreichen Verbänden
European Signature Dialog

The European Signature Dialogue is an association of the most important European providers of electronic signatures.

Learn more
Bitkom

Today, the registered association Bitkom represents more than 2,000 member companies - including around 1,000 high-performing SMEs, over 500 innovative tech start-ups, almost half of the 40 DAX...

Learn more
eco association

With around 1,000 member companies, eco is Europe's largest Internet industry association. Since 1995, eco has been instrumental in shaping the internet, promoting new technologies, creating...

Learn more
CAST e.V.

The Competence Center for Applied Security Technology, CAST e.V. offers a wide range of services in the security of modern information technologies. It is the contact for IT security issues.

Learn more
TeleTrust

The Bundesverband IT-Sicherheit e.V. (TeleTrusT) is a competence network comprising domestic and foreign members from industry, administration, consulting and science, and thematically related...

Learn more
Open vacancies
Our jobs

We seek experts with an exciting track record who want to contribute to our growth.

Open vacancies
Latest news and insights
News, Insights, and Press Releases

Here, you will find the latest news, insights, and press releases about our developments, services, and partnerships.

News Overview
Media & Press
Media and press

In this section, you will find our press contact, the latest press releases, company information, and media content for download.

More information
icon-srs-identifikation-starten

Start identification

 check_mark_2_circle_BOLD (1)

Check registration status

 digital_signature_BOLD

Check signature

 person_BOLD

Partner area

 Contact sales

Contact sales

 check_mark_2_circle_BOLD

Service status
04.04.2025
Author: Ingolf Rauh

Root Cause Analysis SMS Attack 30.3.2025-1.4.2025

 

History background and Determination of Causes

From March 30 to April 1, 2025, a so-called SMS mass attack (SMS Pumping Request) was carried out. This automatically led to a safety shutdown of the SMS service in question and a fallback to the backup SMS service of Swisscom Trust Services over the weekend.

The analysis first revealed a partner test account that had insufficiently protected the input mask for mobile number and was accessible to the attacker via the internet. CAPTCHA verification or limitation of SMS requests were lacking on this input mask, allowing the attacker to carry out their attack. The account was immediately blocked on Monday, March 30th.

Further assessment showed that the attack rate decreased as a result, but SMS messages were still being sent to countries not normally part of the signing service. Consequently, the complete dispatch of SMS outside the EU, EEA, Switzerland, and the UK was stopped. The primary SMS service was brought back into operation on Tuesday, April 1st.

Another application was found that was improperly using the interface. This application was also disconnected from SMS triggering in the afternoon of Tuesday, April 1st.

Even after shutting down the second test application, we could still detect SMS deliveries to third countries outside the aforementioned European states. Subsequent dialogue with several partners revealed that sporadically, citizens residing in third countries were using this service, contrary to contractual exclusions. We also prohibited the use of password-OTP authentication on standard test applications.

Impact

The outage exclusively affected legacy signature applications (OASIS interface/AIS) that do not yet use broker technology, and only those signature applications that rely on one-time passwords in connection with signature approval.

The switch to the backup SMS service particularly impacted groups of people who have contracts with a (often budget) network operator with whom this backup SMS service has inadequate contractual relationships. They are often using cheaper routing options in connection with interworking and roaming agreements. Our primary provider has significantly better coverage for such contracts than the backup service.

Affected by the shutdown of SMS outside the EU/EEA/CH/UK are EU/EEA citizens, citizens of Switzerland and the UK who were traveling or are traveling and who have acquired a SIM card from the respective holiday destination outside their home countries and wanted or want to use it for signatures. Users affected by the restriction on standard test applications are those who want to test signature approval via password one-time code via SMS. Tests can now only be conducted with Mobile ID or Mobile ID app.

Recommendations and Next Steps

Swisscom Trust Services generally recommends very limited use of SMS for signature approval. Along with potential future regulatory restrictions within the tightening of signature legislation due to the vulnerability of SMS, SMS delivery is also not always reliable. We generally recommend transitioning to the Multiple Authentication Broker (MAB) architecture and thereby using authentication methods such as Passkey, Mobile ID, or Swisscom Signature Approval App. For so-called one-shot signatures, i.e., signatures that are always accompanied by identification, the broker method allows use without one-time code via SMS input. If citizens residing in third countries must use the one-time code via SMS service, it must explicitly be contractually agreed upon due to legal regulations. A memo has already been distributed for this purpose. We will gradually resume SMS dispatch to the third countries mentioned herein. However, third countries with high pricing (such as Pakistan) or third countries with inadequate data protection provisions (China, Russia, etc.) will remain excluded. SMS dispatch to third countries will now be separately monitored so that countermeasures (e.g., account shutdowns) can be carried out more quickly. Test accounts with password one-time code via SMS release will be set up from now on only specifically for special partners with signed contracts for this purpose. New test contracts will gradually be provided for existing test accounts. With this extensive bundle of measures, we are confident in being able to offer one-time password usage again without further damage to the productive system.
Disruption

Share this article

printer Kopiert! copy email facebook linkedin twitter