Onboarding new users
- Kristoffer Kristoffer (Unlicensed)
The importance of hassle-free onboarding
A saying that most people are familiar with, and can relate to, is that first impressions last. While the origin of this saying probably relates to people interacting with each other, this is also true in business. The onboarding process is the initial interaction a new potential customer has with your business, and it really set the tone for the entire customer relationship. The likelihood of a user becoming a customer, sticking with your business, and potentially recommending it to others, increases with the effort put into creating an excellent onboarding process. And as more paying customers means more revenue, it is pretty clear that the process of converting users into paying customers should lie at the heart of any business strategy.
As summarized by the Harvard Business Review;
"An increased focus on onboarding offers a significant or moderate positive impact over the life of the contract for revenue, client renewals, and client referrals."
While this may sound easy and straightforward, most would agree that it is not. Businesses have to make their processes as user friendly as possible, while also catering to other business objectives such as know-your-customer regulations and the need for structured data points for internal use. And as customers are increasingly moving from the physical to the digital world, the business must follow, posing a range of challenges and necessary actions to be undertaken. Maybe this is why users say that the average onboarding process is too cumbersome and time consuming, and that this leads to a decreased chance of converting them to customers.
Using BankID in the onboarding process
BankID offers several products that will simplify the onboarding process for the end user, without compromising on regulative or operational requirements.
Our experience is that businesses have very varied needs and requirements when it comes to digital onboarding. As such, you may use our BankID products differently, depending on what you need. We've described this in three sections:
- Simple flow: Authenticate the end user, and retrieve their national identity number with consent
- Sign flow: Use electronic signing from BankID to complete the onboarding through the mutual signing of an agreement governing the customer relationship
- AML flow: Authenticate the user and employ BankID AML to retrieve more end-user information
We would also recommend to check out Vipps Logg inn, for a smooth onboarding experience for cases where there is no need for high-security authentication. This solution employs the Vipps app instead of BankID Identity Providers in order to authenticate the end-user.
Simple flow
The simple onboarding flow is an extension of our Authentication product, and it opens up the possibility for the merchant to get the end users explicit consent to store their national identity number as a part of the onboarding process. As such, this solution is relevant for you if you need to store the end user's national identity number in your own systems.
To get started with this approach:
| Step | What you do | Endpoint | Method | Considerations | Remarks |
|---|---|---|---|---|---|
| 1 | Get the key properties of the OIDC provider | Openid-configuration | GET | ||
| 2 | Build the authorization URL, and redirect the user to the authorization endpoint | Authorize | GET | Include scope In the callback, make sure to check for error and matching states | The user authenticates with selected IDP method |
| 3 | Exchange authorization code for tokens | Token | POST | Check matching | Use the ID token to identify the user. |
| 4 | Fetch our public keys and use these to validate token signatures | jwk | GET | ||
| 5 | Make a new authorize-request | Authorize | GET | Include scope nnin. Add ID token from 4) as id_token_hint | This will prompt the end-user consent for sharing their national identity number with you. For more, see consent dialogues. |
| 6 | Exchange authorization code for tokens | Token | POST | Check matching nonce. | |
| 7 | Download national identity number from the TINFO resource sever | Userinfo (TINFO Userinfo Endpoints) | GET | Use Access token from 6) as Bearer token | If the user has not given consent, you won't be able to download this from the resource server. |
Please note that merchants must be provisioned to get access to the nnin_altsub and nnin scopes. You'll need a legal reason to store and use national identity numbers. This access is given as a part of the commercial agreement process.
Sign flow
For some merchants, the customer onboarding process culminates in an agreement between the merchant and the end user. For such use cases, the electronic signing products from BankID can be employed to ensure a smooth way to close the deal. Please refer to our documentation for signing documents online.
AML flow
Businesses that are subject to anti money laundering legislation, should also consider our AML product. This may be implemented as an extension of the Authentication flow, where the merchant will also receive more data concerning the end user:
- The end user's address, gender, birthplace and citizenship
- Whether the end user appears on sanction lists or is a politically exposed person (which should force escalated measures from the merchant in terms of due diligence)
Please refer to our BankID AML page to learn more about this product.