The Swiss Confederation will provide electronic proof of identity (e-ID) for Swiss citizens in autumn 2026. The underlying technical infrastructure is based on the Self-Sovereign Identity architectural approach. These developments offer significant opportunities for the various economic sectors in Switzerland but also challenges in the effective implementation and use of verifiable credentials. In addition to the use of the Swiss e-ID as proof of identification for opening a bank account, participation in the Confederation’s trust infrastructure offers further potential for Swiss banks. The e-ID can be used in other customer processes and significantly improve the customer experience. These include, for example, identification when visiting a branch and re-identification during the customer relationship. In addition, banks can also issue their own verifiable credentials on the Confederation’s trust infrastructure (source: Swiss Confederation).
Basics of self-sovereign identity, Swiss e-ID and trust infrastructure
The E-ID is the digital form of the identity card or passport. When issued, it is always based on one of the aforementioned documents and is therefore only valid for as long as the underlying document. The E-ID can be issued both physically at the passport office and digitally via a corresponding identification procedure (similar to today’s online identification in accordance with FINMA RS 2016/7). The Swiss E-ID contains the following data points (Excerpt from the E-ID Act [BGEID] (link)):
When using the E-ID, the specific “business-need” must be proven in each case. In this sense, banks may request the relevant information such as official surname, first name, date of birth, nationality, etc. from the future customer for the digital account opening. In contrast, the use of the OASI number should not be permitted, as the bank has no direct use for this data point. Provided it is purely an account/card/payment customer relationship. This goes hand in hand with data minimization, whereby customers or holders only have to disclose the data that is absolutely necessary for the respective business transaction. In this sense, for example, when purchasing alcohol, only the information “older than 18 years” should be shared with the relevant retailer, in this case acting as verifier. The specific date of birth is not mandatory for the transaction and therefore does not have to be disclosed.
Relevant use cases for Swiss banks in the context of verifiable credentials (e.g. E-ID)
In principle, use cases in the context of verifiable credentials can be divided into two categories, namely those in which the bank is the verifier (e.g. use of the E-ID) and those in which it acts as the issuer (e.g. issuing a bank’s own credit score).
When verifying credentials, the OpenBankingProject.ch workshop series primarily analyzed use cases based on the Swiss E-ID. The most exciting use case is likely to be the “onboarding of new customers” and corresponding identification using the E-ID. The project group assumes that the customer journey can be significantly simplified by using the Swiss e-ID and that the conversion rate can be significantly increased as a result. It is assumed that the process steps during identification “scanning the ID document from different sides” and the “live selfie” will no longer be necessary when using the E-ID. Other use cases based on the E-ID include “Identification of employees”, “Identification of authorized signatories”, “Identification of authorized signatories”, “Identification for counter transactions”, “Identification of eVV employees”, “Identification for creating online banking”, “Identification for MLA updates” and “Identification of beneficiaries”. But how exactly is the E-ID verified in these use cases?
The E-ID is requested via a verifiable presentation, which is revealed to the holder either as an app switch (mobile version) or as a QR code (desktop version). The holder then sees the individual data points that are requested and can approve or reject the request. The data is then sent to the verifier in the form of a verifiable presentation. The verifier checks the signature of the holder, the credentials, the issuer and whether the information is valid. It sends a confirmation of successful verification to the holder.
Source: OpenID for Verifiable Presentations
When issuing credentials, banks can issue their customers with various data points or combinations thereof. In the workshop series, for example, an authentication credential was discussed that could be used at ATMs, at the counter, in contact with the call center or for online banking. In addition, the bank can also issue the customer with annual asset statements and interest and capital certificates for tax returns as verifiable credentials in the wallet. Finally, a credit score or a financing confirmation could make it easier for customers to access services in other areas of life. For example, they could implement individual repayment modalities with a customized interest rate for “Buy Now Pay Later” offers
But how can data actually be issued as a verifiable credential? The customer is in an authenticated environment when the credential is issued, for example in their bank’s e-banking system. They then have the option of obtaining the desired information (e.g. credit score) as a verifiable credential in their wallet. To do this, a QR code is presented on the desktop or the customer can switch directly to the wallet via an app switch on their cell phone. The customer then has the option of accepting the credential. This is then created and delivered and the customer can use the credential until it is revoked or withdrawn by the issuer at some point.
Source: OpenID Digital Credentials Protocols
Banks can pursue a variety of use cases both as verifiers and issuers, revealing various potentials but also challenges. In this context, several questions arise: What specific professional and technical implications arise from the use cases mentioned? What basic options for action do banks have in the context of the Confederation’s trust infrastructure and what are the corresponding opportunities and risks?
In summary, it can be said that the verification and issuance of digital proofs has extensive professional and technical implications. The Swiss E-ID and the trust infrastructure provided by the federal government form the basis for a large number of digital proofs that customers can conveniently store in a wallet on their cell phone and share independently. In this new world, the customer is at the center, has sovereignty over their data and can use it independently in various processes. Ultimately, it seems essential that banks also get to grips with digital evidence at an early stage, in particular, which external information they could receive via digital evidence in the future and, at the same time, which information customers would like to keep in their digital wallet. It remains exciting!
The OpenBankingProject.ch project group will meet again in May 2025 to implement various use cases as proof of concepts on the public beta (Swiss confederation’s sandbox).
