Enable Nets Passport Reader in your services
Nets Passport Reader is available as an eID in E-Ident for identification of subject's holding a machine-readable ID document. More specifically, these are ICAO Doc 9303 compliant documents:
Passport
Driver's license
Residence card
To get access to the Passport Reader you need to:
To register as a customer or add the Passport Reader to your existing configuration,
contact Nets support.
The app
The Passport Reader app comes in two different versions:
- one app for customer test environment (pink colour icon)
- one app production environment (blue colour icon)
Customer test links
The preprod app (pink colour icon) can be downloaded from:
Production links
The production app (blue colour icon) can be downloaded from:
Information about the end user
| Document type | document_type | documenttype | The ID document type used. C: Crew member I: Identity card P: Passport V: Visa
|
| Issuing country | issuing_country | issuingcountry | The country that issued the ID document return using the ICAO three-letter country code. |
| Interpreted issuing country | interpreted_issuing_country | interpretedissuingcountry | An interpreted version of the issuing country. Example: Norway Denmark |
| Document number | document_number | documentnumber | The document number. For a passport, this is the passport number. |
| Surname / family name | primary_identifier Requires scope=profile | primaryidentifier | This is the primary identifier in the ID document. It can be the family name, surname, maiden name. This may vary dependent on issuing state. |
| Given name | secondary_identifier Requires scope=profile | secondaryidentifier | This may be the given name or other name of the identified person. This may vary dependent on issuing state. |
| Nationality | nationality Requires scope=profile | nationality | The subject's nationality given as the ICAO three-letter country code. |
| Interpreted nationality | interpreted_nationality Requires scope=profile | interpretednationality | An interpreted version of the nationality. Example: Sweden Finland |
| Date of birth | birthdate Requires scope=profile | DOB | The subject's date of birth. Format: DD.MM.YYYY |
| Personal number | personal_number Requires scope=ssn | personalnumber | The personal number as it is given in the ID document. |
| Gender | gender Requires scope=profile | gender | The subject's gender. Format: [FEMALE | MALE] |
| Date of expiry | date_of_expiry | dateofexpiry | The ID document's date of expiry. Format: DD.MM.YYYY |
| Name | name Requires scope=profile | fullname | The name of the ID document holder as it is given in the ID document. |
| Place of birth | place_of_birth Requires scope=profile | placeofbirth | The subject's place of birth. Returned if it can be read from the NFC chip. |
| Face match level | facematch_level | facematchlevel
| A face match level given on levels from 0-8.
See the face match levels below.
|
Face match levels
Face match levels are given from 0-9 with a FRR <1%
- FaceTec Match Level 9 - 1/1 200 000 FAR
- FaceTec Match Level 8 - 1/1 000 000 FAR
- FaceTec Match Level 7 - 1/500 000 FAR
- FaceTec Match Level 6 - 1/100 000 FAR
- FaceTec Match Level 5 - 1/10 000 FAR
- FaceTec Match Level 4 - 1/1 000 FAR
- FaceTec Match Level 3 - 1/500 FAR
- FaceTec Match Level 2 - 1/250 FAR
- FaceTec Match Level 1 - 1/100 FAR
- FaceTec Match Level 0 - Non-match
FAR is False Acceptance Ratio.
User experience
Step 1 - in browser (download app):
Step 2 - in browser (activation code):
Steps in app:
Nets Passport Reader logo
If needed, the Nets Passport Reader logo can be downloaded
here.
Authentication files
After successful authentication with the Passport Reader, a merchant can also retrieve/download authentications files for reference or archive purposes. The downloaded files can either be in PNG (photo images), or PDF (photo and authentication attributes). To retrieve authentication files, you need to
request for access to the service.
How to retrieve files
The samples provided here are
curl commands, but the same can be accomplished in any programming language.
$ curl -X POST
-H "Content-Type: application/json"
-H "Authorization: Basic <credentials>"
-d @<json-retrieve-pdf.txt>
<auth-file-url>
where:
<credentials> - Basic Auth credentials provided by Nets support
<json-retrieve-pdf.txt> - JSON file with auth file instructions/configuration
<auth-file-url> - authentication file URL returned in the SAML assertion/OIDC claims
While the credentials and the URL are provided by E-Ident, the JSON configuration file is created by the merchant. The following section describes the file structure.
JSON config file
{
"params": {
// Request config parameters
},
"addendum": {
// Custom attributes
},
"metadata": {
// Metadata attributes
}
}
Request config parameters
JSON config parameters are used to configure the auth files operation. Known config parameters are:
| type | MIME type of file to download. | Required. One of: "application/pdf" or "image/png" |
For type = image/png, the following parameter must be provided
| source | Photo source | One of:
document or selfie |
For type = application/pdf, the following parameters may be provided
include-photos
| Set to true when the photos shall be included.
| [true | false]
|
source
| Photo source
| One of: document or selfie
|
pagesize
| Content page size (a4, letter)
| [a4 | letter]
|
locale
| Language code for PDF content | Possible values: [nb-NO,
nn-NO,
en-GB,
da-DK,
sv-SE,
fi-FI,
sv-FI] |
| user-password | PDF file user password | Do not use/not usable if parameter “generate-pades” is set to true
|
owner-password
| PDF file owner password | Do not use/not usable if parameter “generate-pades” is set to true
|
| pdf-a-mode | PDF/A profile compliance mode. PDF/A-1a, PDF/A-1b, ... | [PDF/A-1a | PDF/A-1b | PDF/A-2 | PDF/A-3] |
All JSON attributes and values are strings and must be provided with enclosing double quotes. Sample JSON configuration file:
{
"params": {
"type": "application/pdf",
"pagesize": "A4",
"locale": "fi-FI",
"pdf-a-mode": "PDF/A-1b",
"generate-pades": "true"
}
}
Privacy Statement (in-app for the end user)
Nets has developed the Nets Passport Reader app to be used for remote authentication where you in a simple, fast and secure way can prove your identity online.
Nets has implemented technical and organizational security measures, incl. the use of encryption, to secure your personal data against unauthorized or accidental loss, alteration, disclosure and access.
INFORMATION ABOUT NETS’ PROCESSING OF YOUR PERSONAL DATA:
Nets is acting as Data Controller in relation to the processing of your personal data in the Nets Passport Reader app solution following your agreement with the company or bank requesting you to use the Nets Passport Reader app.
Data Controller:
Nets Denmark A/S (Nets)
Klausdalsbrovej 601
2750 Ballerup
Denmark
CVR: 20016175
DPO contact information:
Nets has appointed a Data Protection Officer who can be contacted at
dpo@nets.eu
Please note that the authority/company or bank you entered into agreement with is acting as Data Controller for the processing of your personal data in the respective authority/company or in the bank.
PERSONAL DATA NEEDED FOR USE OF NETS PASSPORT READER APP SOLUTION
Processing of your personal data in Nets Passport Reader app include all data resulting from the following performed actions:
ACTIVATION CODE OR QR CODE:
• The Nets Passport Reader app needs to know the activation code or QR code you have received from the company or bank webpage, where you initially logged into for authentication or signing purposes
• If you don’t have a valid activation code, please contact the company or bank requesting you to use Nets Passport Reader
SCAN OF MACHINE-READABLE ID DOCUMENT (PASSPORT, RESIDENCE CARD, OR DRIVING LICENSE):
• Name
• Date of birth
• Nationality
• Gender
• Document number
• 2D picture
• National identification number
Processed data is limited to necessary data according to authentication or signing purpose.
PHOTO:
• Biometric data
• Liveness data (as a result of face recognition)
PURPOSE OF PROCESSING PERSONAL DATA IN NETS PASSPORT READER APP SOLUTION
AUTHENTICATION OR SIGNING PURPOSES (your personal data is processed for the purpose as specified and agreed with the authority, company or bank, where you originally logged into for authentication or signing purposes).
LEGAL BASIS FOR PROCESSING OF PERSONAL DATA IN NETS PASSPORT READER APP
• GDPR Article 6.1.b (necessary for the performance of the agreement between you and the authority, company or bank who directed you to use Nets Passport Reader app)
• GDPR Article 6.1.c (necessary for Nets to comply with a legal obligation)
• GDPR Article 9.2.a (Explicit consent: processing of biometric data and national identification number)
SOURCE
The personal data Nets is processing about you directly, is the personal data that you are providing by means of using the Nets Passport Reader app.
TRANSFER OF PERSONAL DATA TO THIRD PARTIES
Nets is only processing your personal data in the Nets Passport Reader app.
The authority, company or bank who directed you to use the Nets Passport Reader app, will be receiving the result of your identification or signing but not the actual data used in the Nets Passport Reader app.
In addition, Nets is using the following software provider as data processor:
• InnoValor Software B.V., a private limited liability company, having its registered office at Moutlaan 32, (7523 MD) Enschede, the Netherlands, registered at the Trade Register of the Chamber of Commerce under number 64870596.
STORAGE AND DELETION IN NETS PASSPORT READER APP SOLUTION
• Your personal data received from your mobile device is immediately stored and discarded from computer memory
• Your personal data (including biometric data) is stored in the Nets Passport Reader app solution for max 90 days unless law requirements are requiring the Data Controller to keep personal data for longer retention periods
• Liveness data as a result from your face scan is only valid for a few minutes and then deleted from the Nets Passport Reader app solution
• Your personal data is stored in Europe
YOUR RIGHTS
You have the following rights, that you can request in respect of information about you that we hold:
• request us to give you access to the personal data, Nets is processing about you
• request us to rectify your personal data, update your personal data or erase your personal data
• request us to restrict our using of your personal data
• object to our usage of your personal data
• withdraw your consent in relation to any processing relying solely on consent
• data portability for such information collected directly from you and based on contract or consent
You can take steps to exercise your rights by contacting Nets at
support.esecurity@nets.eu or directly on our data subject rights portal at
https://www.nets.eu/gdpr/dsr/Pages/request.aspx
Questions or complaints
If you have any questions or queries to the processing of your personal data in the Nets Passport Reader app, you are most welcome to contact either
support.esecurity@nets.eu or our Nets DPO at:
dpo@nets.eu
You are also entitled to complain to the local data protection authority in your local country regarding our processing of your personal data if you believe it is not being processed in accordance with applicable rules.
You can find the contact details of the data protection agency in your local country on their local website.
For more questions regarding the processing of your personal data related to your agreement on authentication or signing please contact the authority, company or bank that is using the Nets Passport Reader app to prove your identity.
YES, I have READ the Nets Passport Reader app Privacy Statement and I ACCEPT the processing of my personal data, incl. my photo solely for facial recognition purposes, in accordance with the Nets Passport.
