Data and consent for Norwegian BankID
Basic user information, full name, and date of birth are always made available. Additional data may be requested and is released with explicit user consent only.
|Date of birth||Always||Yes|
|SSN (“fødselsnummer” in Norwegian)||User consent||Yes|
|Address||With user consent||No|
|With user consent||No|
|Phone number||With user consent||No|
Access to the SSN is governed by Norwegian law, as described in the Ordering Norwegian BankID guide.
The unverified data are supplied by end-users and not verified by Vipps or the Norwegian banks.
End-users must explicitly grant consent to releasing the data to you.
The consent model is enforced by Vipps (operator of BankID), and they also provide the consent and data collection dialogs.
Forced and optional consent
If you request SSN, it will be treated as a required value. End users will not be allowed to complete a login until they have explicitly given their consent to release SSN.
All other additional data are treated as optional values. A login may complete even if the user does not consent to release the requested data.
You can use the Criipto Verify management dashboard manage.criipto.id to configure access to the optional user data, in the Identity Sources -> NO BankID section.