🏠 Overview 🧩 Components 🧩 Personnummer Confirmation Widget

Personnummer Confirmation Widget

Component Detail

User Interface low complexity mobile
1
Dependencies
0
Dependents
0
Entities
2
Integrations

Description

Inline widget shown after a successful Vipps login that informs the user that their national identity number has been retrieved and shared with their organization's membership system. Displays masked personnummer and a confirmation action.

Feature: BankID and Vipps Login

personnummer-confirmation-widget

Summaries

The Personnummer Confirmation Widget is a compliance and trust-building touchpoint that ensures users are explicitly informed when their national identity number has been retrieved and shared with the membership system following a Vipps login. This transparency is not only a legal requirement under Norwegian privacy regulations, but also a significant trust signal that differentiates the platform from less transparent alternatives. By displaying a masked personnummer and linking to the privacy policy, the organization demonstrates responsible data handling, reducing the risk of regulatory complaints and building long-term user confidence. Explicit user acknowledgment before proceeding also provides an auditable consent record.

This widget is low complexity with a single dependency on vipps-auth-service, making it a fast-track deliverable once Vipps authentication is functional. Development effort is minimal — the primary concern is legal and copy review: the confirmation message and privacy policy link text must be approved by legal or compliance stakeholders before release, which can become a scheduling bottleneck if not initiated early. The maskPersonnummer(String raw) utility should be unit-tested with edge cases (short inputs, non-numeric characters) to prevent display errors. Deployment requires the privacy policy URL to be finalized and stable.

This widget should be treated as a compliance gate — the Vipps login flow must not proceed to the membership system without it rendering successfully.

This stateless inline widget integrates directly into the Vipps post-authentication flow and depends solely on vipps-auth-service to supply the raw personnummer string. The maskPersonnummer(String raw) method should apply a consistent masking pattern (e.g., exposing only the last 4 digits) and must handle null or malformed input gracefully without crashing the widget tree. onConfirmed() signals downstream navigation to proceed with membership system registration, while onDeclined() should trigger session cleanup and return the user to the login entry point. The widget references the User data model, so any changes to how personnummer is stored or surfaced from that model will require updates here.

Keep this widget purely presentational — no business logic beyond masking and acknowledgment routing — to simplify future compliance-driven copy changes.

Responsibilities

  • Display masked personnummer to confirm successful retrieval
  • Obtain user acknowledgment before proceeding
  • Link to privacy policy explaining personnummer usage

Interfaces

build(BuildContext)
onConfirmed()
onDeclined()
maskPersonnummer(String raw)

Relationships

Dependencies (1)

Components this component depends on

service Vipps Authentication Service

Used Integrations (2)

External integrations and APIs this component relies on

BankID OIDC / REST API API Vipps Login API API