🏠 Overview 🎯 Features 🎯 BankID and Vipps Login

BankID and Vipps Login

Feature Detail

high complexity extracted Authentication & Access Control Confidence: 100%
11
Components
198
Shared
24
User Stories
Yes
Analyzed

Description

Integration of Norwegian national identity verification (BankID) and Vipps as authentication methods. All four organizations identified this as a MUST HAVE feature, with biometric login (Face ID / fingerprint) as the follow-up session authentication after first-time verification. This is planned for Phase 2. A key side effect of Vipps login is that it can return the user's national identity number (personnummer) back to the organization's membership system, filling a significant data gap that currently affects all organizations. Cost of Vipps integration (350–750 NOK/month) is to be distributed across participating organizations.

Analysis

Business Value

Increases trust and reduces friction for onboarding. The Vipps personnummer return solves a critical membership data quality problem for all organizations. BankID provides legally-recognized identity verification suitable for handling sensitive personal data.

Implementation Notes

Requires Vipps Login API integration and BankID provider. After first-time BankID/Vipps auth, subsequent sessions use biometric (local_auth package on Flutter). Token management via Supabase session. Coordinate with Norse Digital Products on shared Vipps cost model across orgs.

Components (209)

User Interface (5)

ui Authentication Method Selector Screen low ui BankID Authentication Screen high ui Biometric Authentication Screen medium ui Personnummer Confirmation Widget low ui Vipps Authentication Screen medium

Service Layer (2)

service BankID Authentication Service high service Vipps Authentication Service high

Data Layer (1)

data User Identity Repository medium

Infrastructure (3)

infrastructure BankID Provider Client high infrastructure Vipps API Client medium infrastructure Vipps Organization Cost Configuration low

Shared Components

These components are reused across multiple features

User Interface (59)

ui Role Switch Widget medium Shared ui Role-Aware Bottom Navigation medium Shared ui Activity Type Selection Screen low Shared ui Speech-to-Text Field Overlay medium Shared ui Receipt Capture Widget medium Shared ui Peer Mentor Single Selector low Shared ui Proxy Audit Badge Widget low Shared ui Export Period Picker low Shared ui Contact Card Widget low Shared ui Contact Search Bar low Shared ui Peer Mentor Card Widget low Shared ui Activity History List low Shared ui Multi-Chapter Affiliation Chip Widget medium Shared ui Certification Status Badge low Shared ui Duplicate Activity Warning Dialog medium Shared ui Mentor Multi-Select Widget medium Shared ui Map Filter Panel medium Shared ui Claim Status Badge low Shared ui Export Date Range Picker low Shared ui Custom Date Range Picker low Shared ui Duplicate Activity Warning Dialog low Shared ui Proxy Activity Form medium Shared ui Proxy Peer Mentor Selector medium Shared ui Expected Return Date Picker low Shared ui Pause Activation Screen low Shared ui Pause Status Indicator low Shared ui Admin KPI Stat Widget low Shared ui Organisation Hierarchy Navigator high Shared ui Bufdir Period Selector Widget low Shared ui Export History List medium Shared ui Activity Type Donut Chart medium Shared ui Monthly Activity Bar Chart medium Shared ui Statistics Period Filter Bar low Shared ui Statistics Summary Cards low Shared ui Notification Badge Widget low Shared ui Certificate Expiry Status Indicator low Shared ui Animated Stat Card Widget medium Shared ui In-App Notification Banner low Shared ui Accessible Modal Sheet Widget high Shared ui Live Region Announcer medium Shared ui Semantics Wrapper Widget medium Shared ui Sensitive Field Warning Dialog high Shared ui Confirm Before Submit Screen medium Shared ui Inline Contextual Help Widget low Shared ui Labelled Navigation Bar low Shared ui Plain Language Error Display low Shared ui Single-Action Screen Layout medium Shared ui Wizard Progress Indicator low Shared ui Accessible Text Style System medium Shared ui Accessible Touch Target Wrapper low Shared ui Contrast-Safe Color Palette Widget medium Shared ui Accessible Bottom Navigation Bar medium Shared ui Modal Close Button low Shared ui Persistent Back Button low Shared ui Vertical Scroll Container low Shared ui Organization Card Widget low Shared ui Terminology-Aware Text Widget low Shared ui FeatureGate Widget low Shared ui Chapter Switcher medium Shared

Service Layer (52)

service Authentication Service medium Shared service Authentication Session Manager medium Shared service Biometric Authentication Service medium Shared service Biometric Authentication Service medium Shared service Biometric Authentication Service medium Shared service Permission Checker Service medium Shared service Role State Manager medium Shared service No-Access Route Guard low Shared service Activity Type Metadata Resolver low Shared service Chapter Scope Resolver medium Shared service Organisation Hierarchy Resolver medium Shared service Coordinator Notification Service medium Shared service Duplicate Activity Detection Service high Shared service Mentor Filter Service low Shared service Receipt Threshold Validator low Shared service Approval Status Notification Service medium Shared service Threshold Evaluation Service medium Shared service Declaration Encryption Service high Shared service Organization Feature Flag Service low Shared service Participant Deduplication Service high Shared service Reporting Period Service medium Shared service Activity Attribution Service low Shared service Proxy Duplicate Detection Service medium Shared service Pause Management Service medium Shared service Pause Notification Service medium Shared service Admin Export Service medium Shared service Admin Row-Level Security Guard high Shared service Organisation Hierarchy Service high Shared service User Management Service high Shared service Role Access Validator low Shared service Peer Mentor Stats Aggregator medium Shared service Push Notification Dispatcher medium Shared service Notification Preference Service low Shared service Scenario Deep-Link Router medium Shared service Scenario Notification Content Builder medium Shared service Badge Criteria Integration medium Shared service Activity Summary Aggregator low Shared service Focus Management Service medium Shared service Screen Reader Detection Service medium Shared service Sensitive Field Privacy Guard high Shared service Plain Language Content Service medium Shared service Wizard State Manager medium Shared service Tab State Manager medium Shared service Organization Route Guard medium Shared service Tenant Context Service high Shared service Label Key Resolver Service low Shared service Organization Labels Notifier medium Shared service FeatureFlagProvider (Riverpod) medium Shared service Access Scope Service high Shared service Hierarchy Aggregation Service high Shared service Hierarchy Service high Shared service Unit Assignment Service medium Shared

Data Layer (33)

data Authentication Repository low Shared data Auth Token Store low Shared data Secure Session Storage low Shared data Activity Type Cache Provider medium Shared data Receipt Storage Adapter medium Shared data Proxy Contact List Provider low Shared data Contact Repository medium Shared data Contact Detail Repository medium Shared data Peer Mentor Repository low Shared data Mentor Status Repository low Shared data Contact Chapter Repository medium Shared data Contact Cache Sync Repository low Shared data Organisation Rate Configuration Repository low Shared data Multi-Organization Data Isolator medium Shared data Bufdir Aggregation Repository low Shared data Report File Storage Client low Shared data Certification Status Repository low Shared data Peer Mentor Status Repository medium Shared data Statistics Cache Manager low Shared data In-App Notification Repository low Shared data Pause Status Record Repository low Shared data Activity Aggregation Repository medium Shared data Notification Preferences Repository low Shared data Scenario Notification Repository medium Shared data Sensitive Field Configuration low Shared data Error Message Registry low Shared data Help Content Registry low Shared data Wizard Draft Repository low Shared data Design Token Provider medium Shared data Organization Repository medium Shared data Terminology Local Cache Adapter low Shared data Organization Unit Repository high Shared data Unit Assignment Repository medium Shared

Infrastructure (54)

infrastructure Keyboard-Aware Layout Utility low Shared infrastructure Supabase Auth Client low Shared infrastructure Deep Link / OAuth Redirect Handler medium Shared infrastructure Secure Storage Adapter low Shared infrastructure Supabase Session Manager medium Shared infrastructure URL Launcher Utility low Shared infrastructure Local Storage Adapter low Shared infrastructure Supabase Activity Client low Shared infrastructure Organization Labels Provider low Shared infrastructure Supabase Client low Shared infrastructure Organisation Field Config Loader medium Shared infrastructure Speech-to-Text Adapter medium Shared infrastructure File Download Handler low Shared infrastructure Duplicate Reviewed Flag Middleware low Shared infrastructure Contact RLS Query Builder low Shared infrastructure Contact Form Validator low Shared infrastructure Design Token Theme low Shared infrastructure Organization Labels Provider low Shared infrastructure Supabase Client Provider low Shared infrastructure Search Debounce Utility low Shared infrastructure Expense Type Analytics Tracker low Shared infrastructure Receipt Image Picker Integration low Shared infrastructure CSV / JSON File Generator medium Shared infrastructure Coordinator Role Guard low Shared infrastructure Nightly Job Scheduler medium Shared infrastructure Supabase RLS Policy Configuration high Shared infrastructure Export File Storage Adapter low Shared infrastructure Supabase Storage Adapter low Shared infrastructure Peer Mentor Pause Management Service medium Shared infrastructure Push Notification Service medium Shared infrastructure fl_chart Adapter medium Shared infrastructure Push Notification Service low Shared infrastructure FCM Push Notification Sender medium Shared infrastructure FCM Notification Dispatcher medium Shared infrastructure Push Notification Dispatcher medium Shared infrastructure Supabase Realtime Subscription Service medium Shared infrastructure Organisation Data Isolation Guard low Shared infrastructure Push Notification Dispatcher medium Shared infrastructure Deep Link Handler medium Shared infrastructure QR Code Generator low Shared infrastructure Share Sheet Bridge low Shared infrastructure Semantics Service Facade medium Shared infrastructure Accessibility Design Token Enforcer medium Shared infrastructure Accessible Theme Builder medium Shared infrastructure Navigation Route Configuration medium Shared infrastructure Accessibility Live Region Announcer low Shared infrastructure Feature Flag Provider low Shared infrastructure Secure Storage Adapter low Shared infrastructure Supabase RLS Tenant Scope Configurator medium Shared infrastructure Label Key Registry low Shared infrastructure Terminology Riverpod Providers low Shared infrastructure WCAG Semantics Label Resolver low Shared infrastructure Feature Flag Key Constants low Shared infrastructure RLS Policy Manager high Shared

User Stories (24)

Confirm Personnummer Sharing After Vipps Login
high 3 pts

As a As a Peer Mentor (Likeperson)

I want to be clearly informed when my national ID number (personnummer) will be shared with my organization

So that I can give informed consent before my sensitive personal data is stored and linked to my member record

Acceptance Criteria
  • Given Vipps Login succeeds and returns a personnummer, When the response is processed, Then the personnummer confirmation widget is shown before any data is stored
  • Given the confirmation widget is shown, When I review the information, Then I can see exactly what data (personnummer) will be stored and which organization it will be linked to
  • Given I confirm sharing, When I tap the confirm button, Then the personnummer is stored securely and I am navigated to the role-based home screen
  • +2 more
View Full Story →
Log Out and Clear Session Securely
high 3 pts

As a As a Peer Mentor (Likeperson)

I want to log out of the app and have my session and locally stored credentials cleared

So that my account cannot be accessed by someone else who picks up my device

Acceptance Criteria
  • Given I am logged in and navigate to Settings, When I tap the logout option, Then a confirmation dialog is shown before proceeding
  • Given I confirm logout, When the logout process runs, Then the auth session manager invalidates my Supabase session server-side
  • Given logout completes, When I am redirected, Then I arrive at the auth method selector screen with no residual session state
  • +3 more
View Full Story →
Resume Session Without Re-authentication
high 5 pts

As a As a Peer Mentor (Likeperson)

I want to return to the app and have my session automatically resumed if I was recently active

So that I can pick up where I left off without being interrupted by login screens during normal daily use

Acceptance Criteria
  • Given I have an active session and reopen the app within the session window, When the app initializes, Then I am taken directly to my home screen without any login prompt
  • Given my session token has expired, When the app initializes, Then the biometric prompt is shown to re-authenticate
  • Given biometric authentication succeeds on session resume, When verification completes, Then a new Supabase session is established and I am taken to my home screen
  • +2 more
View Full Story →
Confirm Personnummer Sharing After Vipps Login
high 3 pts

As a As a Coordinator

I want to be clearly informed when my national ID number (personnummer) will be shared with my organization

So that I can give informed consent before my sensitive personal data is stored and linked to my member record

Acceptance Criteria
  • Given Vipps Login succeeds and returns a personnummer, When the response is processed, Then the personnummer confirmation widget is shown before any data is stored
  • Given the confirmation widget is shown, When I review the information, Then I can see exactly what data (personnummer) will be stored and which organization it will be linked to
  • Given I confirm sharing, When I tap the confirm button, Then the personnummer is stored securely and I am navigated to the role-based home screen
  • +2 more
View Full Story →
Log Out and Clear Session Securely
high 3 pts

As a As a Coordinator

I want to log out of the app and have my session and locally stored credentials cleared

So that my account cannot be accessed by someone else who picks up my device

Acceptance Criteria
  • Given I am logged in and navigate to Settings, When I tap the logout option, Then a confirmation dialog is shown before proceeding
  • Given I confirm logout, When the logout process runs, Then the auth session manager invalidates my Supabase session server-side
  • Given logout completes, When I am redirected, Then I arrive at the auth method selector screen with no residual session state
  • +3 more
View Full Story →
Resume Session Without Re-authentication
high 5 pts

As a As a Coordinator

I want to return to the app and have my session automatically resumed if I was recently active

So that I can pick up where I left off without being interrupted by login screens during normal daily use

Acceptance Criteria
  • Given I have an active session and reopen the app within the session window, When the app initializes, Then I am taken directly to my home screen without any login prompt
  • Given my session token has expired, When the app initializes, Then the biometric prompt is shown to re-authenticate
  • Given biometric authentication succeeds on session resume, When verification completes, Then a new Supabase session is established and I am taken to my home screen
  • +2 more
View Full Story →
Confirm Personnummer Sharing After Vipps Login
high 3 pts

As a As a Organization Administrator

I want to be clearly informed when my national ID number (personnummer) will be shared with my organization

So that I can give informed consent before my sensitive personal data is stored and linked to my member record

Acceptance Criteria
  • Given Vipps Login succeeds and returns a personnummer, When the response is processed, Then the personnummer confirmation widget is shown before any data is stored
  • Given the confirmation widget is shown, When I review the information, Then I can see exactly what data (personnummer) will be stored and which organization it will be linked to
  • Given I confirm sharing, When I tap the confirm button, Then the personnummer is stored securely and I am navigated to the role-based home screen
  • +2 more
View Full Story →
Log Out and Clear Session Securely
high 3 pts

As a As a Organization Administrator

I want to log out of the app and have my session and locally stored credentials cleared

So that my account cannot be accessed by someone else who picks up my device

Acceptance Criteria
  • Given I am logged in and navigate to Settings, When I tap the logout option, Then a confirmation dialog is shown before proceeding
  • Given I confirm logout, When the logout process runs, Then the auth session manager invalidates my Supabase session server-side
  • Given logout completes, When I am redirected, Then I arrive at the auth method selector screen with no residual session state
  • +3 more
View Full Story →
Resume Session Without Re-authentication
high 5 pts

As a As a Organization Administrator

I want to return to the app and have my session automatically resumed if I was recently active

So that I can pick up where I left off without being interrupted by login screens during normal daily use

Acceptance Criteria
  • Given I have an active session and reopen the app within the session window, When the app initializes, Then I am taken directly to my home screen without any login prompt
  • Given my session token has expired, When the app initializes, Then the biometric prompt is shown to re-authenticate
  • Given biometric authentication succeeds on session resume, When verification completes, Then a new Supabase session is established and I am taken to my home screen
  • +2 more
View Full Story →
Select Authentication Method on First Login
critical 5 pts

As a As a Peer Mentor (Likeperson)

I want to choose between BankID and Vipps when logging in for the first time

So that I can authenticate using the Norwegian digital identity provider I am most comfortable with

Acceptance Criteria
  • Given I open the app for the first time, When the authentication screen loads, Then I see clearly labeled options for BankID and Vipps with recognizable logos and brief explanations
  • Given I am on the authentication method selector, When I tap BankID, Then I am navigated to the BankID authentication screen
  • Given I am on the authentication method selector, When I tap Vipps, Then I am navigated to the Vipps authentication screen
  • +2 more
View Full Story →
View and Understand Authentication Method Options with Accessible UI
critical 5 pts

As a As a Peer Mentor (Likeperson)

I want the authentication screen to be fully accessible with screen reader support and clear visual contrast

So that I can log in independently regardless of whether I have visual, motor, or cognitive impairments

Acceptance Criteria
  • Given I am using VoiceOver, When I navigate to the auth method selector screen, Then each button is announced with its label, role, and a brief description of what it does
  • Given I am using dynamic text size set to large, When the auth screens render, Then all text scales appropriately without truncation or overlap
  • Given I inspect the authentication screens, When I run a contrast ratio check, Then all text and interactive elements meet WCAG 2.2 AA minimum contrast ratios (4.5:1 for normal text, 3:1 for large text)
  • +3 more
View Full Story →
Authenticate Using BankID
critical 8 pts

As a As a Peer Mentor (Likeperson)

I want to log in using my BankID credentials

So that my identity is verified to the same high standard required by Norwegian financial and government services

Acceptance Criteria
  • Given I have selected BankID on the auth method selector, When the BankID screen loads, Then the BankID provider client initiates an authentication session
  • Given BankID authentication is in progress, When I complete the BankID flow in the BankID app or via one-time code, Then the deep link handler receives the callback and the app resumes the session
  • Given BankID authentication succeeds, When the callback is processed, Then I am navigated to the role-based home screen without additional steps
  • +2 more
View Full Story →
Authenticate Using Vipps
critical 8 pts

As a As a Peer Mentor (Likeperson)

I want to log in using Vipps Login

So that I can authenticate quickly with an app most Norwegians already have installed, and optionally share my personnummer with my organization

Acceptance Criteria
  • Given I have selected Vipps on the auth method selector, When the Vipps screen loads, Then the Vipps API client initiates a login session and opens the Vipps app or authorization URL
  • Given the Vipps login flow is in progress in the Vipps app, When I approve the login request, Then the deep link handler receives the Vipps callback and returns me to the peer mentor app
  • Given Vipps login succeeds and personnummer is available in the response, When the identity is received, Then the personnummer confirmation widget is displayed asking for acknowledgment before storing
  • +3 more
View Full Story →
Enable Biometric Login After Initial BankID/Vipps Authentication
critical 8 pts

As a As a Peer Mentor (Likeperson)

I want to enable Face ID or fingerprint login after my first BankID or Vipps authentication

So that subsequent logins are fast and frictionless while maintaining the security of my initial identity verification

Acceptance Criteria
  • Given I have just completed BankID or Vipps login for the first time, When authentication succeeds, Then I am offered the option to enable biometric login with a clear explanation
  • Given I opt in to biometric login, When I confirm, Then the biometric auth service registers my biometric preference and stores my session token securely
  • Given biometric login is enabled, When I open the app on subsequent sessions, Then the biometric prompt overlay is shown immediately instead of the auth method selector
  • +3 more
View Full Story →
Select Authentication Method on First Login
critical 5 pts

As a As a Coordinator

I want to choose between BankID and Vipps when logging in for the first time

So that I can authenticate using the Norwegian digital identity provider I am most comfortable with

Acceptance Criteria
  • Given I open the app for the first time, When the authentication screen loads, Then I see clearly labeled options for BankID and Vipps with recognizable logos and brief explanations
  • Given I am on the authentication method selector, When I tap BankID, Then I am navigated to the BankID authentication screen
  • Given I am on the authentication method selector, When I tap Vipps, Then I am navigated to the Vipps authentication screen
  • +2 more
View Full Story →
View and Understand Authentication Method Options with Accessible UI
critical 5 pts

As a As a Coordinator

I want the authentication screen to be fully accessible with screen reader support and clear visual contrast

So that I can log in independently regardless of whether I have visual, motor, or cognitive impairments

Acceptance Criteria
  • Given I am using VoiceOver, When I navigate to the auth method selector screen, Then each button is announced with its label, role, and a brief description of what it does
  • Given I am using dynamic text size set to large, When the auth screens render, Then all text scales appropriately without truncation or overlap
  • Given I inspect the authentication screens, When I run a contrast ratio check, Then all text and interactive elements meet WCAG 2.2 AA minimum contrast ratios (4.5:1 for normal text, 3:1 for large text)
  • +3 more
View Full Story →
Authenticate Using BankID
critical 8 pts

As a As a Coordinator

I want to log in using my BankID credentials

So that my identity is verified to the same high standard required by Norwegian financial and government services

Acceptance Criteria
  • Given I have selected BankID on the auth method selector, When the BankID screen loads, Then the BankID provider client initiates an authentication session
  • Given BankID authentication is in progress, When I complete the BankID flow in the BankID app or via one-time code, Then the deep link handler receives the callback and the app resumes the session
  • Given BankID authentication succeeds, When the callback is processed, Then I am navigated to the role-based home screen without additional steps
  • +2 more
View Full Story →
Authenticate Using Vipps
critical 8 pts

As a As a Coordinator

I want to log in using Vipps Login

So that I can authenticate quickly with an app most Norwegians already have installed, and optionally share my personnummer with my organization

Acceptance Criteria
  • Given I have selected Vipps on the auth method selector, When the Vipps screen loads, Then the Vipps API client initiates a login session and opens the Vipps app or authorization URL
  • Given the Vipps login flow is in progress in the Vipps app, When I approve the login request, Then the deep link handler receives the Vipps callback and returns me to the peer mentor app
  • Given Vipps login succeeds and personnummer is available in the response, When the identity is received, Then the personnummer confirmation widget is displayed asking for acknowledgment before storing
  • +3 more
View Full Story →
Enable Biometric Login After Initial BankID/Vipps Authentication
critical 8 pts

As a As a Coordinator

I want to enable Face ID or fingerprint login after my first BankID or Vipps authentication

So that subsequent logins are fast and frictionless while maintaining the security of my initial identity verification

Acceptance Criteria
  • Given I have just completed BankID or Vipps login for the first time, When authentication succeeds, Then I am offered the option to enable biometric login with a clear explanation
  • Given I opt in to biometric login, When I confirm, Then the biometric auth service registers my biometric preference and stores my session token securely
  • Given biometric login is enabled, When I open the app on subsequent sessions, Then the biometric prompt overlay is shown immediately instead of the auth method selector
  • +3 more
View Full Story →
Select Authentication Method on First Login
critical 5 pts

As a As a Organization Administrator

I want to choose between BankID and Vipps when logging in for the first time

So that I can authenticate using the Norwegian digital identity provider I am most comfortable with

Acceptance Criteria
  • Given I open the app for the first time, When the authentication screen loads, Then I see clearly labeled options for BankID and Vipps with recognizable logos and brief explanations
  • Given I am on the authentication method selector, When I tap BankID, Then I am navigated to the BankID authentication screen
  • Given I am on the authentication method selector, When I tap Vipps, Then I am navigated to the Vipps authentication screen
  • +2 more
View Full Story →
View and Understand Authentication Method Options with Accessible UI
critical 5 pts

As a As a Organization Administrator

I want the authentication screen to be fully accessible with screen reader support and clear visual contrast

So that I can log in independently regardless of whether I have visual, motor, or cognitive impairments

Acceptance Criteria
  • Given I am using VoiceOver, When I navigate to the auth method selector screen, Then each button is announced with its label, role, and a brief description of what it does
  • Given I am using dynamic text size set to large, When the auth screens render, Then all text scales appropriately without truncation or overlap
  • Given I inspect the authentication screens, When I run a contrast ratio check, Then all text and interactive elements meet WCAG 2.2 AA minimum contrast ratios (4.5:1 for normal text, 3:1 for large text)
  • +3 more
View Full Story →
Authenticate Using BankID
critical 8 pts

As a As a Organization Administrator

I want to log in using my BankID credentials

So that my identity is verified to the same high standard required by Norwegian financial and government services

Acceptance Criteria
  • Given I have selected BankID on the auth method selector, When the BankID screen loads, Then the BankID provider client initiates an authentication session
  • Given BankID authentication is in progress, When I complete the BankID flow in the BankID app or via one-time code, Then the deep link handler receives the callback and the app resumes the session
  • Given BankID authentication succeeds, When the callback is processed, Then I am navigated to the role-based home screen without additional steps
  • +2 more
View Full Story →
Authenticate Using Vipps
critical 8 pts

As a As a Organization Administrator

I want to log in using Vipps Login

So that I can authenticate quickly with an app most Norwegians already have installed, and optionally share my personnummer with my organization

Acceptance Criteria
  • Given I have selected Vipps on the auth method selector, When the Vipps screen loads, Then the Vipps API client initiates a login session and opens the Vipps app or authorization URL
  • Given the Vipps login flow is in progress in the Vipps app, When I approve the login request, Then the deep link handler receives the Vipps callback and returns me to the peer mentor app
  • Given Vipps login succeeds and personnummer is available in the response, When the identity is received, Then the personnummer confirmation widget is displayed asking for acknowledgment before storing
  • +3 more
View Full Story →
Enable Biometric Login After Initial BankID/Vipps Authentication
critical 8 pts

As a As a Organization Administrator

I want to enable Face ID or fingerprint login after my first BankID or Vipps authentication

So that subsequent logins are fast and frictionless while maintaining the security of my initial identity verification

Acceptance Criteria
  • Given I have just completed BankID or Vipps login for the first time, When authentication succeeds, Then I am offered the option to enable biometric login with a clear explanation
  • Given I opt in to biometric login, When I confirm, Then the biometric auth service registers my biometric preference and stores my session token securely
  • Given biometric login is enabled, When I open the app on subsequent sessions, Then the biometric prompt overlay is shown immediately instead of the auth method selector
  • +3 more
View Full Story →