[iDIN](🔗) is a service by the banks, that allows customers to identify themselves with websites, using the same secure methods as their own bank uses. It is similar to the iDEAL system in how it works and operates.

In addition to identification, it can also provide the connecting website with information about name, address and age of the consumer, if the consumer agrees to provide these.

CM provides a simple API to integrate these options into your website.

## How does it work ?

  • The merchant asks the customer to select his bank

  • Start the request for authentication/information

  • The customer is redirected to this bank

  • The customer logs into his bank and approves the transaction

  • The bank sends the customer back to the merchants (your) landing page

  • The merchant rejoins the customer to his session and retrieves the transaction.

  • You check with the CM iDIN system if the transaction was successful and receive the requested customer information.

If you are curious about how your consumers would be using iDIN, then you can experiment with CM's [iDIN demonstration](🔗).

## Usage

The iDIN system allows you to service several use cases

  • Checking if someone is known with a bank.

    • To see if the user is a legal entity known to a bank

    • To be able to trace the user in case of fraud.

  • Being guaranteed that this is always the same person. For instance:

    • To log a user into your system

    • To avoid people registering multiple (fake) accounts in your system.

  • To check if a user is above a certain age limit

  • Retrieving name, address and age information of that person.

    • You should always allow the user to override or change this information, because it is not guaranteed that the information is always correct or complete (someone could have moved but not yet have informed his bank).

    • Match this against your own information and trigger audit signals

What you should not do:

  • Matching an account in your system on the basis of name/address attributes, instead:

    • Either create a new account after user identified with iDIN

    • or have the user log into your system before coupling with an iDIN identity

## Integration

Using the credentials provided , you initially have access to dummy data only via our API. The credentials provided by CM are confidential and should not be distributed further. If you have not yet received any credentials, you can request them via [this link](🔗).

Before starting integration of iDIN into your services, we advise you to read our [Merchant Implementation Guide](🔗) ([Dutch](🔗)). In order to gain access to consumer data, you need to pass the criteria as listed in this merchant implementation guide.

Note that because of **bank regulations**, you also need a contract with CM and you need to pass CM's business compliance check. This process can take** anywhere from a day up to a week**, depending on how many other customers need to pass our compliance criteria at any given time. You should therefore get this administrative process started with your CM account manager, well before you want to receive consumer data and before you plan your 'go live' moment.

### Disputes

In case of any future disputes, be sure to store received Transaction IDs and BINs.

If in the future, a user denies having proved their identity with iDIN, the Transaction ID and BIN may be used to verify their statement. This is so we can prove the person performed an iDIN transaction.

### Visual style

There is a [visual style](🔗) that you are required to follow when using the iDIN brand. The logo's for iDIN can be downloaded [here](🔗).

### Questions

If you need technical assistance, please contact [[email protected]](🔗)