FED-LOGIN - totally smartcardless
(For external employees e.g. Mobile VDI users without smartcard equipment)

[H]Internal/external employees who have a Federal Administration smartcard, please read: FED-LOGIN - Access App registration

Important note for Smartcartless users who have registered the Mobile ID.
×
If you have already successfully completed the "FED-LOGIN totally smartcardless-Upgrade" process with the Mobile ID, you can continue to use it. However, it is no longer possible to re-register the Mobile ID (e.g. when changing the SIM card). As part of the passwordless strategy, in this case you must re-register for "totally Smartcardless" using the FED-LOGIN Access app. Prior to this your FED-LOGIN account must be reset by your support organisation.

Background

External employees of the Federal Administration who are registered via HR processes of the Federal Administration (usually with an X account) and do not have a federal smartcard cannot access federal resources that require strong authentication, such as GEVER. Unless they upgrade their FED-LOGIN account - totally smartcardless - in Self-Service as described below.

Why is the quality of my FED-LOGIN identity not high enough?
×
Users who are equipped with a Federal Administration smartcard have a very high-quality means of proof of identity. At the same time, when the smartcard is issued, the user's identity is clearly established by means of a high-quality process that requires personal presence and the presentation of an official identity document. Neither is the case for users without a smartcard.

When should I carry out the "totally smartcardless" process?
×
Only carry out the process if you are NOT equipped with a Federal Administration smartcard and are not due to be equipped with a smartcard in the near future. If you are not sure whether you will be equipped with a smart card, please contact your organisation.

What happens in the "totally smartcardless" process?
×
With the implementation of "totally smartcardless" you can upgrade the quality of your FED-LOGIN identity. By going through a video identification process (also called VIPS in the following) and at the same time registering a strong means of authentication with the FED-LOGIN Access App. The requirements and the process are described here.

What happens if I am subsequently issued with a smart card after all?
×
In this case, your FED-LOGIN account will be set to "DISABLED" status and the credentials of the "FED-LOGIN Access App" will be deleted. You will receive an e-mail message about the mutation. If you would then like to use your FED-LOGIN again without using the smartcard, you must authenticate yourself on MyAccount with the smartcard and re-register the FED-LOGIN Access App.

Preparations

To carry out the following instructions "FED-LOGIN totally smartcardless upgrade", you need a mobile phone on which the FED-LOGIN Access app can be installed (Info Link). An authorised, valid photo ID and a means of payment. Do NOT carry out the process on a federal client or in Mobile VDI. Use a different device. Use another device with a good, high-performance network connection (WLAN or GSM); this is important for the video call with ID check so that the video image can be transmitted in good quality without interference.

a)  End device
×
Do NOT carry out the process on a federal client or in Mobile VDI. Use a device with a good camera and microphone. This is particularly important for the video call with ID check so that the video image can be transmitted without interference and in good quality.
       b)  Photo ID
×
List of ID cards and countries that are accepted for verification
  • Swiss passport and identity card
  • Complete list of countries and authorised identity documents Country list

Master data check and corrections (CIS = Central Identity Store)

Which attributes are checked?
In online video identification, the following master data held by the Federal Administration is checked against the information in your photo ID document:
  • First name - if you have several first names in your master data, all of them must be listed on your photo ID document
  • Surname - if you have several surnames (without hyphen) in your master data, all of them must be listed on your photo ID
  • Date of birth
The photo ID data you enter will be compared with the master data stored about you in the Federal Administration under "Data entry". If the data (e-mail, first name, surname and date of birth) do not match 100%, the process will be cancelled. A message will be sent to the FED-LOGIN e-mail account you entered with details of which data does not match. In this case, please contact your line organisation to have your master data corrected. Please note that for information protection reasons, no details about the difference in data can be displayed in the online process flow.

How can I check my own attributes?
If you have the option (e.g. as a Mobile VDI user), call up MyAccount in the web browser and log in using FED-LOGIN. The master data currently managed in the Federal Administration is displayed under "User profile". Your master data first name, surname and date of birth cannot be edited by you as they originate from a central source, the Central Identity Store (CIS) of the Federal Administration.

How can incorrect/missing master data be corrected?
Please get in touch with your contact at the Federal Administration. They can arrange for your master data to be corrected via Personnel processes.

      d)  Means of payment
×
Video identification costs CHF 45.00 (incl. VAT) and is paid online by the end user at the time of entry into the process (means of payment: MasterCard, Visa, ApplePay, GooglePay, SamsungPay, Twint, PostFinance Card, PostFinance E-Finance, American Express, PayPal or by voucher code from the Federal Administration). Please contact your responsible administrative unit for information on the issue of possible vouchers.

If all the requirements are met, you will need 20 to 40 minutes of undisturbed processing time during VIPS operating hours (Monday to Saturday from 07:00 to 22:00) to carry out the "FED-LOGIN totally smartcardless upgrade" process. Ensure a quiet environment with sufficient lighting for the video identification process.

Instructions totally smartcardless FED-LOGIN upgrade


Open a standard Internet browser on your end device, not Mobile VDI or federal client, and go to https://www.init.eiam.admin.ch where you can select a statement that applies to you and click on Continue if the reCAPTCHA check is successful.

Note for PROD:
There are three independent eIAM environments (PROD, ABN, REF). These also have independent user administrations and FED-LOGIN. If you need «totallySmartcardless» for environments other than PROD, you have to perform the onboarding on one of the following URLs:
  • Acceptance environment (ABN):
  • Reference environment (REF):



    • Now enter your FED-LOGIN e-mail account of the Federal Administration and click on Continue.



    Please enter your surname, first name and date of birth exactly as stated on your photo ID document, as well as your other personal details. Accept the condition that your data may be shared with Adnovum Informatik AG and Intrum AG for the verification process and click on Continue.

    The data you have entered according to your ID card will now be compared with the master data stored about you in the Federal Administration. The purpose of this check is to prevent you from being directed to the identification process, which is subject to a fee and is then unsuccessful due to a discrepancy between the ID card data and the master data. The process is cancelled here and you will receive an e-mail message (for information on your further actions, see d) Photo ID above).



    To verify your mobile phone number, you will receive an SMS code which you must enter and then click on Register.


    Using the device on which you want to install the FED-LOGIN Access App, scan the QR code shown to match the operating system.

    Or download the Access App via the corresponding Apple & Google App Store.

    When the installation of the app on your mobile device is complete, click Continue.


    Open the FED-LOGIN app on your mobile device. Click on Scan QR code in the app. If you are asked by your device's operating system whether you allow the app to access the camera, you must authorise this. Move the camera of your device onto the QR code.

    You will now be asked to select an authentication method in the FED-LOGIN Access app. This authentication method protects the app from being used by unauthorised persons. It ensures that only you, as the authorised owner of this device, can use the app for logins.
    Select the desired authentication method on your mobile device:

    1. PIN authentication - Set a PIN (this PIN is independent of your device PIN).
    2. Face ID / Touch ID - This biometrics-based method is recommended as it is convenient and secure at the same time. If it cannot be used later when logging in, the app will ask you to enter the device PIN.
    After setting up the authentication method, a confirmation message appears.

    Please read the information and requirements.

    As soon as you have the necessary documents and means of payment ready, press Continue to start the video identification process.



    Read and confirm the terms of use and privacy policy and then press Start Online Video Identification

    .

    If you have a voucher code, select the corresponding link "I have a voucher code" and follow the instructions, otherwise please press To the payment.


    Select your payment method and follow the instructions.

    The payment was successful.
    Press To the video identification, as soon as you have your photo ID ready and the webcam and microphone are ready.


    The online video verification process is carried out by Adnovum Informatik AG and Intrum AG (duration approx. 30 min / CHF 45.00 (incl. VAT)).

    Depending on the result of the online video identification, you will receive one of the following notifications (incl. receipt of VIPS payment by e-mail);
    • Verification successful: with the information to be patient until the account setup has been successfully completed in the background. This will be confirmed by SMS.
      Please note that it is NOT possible to log in until you have received the SMS. This may take some time.

    • Verification failed: A message will be sent to the FED-LOGIN email account you entered, with details of which data does not match, please contact your support organisation.
    Your "FED-LOGIN totally smartcardless upgrade", with the use of the verified FED-LOGIN Access App as a strong second factor, now allows you to access Federal Administration resources that require strong authentication (eIAM QoA50 aka LoA3). An example of such an application is the Federal Administration's GEVER. Authentication with this high quality on FED-LOGIN is now also possible directly from the Internet via mobile VDI access or with other end devices. The prerequisite is, of course, that the application can be used directly from the Internet.


    Important note
    Please note that if you lose your mobile device, delete the FED-LOGIN Access app on your mobile device, manually delete your account in the FED-LOGIN Access app or reset all data and settings in the FED-LOGIN Access app (option under Settings menu), you may have to reinstall the app and perform a new video identification process for which a fee is charged. The support page can be found here: FED-LOGIN Support Request Form

    The online video identification check is valid for 5 years and must then be carried out again for a fee. It is valid throughout the Federal Administration, regardless of which administrative unit has issued an invitation and, if applicable, a voucher. A new video identification must also be carried out if the user changes their mobile phone number. As the registered Mobile ID is directly linked to the mobile phone number as a strong means of proof of identity.