Portugal Authentication Methods - RUB-NDS/FutureTrust GitHub Wiki

Most of public administration services online are integrated with the Public Identity Provider (PIdP) and thus accept the National eID and the Digital Mobile Key as authentication methods. Some services (e.g. Tax Authority, Citizen Portal) are also managing independently username/password as fallback mechanisms in case the user does not have means to use the PIdP. Further to the authentication with the eID, the Change of Address service available online makes use of EAC protocol to establish a secured connection between the chip card and the update service and update the address available in the chip. Other established public and private CAs (e.g. Multicert CA, wholly owned and operated by Multicert, partner of FutureTrust consortium) are providing digital certificates for numerous organizations, companies and individuals, which are daily used in very diverse use cases, most notably public tenders, ePrescription, eVoting, authentication and document signing. Some banks use also a two-factor authentication (2FA) solution based on OTP for authentication of high profile and/or business customers, using the EMV-CAP protocol. The service is known as MB CODE^[1].

1. ^ SIBS. (2016). SIBS Authentication Platform. (SIBS) Retrieved from https://www.sibs.pt/en/produtos-servicos/digital-payments/authentication-platform/