Smart-ID Security Guide

PIN-codes and safety

The Smart-ID app was created so that your PIN-codes aren’t stored anywhere: they are not kept on your phone, in the app nor on our servers. This means that even if your phone gets stolen, criminals can’t access your bank accounts without knowing your PIN-codes.


PIN-code locking protects from hackers

As your PIN-codes are not stored anywhere, criminals can’t “break into” them. It is also impossible to guess the PIN-codes by going through all possible numeric combinations: as soon as someone (even you!) has made three failed attempts at entering the PIN, your PIN-codes will be locked. The lock will be temporary to begin with (in case it was a simple mistake made by you), but if the attack continues, Smart-ID will permanently block your account to keep you protected from a possible identity theft.

Read more:

PIN-codes getting locked: what and why?

Protect your PIN-codes

You can choose your PIN-codes during account registration:

  • PIN1 gives you login access to e-services and online banking
  • PIN2 is needed to confirm transactions – authorising bank transfers, changing services, signing documents etc.

Do not authorise any activity on your app unless you’ve personally initiated the request! If you need to transfer money to members of your family, handle invoices for your company or anything seemingly innocent like this, initiate the activity yourself from your own device. Make sure that the confirmation code displayed with the activity matches the one shown with the PIN-request, and that the description of the activity corresponds to what you are doing.

A Joint bank account does not mean shared PIN-codes!

Do not share your PIN-codes with your friends, colleagues or family members: you are legally responsible for all actions taken using your PIN-codes. If you want someone else to be able to use your bank account, give them access through your online bank settings. This way, you can share the bank account, but each user remains identifiable. Your bank’s customer service team will help you with this!

Choose the right PIN-codes

Choose PIN-codes that are easy for you to remember but difficult for others to guess. Avoid simple PIN-codes like 0000, 1004, 1010, 1111, 1212, 1234, 4444, 6969, 7777, 9876 etc, and don’t use the birthdays of your family members. The best way is to create a system that only you are familiar with of and which enables you to ‘deduce’ the PIN-codes should you happen to forget them.

PIN-codes cannot be changed

Because your PIN-codes aren’t stored anywhere, they also can’t be changed. If you have forgotten your PIN-codes or you’d like to start using new ones for security reasons, delete your existing Smart-ID account and create a new one with new and improved PIN-codes.

PIN-codes should not be written down

Memorise your PIN-codes and do not write them down anywhere. It is especially dangerous to keep PIN-codes, usernames, passwords etc in your wallet or a purse, attached to your phone, written as notes on your phone or placed somewhere in the vicinity of your computer. If you feel like you have to write them down, mask them as something else: for example, turn them into phone numbers – and keep them somewhere unusual. The only truly secure action, however, is to choose PIN-codes that you can remember!

Do not let scammers cheat the PIN-codes out of you!

No-one else needs to know your PIN-codes (for any reason at all). Your bank, service providers or even government offices will NEVER ask for them. Do not trust anything or anyone asking for your PIN-codes, it’s a malicious scam even if they know personal details about you, sound trustworthy or ask to test your PIN’s for “security reasons”.

PIN-codes are your protection!

The only time you need to use your Smart-ID PIN-codes is to confirm a transaction initiated by you. If you need to transfer money, don’t let anyone, even your family members, start the transfer remotely. Always do it yourself from your own device. Never, ever enter your PIN-codes anywhere but the app, always check that the confirmation codes match and let us know as soon as you can if you get any e-mails or messages asking for your PINs!

More about security and safety:

Smart-ID: safe and secure solution

Smart-ID meets the European Union’s highest security standards and digital signatures given with Smart-ID have the same legal standing as handwritten ones.

Scams and viruses

Internet scammers are cleverer than ever: they’ll use any means possible to gain access to your accounts. Learn to spot the warning signs!