TUPAS

TUPAS is a strong digital authentication method created by the Federation of Finnish Financial Services. TUPAS identification is a de facto standard for digital identification in Finland. It is used by all major Finnish banks including Aktia, Osuuspankki, Nordea, Danske Bank and S-Pankki (formerly Tapiola). Furthermore, TUPAS is used also by Finnish government to log into Kansaneläkelaitos and Finnish Tax Administration site vero.fi.

TUPAS has been in a phaseout state since 2016. The final deadline to shut down the identification services was in September 2019, but all banks continued providing service past this date. TrafiCom has issued that monetary penalties will be collected from services that have not shut down by end of November 2019.^[1]

TUPAS is based on the Finnish law on strong electronic identification and digital signatures. The law requires strong identification methods to include at least two of the three following identification methods.

• Password or other similar that one knows,
• Chipcard or other similar that one possesses, or
• Fingerprint or other similar that is unique to the person.^[2]

Commonly the identification is done using a password and a list of single-use passcodes or a passcode device.

References

1. "Tunnistuspalvelun tarjoajille kehotus uhkasakon nojalla korjata toimintansa 30.11. mennessä - TUPAS-yhteyskäytäntö edelleen tarjolla vastoin lainsäädäntöä". Traficom (in Finnish). Retrieved 2019-10-17.
2. Law on strong digital identification and digital signatures. (in Finnish) https://www.finlex.fi/fi/laki/ajantasa/2009/20090617

External links

• http://www.fkl.fi/en/themes/e-services/tupas/Pages/default.aspx