Use-of-credentials

Performing logins with different credentials

It follows from eIAM services 1 and 2 that logins (user logins) are not performed by the target applications themselves, but by an internal or external IdP associated with eIAM. This is an important security aspect of the federation between identity provider, eIAM and target applications: The login is always performed on the infrastructure of the electronic identity provider.

Which identity providers (IdPs) and which quality of digital identity (QoA) a target application accepts is defined in the eIAM dossier at the integration project per target application.
Infolink regarding the IdPs can be found at: eIAM list of IdPs
Infolink regarding the QoA concept can be found at: Quality of Authentication (QoA)

For users who CANNOT be equipped with a smartcard (FED-LOGIN) of the Federal Administration, the following options are available:

CH-LOGIN identity (unverified) with one or two login factors.

Note:

CH-LOGIN to AGOV - Info

nHEC+ identity (verified CH-LOGIN) with a Hardcrypto token (FIDO security key, Mobile ID) and a video identification or the Vasco token as a second factor.
[https://docs.eiam.swiss/index.php?c=eiamsquidlink&l=enb]Note: New NHEC+ identities are no longer offered. Users outside the federal administration who require verified identities (> QoA30) MUST meet this requirement with verified AGOV identities. Users with existing NHEC+ (CH-LOGIN) identities may continue to use them. There is simply no onboarding of new ones anymore.

AGOV identity (unverified and verified) AGOV is the Swiss government login and provides increased security as well as greater user-friendliness. You can use it for various online services of the Confederation, cantons, or municipalities. Further information can be found at: AGOV
Note: The AGOV login is replacing CH-LOGIN in several phases. More information can be found at: CH-LOGIN to AGOV - Info

FED-LOGIN identity (verified)

without a smartcard

FED-LOGIN without smartcard insert