Onegini Blog


Passwords must disappear. That's what security advocates say. Just like credit cards, fridges that are unconnected to the super market and doors that lock with a key? In reality banks with low efforts in security are hacked and consumers don't really care. With the same consumer mindset we run companies. Security is a checkbox, not a critical part of your company. We just blame someone when it goes wrong and eat the costs.

In this blogpost you'll learn why that's a mistake in 2017. You'll see why passwords are not like fridges connected to the supermarket, but more like cassette tapes that are a waste of your time. You can write a blogpost on cassette nostalgia but we all know there are lots of better options to choose from: from Spotify to Apple Music to CD players. I'll review the best alternatives to passwords, so you can be the first to write a blogpost on password nostalgia. 

Read More

The process of buying things online is a delicate one. Whether you're selling shoes, insurances and/or services. Any additional step or roadblock will cost you buyers. Login - no matter how easy - is such a step. When I enter a store I don't have to show my ID. There should be no need to login online when you want to buy things. Right? Let's do a thought experiment and check the requirements. I'll give you a little teaser: it's not as easy as it sounds...

Read More

Last week we did a webinar on the main features in the Onegini Connect 3.1 platform. Missed it? Don't worry, you can watch it here

Read More

We'll be releasing Onegini Connect 3.1 Carrot on June 14th, 3:00 PM - 4:00 PM CESTempowering the digital insurers. Onegini Connect 3.1 includes Onegini MSP 3.1 and Onegini CIM 3.1. We'll tell you all about the exciting new features of the release in detail on June 14th. The webinar will be interesting to both new and existing customers, so sign up now!

Read More

With MSP 3.1 (soon to be released), QR authentication has become part of the core product. This means that an end-user can login to your website by scanning a QR code with a mobile phone. It is easy, fast and secure. Anyone can do it. Take a look at the 4 second video below what that looks like... 

Read More

Buy a pair of shoes. Get the extras on your car insurance. How many online transactions do you do in a week? Do you ever wonder what would happen if the other party would say: "You also bought this and this". Where is the proof you didn't? Companies have the same problem the other way around. How can they prove you did the transaction? What if you would just say: "it wasn't me"? It's a trust economy. Once the trust is broken, the transactions stop.

Start using your customer's mobile device for a signature. Fast, traceable and secure. Maybe you need a pincode on top. Or maybe a QR code scan or fingerprint? Enter transaction signing in the Onegini MSP 3.1. I'll explain the technical details, the options you can use to configure it, and how it works functionally. Tracable. No man in the middle. No hard thinking. At the heart of it all lies a user's private key and a lot of cryptography and legislation you don't have to worry about.

Read More


Your browser knows a trick to prevent hackers from accessing your api’s using your session: the same-origin policy. It makes sure your api's can't be accessed by malicious websites. Let's say you're logged in on and open another tab in your browser and access Your browser shares sessions between tabs, so without the same-origin policy, could access all the api's from your facebook account using your session. Thank you same-origin policy for not letting post all kinds of weird things on my facebook timeline.

Read More

Ever struggled to provide end-to-end security from your backend API's to your mobile apps? How to make them OAuth 2.0 compliant? Maybe you use an API Gateway like CA API Gateway or Apigee’s API Gateway or Akana. You may have noticed their primary focus isn't mobile. Maybe you don't have an API Gateway, but you have REST API’s that you partially want to open up to your customers. Your backend developers would like to reuse existing security protocols like basic auth while your app developers just want to focus on the functionality in the app.

I’ll explain in this blog how Onegini helps you solve this issue, so you can start opening up your backend to mobile users in weeks. And now with the Security Proxy 2.0 release, it will even go faster, because your API architecture can remain as is. But first, let's take a step back and see how the Security Proxy 1.0 worked.

Security Proxy 1.0, an introduction
feel free to skip if you are already familiar with our solution

The Onegini MSP takes care of OAuth 2.0 token management between mobile device and server through native mobile SDK's. The solution manages authentication through biometrics or PIN after which an backend API can be requested. A high level picture of this process is shown below (see our docs for a full component overview). 

Read More


We've completely redesigned our award winning mobile security platform to make it even more future proof. New dashboards, feature upgrades and our partnerships with Infosys EdgeVerve and Samsung SDS resulted in a stronger solution including full FIDO support, Know Your Customer and advanced biometrics with EyeVerify and Samsung.

Read More


The Onegini Mobile Security Platform Windows Phone SDK gives you the ability to integrate security functionality into the apps you create for the Windows 8 Store and the Windows 8 Phone.

Read More
White paper: Digital Transformation Insurance Companies

Stay up to date

Sign up for newsletter