Security statement for SuisseID
The security of the SuisseID fulfils the highest requirements:
- The production of the Post SuisseID corresponds with the really high security requirements of the Swiss Signature Act (ZertES) regarding qualified certificates.
- The identity (the certificate) of the Post SuisseID is stored in a high-quality crypto chip (smartcard) which prevents the identity being copied, cloned or changed.
- Access to the Post SuisseID identity (on the crypto chip) is protected by a password (PIN). If the password is entered incorrectly 3 times access is blocked. The smartcard without a password is as useless as the password without a smartcard. If you lose your Post SuisseID you can block it online.
The secure SuisseID is used in an overall system of person, computer and internet, total control of which is outside the possibilities of a SuisseID.
But as user you can decisively influence the security of this overall system:
The Swiss Signature Act demands that you always keep the SuisseID and the SuisseID password (PIN) stored separately. The SuisseID or the password must never be handed over to third parties. Do not choose a password which is easy to guess. If you suspect abuse, change the SuisseID password immediately and/or block your SuisseID. In the event of loss of the SuisseID this must be blocked immediately, like a bank or credit card.
Protect your computer with an antivirus program and keep your operating system up to date (you will find further information at the Reporting and Analysis Centre for Information Security MELANI of the Federal Government). Remove the SuisseID from the computer after use and keep the SuisseID stored in a safe location. As an option you can increase the application security by using the SuisseID in the SwissStick or in a reader with PINpad.
Visit only websites which you trust. When logging in check for the green display of the link in the browser. Observe the information of the Federal Government regarding careful action when surfing on the internet.
If you abide by the above rules of conduct and observe the protective measures you will have maximum security when using your SuisseID.
The requirement for secure online transactions or communication is always correct and careful handling of all elements in the process. This applies for e-banking as much as for the use of the Post SuisseID.