Certified Swiss identity proofing service provider (IPSP) for banks and financial institutions through NFC chip reading

"360 Identities brings multiple identity signals together. Our identity-centric solutions protect people, devices, and data."

Fully automated identity proofing compliant with ETSI standards.

360 Identities is fast (< 1 minute) and fully automated ("self-service") without human interaction. It performs unattended remote digital ID proofing through biometric chip capture conforming to AMLA's RTS on Customer Due Diligence and FINMA Circular 2016/7 RZ32 - 39 ("Online identification").

Radio frequency identification (RFID) with NFC chip reading.

The Near Field Communication (NFC) protocol enables data exchange within a range of 4 cm and is set to become the new gold standard for remote identity proofing. All Swiss and EU passports are equipped with NFC chips. It is expected that by 2030, biometric chips will also feature in Swiss and European ID cards.

Liveness detection with zero tolerance for fraud (APCER = 0%).

Instead of investing resources in AI-powered systems to detect fraud after it has occurred, block threat actors right at the identity verification stage. Combine document verification, biometric capture and liveness detection to create a biometric anchor as a baseline across all devices and channels.

Under 1,000 identifications per year

CHF 4.00 per applicant

• Minimum: CHF 1,200 p.a.
• No monthly usage fee
  

Under 10,000 identifications per year

CHF 3.00 per applicant

• Minimum: CHF 3,000 p.a.
• No monthly usage fee
  

Over 10,000 identifications per year

CHF 2.00 per applicant

• Minimum: CHF 6,000 p.a.
• No monthly usage fee

Identity signal integrity

If it is indeed true that, in the social world, "personality is an unbroken series of successful gestures" (The Great Gatsby), then digital identity could be seen a continuous series of successful authentications and verifications between machines.

We believe that viewing digital identity as a continuous stream of trustworthy signals - rather than a one-time pass/fail check - is a more faithful implementation of the principles of zero trust architecture.

Identity signal integrity is the confidence that the totality of identity attributes relating to the initiator of a digital transaction are trustworthy.



Identity signals include:

• Network environment and IP address
• Device footprint
• Login credentials
• Authentication and session tokens
• Expected user behaviour

Get 360 Identities for Android (here) or iOS (here)

Take a photo of your passport or identity card.

Hold phone against passport to read NFC chip.

Record a selfie video for liveness verification.

Business logic

• Attribute and evidence collection: Extraction of identity attributes from the physical identity document’s visual inspection zone (VIZ) and machine readable zone (MRZ)
• Attribute and evidence validation: validate the freshness, reliability, and consistency of the collected identity attributes including, where available (e.g., via Interpol databases), the validity of the supporting identity document
• Validation of the electronic machine readable travel document's (eMRTD) country signing certificate through the ICAO PKD (Public Key Database) or other sources
• Binding to applicant: Liveness detection through a video selfie in order to verify that the user is the legitimate passport holder and not a bad actor using spoofs presented to the camera
  

Usability

• Dedicated apps: 360 Identities is available for download from the App Store or Google Play
• Desktop and mobile version
• Clear UI: Intuitive interface for corporates and public authorities avoiding unnecessary complexity
• Language support: All workflows including emails in 4 languages (EN, DE, FR, IT)
• Technical Support Hotline: Support in EN, DE, FR, IT during office hours (+41 44 700 28 88)
• Productivity connectors: Integrated into our eSignatures solution 360 Signatures (here), our audit-proof DMS 360 Documents (here) and our financial-grade CRM 360 Relationships (here)
  

Regulatory

• Comply with Art. 3 AMLA ("Verification of the identity of the customer"): "When establishing a business relationship, the financial intermediary must verify the identity of the customer on the basis of a document of evidentiary value"
• Comply with Art. 5 AMLA ("Repetition of the verification of the identity of the customer"): "If doubt arises in the course of the business relationship as to the identity of the customer or of the beneficial owner, the verification of identity [...] must be repeated"
• Audit-proof retention of the captured evidences for 10 years in accordance with OR Art. 958f
• Automated identity or age verification: One-time video ID check to qualify for QES signatures (operating hours: 24/7/365)

Security

• Data residency: All data is kept exclusively in Switzerland
• Privacy: Compliance with the Swiss Federal Act on Data Protection - FADP (here) and the EU's General Data Protection Regulation - GDPR (here)
• Full data portability: Art. 28 FADP and Art. 20 GDPR
• Information security: ISO 27001 certified data centres located in Switzerland in compliance with FINMA requirements
• Document retention policy: Uploaded identity documents and selfies are kept for 30 days and then deleted
• Ransomware protection: Regular 3-2-1 offline, offsite backup of your documents in Switzerland

Compliance hub

Download Identity Proofing Practice statement.

Download the Terms of use for 360 Identities.

Download Privacy policy for 360 Identities.

Download list of accepted identity documents.

Related Reading

AMLA (2026) Draft Regulatory Technical Standards on Customer Due Diligence under AMLR 28(1) (here)

Gary Archer, Judith Kahrer, Michał Trojanowski (2025) Cloud Native Data Security with OAuth (here)

Frank Arretz (Hrsg.) (2022) Digitale Authentifizierung (here)

Alan Calder, Steve Watkins (2019) IT Governance: An International Guide to Data Security and ISO 27001/ISO 27002 (here)

Kévin Carta (2024) Biometric Data Injection Attacks on Facial Recognition used in Remote Identity Proofing (here)

ENISA (2021) Remote ID Proofing - Analysis of methods to carry out identity proofing remotely (here)

ENISA (2022) Remote Identity Proofing: Attacks & Countermeasueres (here)

ENISA (2024) Remote ID Proofing Good Practices (here)

ETSI (2026) ETSI TS 119 461 Electronic Signatures and Trust Infrastructures (ESI); Policy and security requirements for trust service components providing identity proofing of trust service subjects (here)

ETSI (2026) ETSI TS 119 431-1 Electronic Signatures and Trust Infrastructures (ESI); Policy and security requirements for trust service providers; Part 1: TSP services operating a remote QSCD / SCDev (here)

ETSI (2026) ETSI EN 319 401 Electronic Signatures and Trust Infrastructure (ESI); General Policy Requirements for Trust Service Providers (here)

FINMA (2021) Circular 2016/7 Video and online identification. Due diligence requirements for client onboarding via digital channels (here)

FINMA (2026) FINMA publishes guidance on managing digital fraud risks (here)

ICAO (2021) Doc 9303 - Machine Readable Travel Documents (here)

ISO 27000:2018 Information technology - Security techniques - Information security management systems - Overview and vocabulary (here)

ISO 27001:2022 Information security, cybersecurity and privacy protection - Information security management systems - Requirements (here)

ISO 27002:2022 Information security, cybersecurity and privacy protection - Information security controls (here)

ISO/IEC 27005:2022 Information security, cybersecurity and privacy protection - Guidance on managing information security risks (here)

ISO 27017:2015 Information technology - Security techniques - Code of practice for information security controls based on ISO/IEC 27002 for cloud services (here)

Ev Kontsevoy, Sakshyam Shah, Peter Conrad (2023) Identity-Native Infrastructure Access Management (here)

Eve Maler (2026) Mastering Digital Identity (here)

NIST (2025) NIST SP 800-63 Digital Identity Guidelines (here)

Gilit Saporta, Shoshana Maraney (2022) Practical Fraud Prevention. Fraud and AML Analytics for Fintech and eCommerce (here)

André Tanner, Robert Iliev (2025) Kommentierung zu Art. 3 GwG (here)

Phillip J. Windley (2023) Learning Digital Identity (here)

Phil Windley (2026) Dynamic Authorization - Adaptive Access Control (here)