SCS signer application
Authenticate and generate digital signatures in web browser with smartcards.
Digi- ja väestötietovirasto · fi.fineid.security.scs
UpdatedNov 18, 2025
PublishedOct 26, 2020
Packagefi.fineid.security.scs
MD564068e6b6314bf79f4b063a6120411c5
SHA1 (signer)A6:F7:EA:C5:BD:EE:90:E7:E2:B7:CF:3F:CE:5F:2D:41:BB:A3:1C:74
Signed byCN=Pekka Laitinen, OU=Varmennepalvelut, O=V?est?rekisterikeskus, C=FI
Malware scanTRUSTED
Websitehttp://www.vrk.fi/
Contact[email protected]
What's new
1.3-64 (2025-02-07):
- supports SCS 1.2 and 1.3 (not transaction signing)
- added support CosmoX cards
- removed support for pre-1.2 SCS versions
- SCS 1.2 is the default version
1.1.59 (2024-11-19):
- supports latest organization/sote/identity cards
- upgraded application to use Android 14 APIs
- added support for "signature-plain"
- supports latest ACS card readers, see app's description
- supports SCS 1.2 and 1.3 (not transaction signing)
- added support CosmoX cards
- removed support for pre-1.2 SCS versions
- SCS 1.2 is the default version
1.1.59 (2024-11-19):
- supports latest organization/sote/identity cards
- upgraded application to use Android 14 APIs
- added support for "signature-plain"
- supports latest ACS card readers, see app's description
Description
In order to be able to use the SCS signer application with a service, the service needs to support SCS interface.
SCS signer application works currently with following services:
• Kelain*: issuing electronic prescriptions (doctor, dentist)
* SCS signer application works with Kelain service, but Kela does not officially offer end user support for its usage.
SCS signer application enables your device to authenticate and generate digital signatures in services that support the SCS interface. All you need is the SCS signer application, and an NFC enabled smart card issued by Digital and Population Data Services Agency. If you do not wish to or cannot use NFC, then you need a smart card reader. Currently, readers from ACS or SCM/Identive that can be connected to the device (either with USB-C or with Bluetooth) are supported. You can use an adapter to connect a normal USB based smart card to the device. SCS signer application works with a standard web browser (without additional extensions). Currently there is no limit on who (web site) can request SCS to sign data.
Tested card readers:
• ACS ACR39U--NF PocketMate II (USB Type-C):
https://www.acs.com.hk/en/products/425/acr39u-nf-pocketmate-ii-smart-card-reader-usb-type-c/
• ACS ACR3901U-S1 Bluetooth Contact Card Reader:
https://www.acs.com.hk/en/products/392/acr3901u-s1-bluetooth-contact-card-reader/
• functionality of other card readers is not guaranteed
Notes:
• SCS signer application is not allowed to run in
rooted devices
due to security reasons.
• During first startup SCS signer application will install a local SCS certificate (for enabling https access to SCS from browser) to your device. As a consequence to the certificate installation, your device will from time to time show you a notification stating "Network my be monitored by an unknown third party". This is an automatic notification by the Android platform to let you know that an application has installed certificates to your system.
• SCS signer application requires that your device has a secure screen lock in use. If you don't have yet, it will be setup during the setup phase.
More about Digital and Population Data Services Agency:
https://dvv.fi/en/certificates
Testing site:
https://dvv.fineid.fi/en/signing
SCS signer application works currently with following services:
• Kelain*: issuing electronic prescriptions (doctor, dentist)
* SCS signer application works with Kelain service, but Kela does not officially offer end user support for its usage.
SCS signer application enables your device to authenticate and generate digital signatures in services that support the SCS interface. All you need is the SCS signer application, and an NFC enabled smart card issued by Digital and Population Data Services Agency. If you do not wish to or cannot use NFC, then you need a smart card reader. Currently, readers from ACS or SCM/Identive that can be connected to the device (either with USB-C or with Bluetooth) are supported. You can use an adapter to connect a normal USB based smart card to the device. SCS signer application works with a standard web browser (without additional extensions). Currently there is no limit on who (web site) can request SCS to sign data.
Tested card readers:
• ACS ACR39U--NF PocketMate II (USB Type-C):
https://www.acs.com.hk/en/products/425/acr39u-nf-pocketmate-ii-smart-card-reader-usb-type-c/
• ACS ACR3901U-S1 Bluetooth Contact Card Reader:
https://www.acs.com.hk/en/products/392/acr3901u-s1-bluetooth-contact-card-reader/
• functionality of other card readers is not guaranteed
Notes:
• SCS signer application is not allowed to run in
rooted devices
due to security reasons.
• During first startup SCS signer application will install a local SCS certificate (for enabling https access to SCS from browser) to your device. As a consequence to the certificate installation, your device will from time to time show you a notification stating "Network my be monitored by an unknown third party". This is an automatic notification by the Android platform to let you know that an application has installed certificates to your system.
• SCS signer application requires that your device has a secure screen lock in use. If you don't have yet, it will be setup during the setup phase.
More about Digital and Population Data Services Agency:
https://dvv.fi/en/certificates
Testing site:
https://dvv.fineid.fi/en/signing
Required features
- Bluetooth android.hardware.bluetooth
- Faketouch android.hardware.faketouch
- Location android.hardware.location
Permissions (14)
SCS signer application requests the following Android permissions:
- Access Coarse Location android.permission.ACCESS_COARSE_LOCATION
- Access Fine Location android.permission.ACCESS_FINE_LOCATION
- Bluetooth android.permission.BLUETOOTH
- Bluetooth Admin android.permission.BLUETOOTH_ADMIN
- Bluetooth Connect android.permission.BLUETOOTH_CONNECT
- Bluetooth Scan android.permission.BLUETOOTH_SCAN
- Foreground Service android.permission.FOREGROUND_SERVICE
- Foreground Service Connected Device android.permission.FOREGROUND_SERVICE_CONNECTED_DEVICE
- Internet android.permission.INTERNET
- Nfc android.permission.NFC
- Post Notifications android.permission.POST_NOTIFICATIONS
- Receive Boot Completed android.permission.RECEIVE_BOOT_COMPLETED
- System Alert Window android.permission.SYSTEM_ALERT_WINDOW
- Fi Fineid Security Scs Dynamic Receiver Not Exported Permission fi.fineid.security.scs.DYNAMIC_RECEIVER_NOT_EXPORTED_PERMISSION
