You could always protect the signing certificates in the apps with derived passwords, still the length of passkeys practically acceptable to type in on a phone is too short to safely protect a certificate vs a bruteforce attack without some kind of HW assisted storage.
In the end it also boils down to what devices the BankID app providers are willing to support, I have a hard time seeing anything but iOS or Android devices being supported in the near future, Esp as Swedish BankID's now also requires NFC support to read the local police issued ID cards (had to get a new testing-device just due to this requirement).
Note: BankID is the name of personal identity apps that support authentication and signatures in Sweden, Norway and Finland, the authentication is used to access a myriad of both public and private sites like tax office, unemployment, healthcare and gyms. The signatures done via the apps are generally accepted to be of as good legal standing as a signed paper.
I would also have commented: Not supported in Finland. I think I have read articles that they tried to get marketing share, but AFAIK they have failed completely.
On the positive side in Finland you can use SIM Toolkit for legally sanctioned 2FA (mobiilivarmenne). That should be much easier to implement without having Google involved.
Interesting, seems OP bank and Nordea allows logins/registrations from their own and other banks ID apps (all separate though). Vero and Kela allows logins from mobiilivarmenne and all the bank identifiers via the tunnistautuminen.suomi.fi service.
I guess it's the opposite to what happened in Sweden where Telia was the only mobile provider that had an identity solution (that had any uptake), but afaik gave up due to the omnipresence of BankID that is a streamlined system supported by all the major banks.
As a private sector application developer, would one integrate with MV, the suomi.fi portal or is it a fragmented system?
Sorry, I am not familiar how to address the issue from a developer perspective. All bigger services offer id via all banks plus mobile certificate. I believe the mobile certificate service is backed by Telia, even if your SIM is from another operator. Infamously Moi does not even offer the service at all.
Whether the banks have any common backend/provider or you need to deal with all of them sperately I don't know.
In the end it also boils down to what devices the BankID app providers are willing to support, I have a hard time seeing anything but iOS or Android devices being supported in the near future, Esp as Swedish BankID's now also requires NFC support to read the local police issued ID cards (had to get a new testing-device just due to this requirement).
Note: BankID is the name of personal identity apps that support authentication and signatures in Sweden, Norway and Finland, the authentication is used to access a myriad of both public and private sites like tax office, unemployment, healthcare and gyms. The signatures done via the apps are generally accepted to be of as good legal standing as a signed paper.