The BankID System Council of the National Bank of Ukraine has decided to introduce a fee for commercial subscribers. The changes will also affect the grounds for compulsory disconnection.
- Commercial BankID customers will now pay for three services.
- The changes include new grounds for the compulsory disconnection of subscribers.
- Non-commercial service providers remain free of charge.
- Authentication requirements for identifiers have been tightened.
- The changes will come into force in ten working days.
Changes to the rules for using BankID
System Council BankID The National Bank of Ukraine has adopted Decision No. B/57-0002/73036 of 19 June 2026, which significantly changes the rules for commercial subscribers. Participation in the System is now subject to a fee, which means new financial obligations for companies using these services.
Commercial subscribers are required to pay for three main services: connection to the System, connection of an additional subscriber node or service portal, and the processing of each successful electronic identity verification (EIV). The connection fee is 100 % of the cost and is non-refundable if the subscriber decides to withdraw before connection takes place.
Payment for the processing of EPI and additional modules is made monthly, no later than the 5th of the following month. However, the paid model does not apply to non-commercial providers, such as public authorities and educational institutions.
New grounds for compulsory disconnection
The updates also concern the grounds for compulsory termination of participation in the system. The new criteria include: operating in the gambling and lottery sector, links to Russian capital, documented risks to national security, and cases where a subscriber has shown zero activity over the course of a year. Other grounds remain in force, such as systematic non-payment and breaches of personal data protection requirements.
«These changes are designed to safeguard national security and ensure transparency in financial transactions,» said a spokesperson for the National Bank of Ukraine.
Authentication requirements
Subscribers with ‘Identifier’ (AI) status should note that authentication requirements have been tightened. It is now mandatory for each authentication request to include at least one dynamic factor. Failure to comply with this requirement may result in the subscriber’s service being temporarily suspended.
Service providers (SPs) are required to obtain the user’s consent to the processing of their data before transmitting information via the System, and, in the case of paid services, separate consent for payment.
All changes shall take effect for subscribers who have not given notice of termination of the Contract within ten working days of their publication. The technical stages of connection are governed by a separate instrument, which allows procedural deadlines to be amended without amending the Contract itself.
