Dear edu-ID operators
We would like to inform you about the following important news regarding the Switch edu-ID service:
1. Request users to provide mobile phone number (from 1. Oct 2025)
We will ask all edu-ID account holders to provide their mobile phone number in their edu-ID account. With a mobile phone number in their account, users have an additional method to automatically perform MFA account recovery without having to contact support.
Users will be asked to add a mobile number during the login to a service, just after the successful authentication (account notification). Only users who have not yet entered a mobile number in their edu-ID account will be prompted. Users can also choose to ignore the prompt.
More details can be found here: https://help.switch.ch/eduid/docs/services/login/notification/#toc0
We will display this account notification from 1 October.
2. Deactivation of the ‘MFA on demand’ option (from 5. Nov 2025)
We plan to remove the ‘MFA on demand’ option. This means that a user who has configured MFA in their account will then also have to authenticate with MFA for a service even if the service does not require it.
The MFA on demand option is a special feature of edu-ID. It complicates the MFA setup user interface and is often poorly understood by users. Removing it will therefore improve usability and security.
We will display an account notification from 1 October, asking users to to change the MFA on demand option to either ‘MFA always’ or ‘MFA off’. From 5 November, the ‘MFA always’ option will be set automatically for all users with ‘MFA on demand’.
PS: For the specific use case of the ‘on demand’ option in examinations, there is a better alternative solution. Please contact the edu-ID team at eduid-support@switch.ch (at least one month in advance) if users need access to services but are not allowed to use a smartphone.
3. Request to switch from SMS to TOTP (opt-in per organisation)
The edu-ID service offers the option of requesting users to configure the MFA method TOTP if they have used SMS so far. A corresponding account notification has been implemented and can be used immediately https://help.switch.ch/eduid/docs/services/login/notification/#toc1
This account notification can be activated per organisation. It is particularly useful if an organisation wants to exclude the use of SMS via organisational policy. It can thus ensure that its users configure TOTP before the policy becomes active. If an organisation wishes to activate this account notification, please contact the edu-ID team (eduid-support@switch.ch).
4. MFA configuration list in Administration Portal
Administrators at universities can now download a list of their users’ MFA configurations. The list contains information about which MFA methods are configured for each university member. This can be used, for example, to send an email to users who have only configured MFA with SMS, asking them to add TOTP.
The list can be found in the administration portal https://eduid.ch/web/organisation-administrator/ under ‘Export basic user data’.
We hope you enjoyed these news. If you have questions or feedback please contact us at eduid-support@switch.ch.
Sincerely, your edu-ID team
(this message was originally posted on the operators mailing list)