If you sell B2B online, you know the painful moment: the buyer requests payment terms like “net-30/net-60,” but you first have to confirm the company exists, that the person is authorized to bind the company… and that the credit holds up. In practice this becomes a chain of emails, document exchanges, internal approvals and sometimes 10 days of latency.
Two and Signicat (two Norwegian fintechs) have announced a partnership that automates this step: identity verification of the individual (via national eID) plus real-time queries to official company registries to confirm legal purchase authorization and accelerate credit decisions. The promised outcome: move from days to seconds.
The Opportunity for SMEs
Let’s be blunt: in B2B e-commerce, friction kills conversion. The market is projected at NULL trillion by 2026, and as it grows, fraud adapts. Signicat reports 54% of European fintechs seeing an uptick in fraud that exploits this verification gap (2025 study). For an SME the benefits are concrete:
- Collect faster (and sell more): fewer back-and-forths, a B2B checkout that feels consumer-grade, and fewer cart abandonments.
- Reduce default and impersonation risk: validate not only the company but also that the individual is authorized to bind it (mandate/role verification).
- Speed up payment terms approvals: Two focuses on merchant credit and flexible terms (e.g., net-60) with rapid decisioning.
- Simplify cross-border scaling: if you’re expanding sales across Europe, eID + multi-country registries are a lever to scale without hiring a manual validation team.
In short: less wasted time, lower fraud, and a customer experience that doesn’t feel like it was designed in 2008.
Key Caveats
This kind of automation is powerful, but there are classic pitfalls to anticipate before you commit:
- Vendor lock-in: integrations are typically API-first and proprietary. Switching later can be costlier than expected (contracts, migration, rework of the flow).
- Actual geographic coverage: the model relies on national eIDs (BankID, MitID, etc.). Very strong across the Nordics/Europe, more variable beyond those regions.
- Critical dependency: if your conversion and credit risk depend on this chain (Signicat + registries + decisioning), treat it as a critical component (SLA, failover plans, monitoring).
- Integration costs: pricing and technical effort are often underspecified. The true cost is not just the connection: it’s ongoing maintenance, edge cases, and aligning payments/compliance/IT.
Compliance Considerations
You’re handling sensitive personal data here (identity, official documents, possibly biometrics), so compliance is not an optional add-on — it’s foundational.
- GDPR (EU) / nLPD (Switzerland): secure the legal basis (Art. 6), define purpose, data minimization, retention periods, and rights management (access, deletion, etc.).
- Data localization: verify where data is stored/processed and what hosting options exist (EU, Switzerland) as well as the involved subprocessors.
- AML / enhanced due diligence: stronger B2B verification can be a compliance asset, provided your internal procedures align with the tool.
- EU AI Act (if applicable): if AI is used in evaluation or decisioning, you’ll need risk classification and transparency controls.
Conclusion & Strategic Support from Cohesium
Two + Signicat address a real pain point: making B2B sales faster without sacrificing security. For an SME the promise is clear: less friction, higher conversion, and better-managed risk — provided the component is integrated into your processes and compliance is framed from day one.
Rather than patching things together, Cohesium AI can:
- Automation: audit and orchestrate the Two/Signicat integration into your workflows (n8n, Make, or a custom API), and optimize the end-to-end B2B authorization flow to reduce technical debt and improve scalability.
- Compliance & Data: perform a GDPR/nLPD audit on identity/biometric processing, define retention and governance, and help prepare a DPIA if needed — including hosting trade-offs (EU vs. Switzerland).