Secure file transfer

Here you will find information on Handelsbanken's public cryptographic keys.
 - Handelsbanken.se

Change of keys

To improve security for our customers and vendors, we are introducing stricter requirements for technical encryption in file communication. 

Handelsbanken may, at regular intervals, make new public keys available. We will ensure that we update this page well in advance prior to switch-over from old keys, as well as communicate details regarding the change to you in a separate, private channel.

Make sure you update your keys prior to any deadlines.

Please remember: when an old key expires, it is good security practice to remove it from your system.

Handelsbanken acting as SFTP server

In order to use SFTP vis-a-vis Handelsbanken (i.e. when we act as an SFTP server) you will need to download our SSH public host key. This key will make it possible for your software to ensure that you communicate with the correct server, and avoid so-called man-in-the-middle attacks.

The SSH host key must be installed in your SFTP software. Please refer to your documentation or supplier for details. The key you download from us is safe, i.e. it need not be kept a secret.

Fingerprints

We have two different keys, each with a different fingerprint. Fingerprints are short texts, calculated mathematically, which ensure that the key is correct, and come in two flavours per key.

Preferred key
Our preferred key is ED25519, a modern algorithm. Size: 256 bit 

The key is valid from 9 November, 2021. 

ED25519    
Fingerprints ED25519

Secondary choice
The secondary choice, RSA, is equally secure as ED25519, but uses different mathematical principles. 

The key is valid from 9 November, 2021. 

RSA (size 4096 bit)    
Fingerprints RSA

Please note that due to the different algorithms being used, an RSA key of 4096 bit is roughly equivalent to ED25519 256 bit. 

Handelsbanken acting as SFTP client

Public keys

The following public key is used for authentication purposes when Handelsbanken connect to external parties SFTP servers. This key follow the same private/public asymmetric cryptographic method as the host/server key, but for a different purpose: that of proving Handelsbankens identity.

 This is our public client key, the key comes in two flavours:

Our keys are RSA 2048, a modern algorithm.

New key, valid from 1 October 2024

Open SSH

New key, valid from 1 October 2024

RFC 4716 

Public PGP key

To ensure the safety of file content, we offer the use of the PGP encryption method. This method uses a technology known as asymmetric encryption, or public key cryptography. 

Contact

Woman at office with headset

Do you have any questions relating to secure file transfer? We are happy to guide you if you need our help. 

Feel free to contact us at Handelsbanken Corporate File Services.
E-mail: filegateway@handelsbanken.se 

For other bank-related questions, please refer to your local Handelsbanken branch office.