Today, an update of the MitID app will be released in App Store and Google Play. With the update, the entry of the user ID and the subsequent approve in the MitID app are more tightly integrated, reducing the risk of fraud where the users are tricked into swiping on a transaction they did not initiate. Therefore, from today onwards, using the MitID app will require a slightly different approach than before. The update will be rolled out over the next few weeks in all the places where you use MitID.
If the MitID app is used for a transaction on a mobile device, it becomes easier to approve with MitID, as users will be redirected to the MitID app by pressing a single button: 'Open MitID app'. This resembles the familiar functionality of the NemID key app.
If the MitID app is used for an action on a computer, users will, as something new, need to scan a QR code displayed on the computer screen using the MitID app before they can approve with MitID. This strengthens the integration between the user ID input and the subsequent approval in the MitID app. It is intended to ensure that the user who approves with the MitID app has initiated the transaction themselves.
"The update helps to protect users against a type of fraud, that we unfortunately have seen a lot of, where users are lured into swiping on a transaction they did not initiate. At the same time, we are pleased to meet the demand for making it easier to open the MitID app" says Adam Lebech, Deputy Director, Agency for Digital Government, which, together with the banking industry association Finans Danmark, constitutes the partnership behind MitID.
The update has been developed and user-tested over a longer period, including collaboration with relevant user organisations, Citizen Service, and KL – Local Government Denmark.
"MitID is designed in a way that makes the solution more flexible. This allows us to continuously protect users as effectively as possible against new threats and optimize the solution. The update emphasizes our continued focus on the development of MitID - particularly the strengthening of security as the threat landscape evolves" says Michael Busk-Jepsen, Director of Digitalisation, Finance Denmark.
When approving card payments online using the MitID app, the process will continue in the same manner as today. This is because the card system already incorporates other technical security measures.
The use of QR codes is also known from the Swedish BankID, where QR codes were introduced in 2018.
Why is the update being released now?
MitID is continuously developed, ensuring that the solution is constantly optimized and protects users as new threats and risks emerge. The update of the MitID app has been planned for a long time. To avoid introducing major changes while the transition to MitID was still ongoing, the update is now being released when the transition to MitID is nearing completion, and when MitID has been in the hands of many users for a considerable period.
The update will be rolled out gradually as the individual services that use MitID implement the update. From today you can find all the information about the update as well as instructions and guides here at MitID.dk.
If automatic updates are not switched on, users will need to manually update the MitID app. There is nothing else the users need to do.
The Agency of Digital Government and Finance Denmark is the partnership behind MitID.