Siden er ikke tilgængelig på det valgte sprog
Siden er ikke tilgængelig på dit ønskede sprog. De tilgængelige sprog er nævnt nedenstående.
The page is not available in the selected language
Unfortunately, the page is not available in the selected language. The page is available in the languages listed below.

Security in MitID

MitID enhances the security, so your will protection against identity theft is improved.

MitID enhances security in three ways: the technical construction of MitID; the way you use MitID; the requirements to the documentation of your MitID identity.

When it is your turn to get MitID, you will migrate to a secure and safe MitID solution.

The MitID architecture facilitates proactive and fast implementation of changes to the solution. This enables us to easily and quickly react to security threats and adapt the solution to counter these threats.

Read more about how MitID enhances security (opens pdf in a new window)

Read more about general security in MitID

 

Yes, MitID is a secure solution, so when your bank informs you to get MitID, it is safe to do so. 

In regard to the MitID app, you don't need a pincode, when you log into the self-service solotion - you can log in using your user ID alone. MitID has moved the keying of the pincode over to the app. The difference between NemID and MitID on this point is that for NemID, the pincode is checked and validated centrally, while for MitID, it is the pin code for the app that is checked and validated centrally. This means that the security that earlier was placed on the NemID pincode now is placed on the pincode for the app. The result is better protection against the type of keylogger attacks, we have experienced on NemID, where criminals spot a user's pincode, as they enter it on a webpage.

Therefore, you don't need to be concerned, when you in MitID no longer need to enter a pincode with the user ID. 

MitID is personal and not to be shared with anyone. This is also the case for your user ID - it is yours alone. It is important to create a user ID that is difficult for others to identify - e.g. you should use special characters or numbers in your user ID to make it less likely to be compromised.

A user ID cannot stand alone. Thus, the situation that someone is able to identify your user ID that alone will not enable the person to get access to your identity. To use MitID, just like with NemID, you need to approve the transaction using the app, the code display, the audio code reader or the chip. This is done by by entering a PIN code and then approve the transaction by swiping the request with a reference text - a reference text that describes the transaction you are about to approve. If you have a code display or an audio code reader, you are required to enter an access code and then approved the transaction using a six diget code that you get from the code display or the audio code reader.

To prevent a user from inadvertently approving a transaction that the user has not initiated, the user will not receive a push notification on the phone - the way we have been condtioned to by NemID. The user must open the MitID app to check and approve requests. If a scammer sends a request, the request will not pop up on the screen by itself - the user will see the request when the user actively opens the app.

A request in the MitID app expires and disappears after five minuttes. This, combined with not receiving a push notification, make it more difficutlt for scammers to manipulate a user into approving a transaction not initiated by her or him.

Always read the transaction you are about to approve with MitID. It the text doesn't match your expectations, or if it isn't a transaction you have initiated - do not approve.

If you suspect that someone has accessed your MitID via the self-service universe on MitID.dk, contact mitID support immediately to get your MitID blocked for the moment. 

The self-service universe allows you to change your phone number, email, and other personal information pertinent to MitID.

Scammers can only get access to your self-service setup, if you approve their access by swiping/approve a MitID request that opens your MitID self-service universe.

If you unintentionally have allowed the scammer access, and the scammer changes something, e.g. tries to install MitID on a new phone, you will be notified by sms. If that happens, you need to contact MitID support immediately to have your MitID suspended.

It is important to be alert, if someone calls and pretends to represent your bank or a public authority, and ask you to make transactions using MitID. 

Neither the police, the Danish Agenscy for Digitisation, your bank or any other institutional authority will ever ask a citizen for personal log in information or access codes using email, sms, phone or as you to approve a transaction, that you have not initiated yourself.

In October this year, we introduced a security update that notifies you, if your phonenumer or email address is being changed in your self-service universe.

In early December we made our security even stronger to better protect you from  identity theft. Concretely, we have added an additional security step go make it even more difficult for criminals to get access to important information, e.g. phonenumber and emails, in the self-service part of MitID.dk. Practivally, this means that this upgrade requires you to to login twice with an hour between logins to complete changes in MitID.dk. In addtion, you will receive a message, when attempts are made to complete changes. You will also receive a message warning you not to share your MitID by allowing others to get access. All this will will protect the you against swindel.

Yes, you will be notified via the MitID app, sms, or email, if critical incidents happen to your MitID, e.g. if the MitID app is activated on a new device, and if your personal information is changed. You can choose to be notified everytime your MitID is in use. Should you suspect abuse of your MitID, contact MitID support immediately to have your MitID blocked for now.

How to protect your MitID

It is important to remember that you can't find a solution that will protect you 100 percent against criminals and fraud. For that reason, we offer advice in regard to what you should be aware of, when you get MitID or use MitID.

When you get MitID

  1. You need a user ID that is difficult for others to guess but is relatively easy for you to remember, e.g. you need to use both numbers, letters and special characters in your user ID. You can always change your user ID at MitID.dk. Don't ever share your user ID with others - that is, apart from the MitID support. if you have initiated the contact with them.
  2. You must activate your app, your code display, audio code reader og chip and have it associated with you, before you can use it. This partly prevents criminals to use your e.g. code display, should they get access to it.

When you use MitID

  1. Do not ever share your code display with others.
  2. Do not ever hand over your MitID app, code display, audio code reader og chip to others. The app can be shared with others in the same household, as long as each user has his or hers own user ID and PIN code. 
  3. Do not share your user ID with others - apart from MitID support, of you have contacted them.
  4. Do not ever approve a MitID transaction initiated by a phone call, email, physical visit from someone pretending to represent your bank, the police, the Danish Digitisation Board, MitID support or someone else. You will never be contacted this way.
  5. Always read what you are about to approve using MitID. Should the text not match your intend to do, or if you haven't initiated the transaction - do not approve.