Siden er ikke tilgængelig på det valgte sprog
Siden er ikke tilgængelig på dit ønskede sprog. De tilgængelige sprog er nævnt nedenstående.
The page is not available in the selected language
Unfortunately, the page is not available in the selected language. The page is available in the languages listed below.

Security behind MitID

MitID’s security is based on the solution’s technical architecture, its thorough security procedures, and the revision and oversight that the Danish Agency for Digitisation carry out every year.

MitID is a shared solution for Danish companies, individuals, and authorities. Therefore, it is important that MitID’s security is not compromised, and that MitID is updated and based on the latest and newest standards for authentication technology and solutions.

The technical architecture

MitID is designed to comply with the NSIS-protocol, which is the Danish version of eIDAS-protocol.

Read more about NSIS (in Danish - opens in a new tab).

In addition, MitID is based on modern protocols for authorization, such as OAuth 2.0 and OpenID Connect. MitID is designed so Brokers and RA-organisations are able to use other safe and secure technologies, when it is required and suitable.

The solution’s core cryptographical key is manifested in hardware security modules. These modules provide for secure access control and include sensors, which senses any attempt to break into the module no matter how insignificant. If a break-in attempt is sensed, all keys will be deleted before they can be extracted. The modules are approved according to the FIPS 140-2 standard.

MitID is designed in a way that makes it easy to apply other cryptographical solutions as they are being developed.

Security procedures

Some of the participants in the MitID-solution are brokers, and support- and RA-organisations. They have the option of developing their own solutions and adapt them to MitID, and thus expanding the applicability of MitID.

MitID requires that participants must adhere to a number of clearly defined codices. The codices are established to enable a high level of security across the whole solution.