link
Developer Pages

# MitID

This page gives a brief introduction to MitiD. For more detailed pages, see for example Migration from NemID to MitID or Authentication (you can find more pages in the left menu).

Page contents

# About MitID

MitID (opens new window) is a new electronic ID in Denmark, replacing NemID. It is a collaboration between the Danish banks and the Danish public sector. This alliance forms a nationwide solution and provides a secure authentication mechanism for all Danish citizens and residents. MitID can be used for online banking, Digital Post, communication with public authorities, identifying yourself in other digital services and more.

MitID Login box click-to-zoom

# Try it out

Here is how the MitID login box will look for the end-users. Since it is a demo, any username and password will work:

Signicat MitID demo (opens new window)

For more information about the user interface, see for example Authentication flows for the end-user.

New to Signicat?

You are currently viewing the Signicat Enterprise developer pages, and this is the place to be if you are in a regulated industry, and specifically require SOC2 certification.

If not, get started today with Signicat Express here:

Create account

# Time plan

From 6. May to October 2021, MitID was tested in a formal pilot phase led by Digitaliseringsstyrelsen (opens new window). Mass migration of end-users started in October 2021. We are currently in a transition period where you can use both NemID and MitID, although NemID will be phased out by the end of October 2023.

# Contact Signicat for more information

Signicat will continuously add content to this page reflecting the status of the integration.

To keep updated on the development progress, you can sign up for the latest news by sending an email to mitid@signicat.com.

Signicat will be happy to assist you in ordering and setting up MitID. Please contact Signicat at support@signicat.com for more information.

# Integrating with MitID through Signicat

Integration with MitID is done via the same API as Signicat's other ID methods. See Getting started with authentication for more information. Through the single point of integration, you can additionally get access to Signicat’s wide portfolio of integrated ID methods and also other services like identity proofing and signing.

For a response example from a typical MitID authentication, see the OIDC response examples page.

# Key features of MitID

This is an overview of important features in MitID:

  • A common, national identity and authentication solution.
  • Public actors, financial institutions and other private service providers can only use MitID through certified brokers.
  • Secure login supporting all three levels of assurance (LoA) from eIDAS, Low, Substantial and High:
    • Low: Authenticates the user with single-factor authentication, e.g. with password or chip. Low is not available in NemID.
    • Substantial: Authenticates the user with a two-factor authenticator combination, e.g. with the MitID app on a smart phone.
    • High: Authenticates the user with a more advanced two-factor authenticator combination, e.g. the MitID app + chip.
  • Sign documents using MitID.

# Basic and add-on services (packages)

Signicat offers the MitID implementation in several packages divided into two main categories, Basic service and Add-on services:

click-to-zoom

# Basic service

The MitID Basic service is the core functionality you as a service provider need to replace NemID Login and Signing with MitID Login and Signing. The security level for MitID in the basic package is the same as NemID, i.e. Substantial level of assurance.

The basic service also includes the default subdomain names, signicat-id.mitid.dk or signicat-sign.mitid.dk, and the basic graphical profile in a plain neutral look.

# Add-on services

In addition to the basic service, Signicat provides add-on services enhancing user experience, security and payment aspects:

  • Advanced graphical profile: Offers the possibility to customise the graphical profile to suit your own brand. This gives the customer a recognisable login flow.
  • Subdomains: Service providers can get their own MitID subdomain like service-provider.mitid.dk to eliminate confusion over where the customer is entering data.
  • CPR matching: Enables service providers to get the end-user CPR number. The end-user is asked to enter their CPR number, and this is matched against the UUID number used in MitID.
  • Session Transfer: Enables a service provider to securely transfer an authentication to a different service provider, without the user having to re-authenticate.
  • Single Sign-On (not implemented yet)
  • Login risk evaluation (not implemented yet): Reduces fraud by making a risk score for each MitID transaction.
  • Login security levels: Facilitates differentiated login levels depending on security needs. Default is Substantial (same as NemID). With Low, you can improve the user experience. With High, you increase the security.
  • Login step-up: This allows the service provider to increase LoA. For example, if the user logs in with Low, the service provider can at any time require the user to “step up” with a combination of authenticators to reach the needed LoA, typically, from Low to Substantial or from Substantial to High.
  • PSD2 compliance: Protects data by not revealing which factor fails in a non-successful login.
  • Transaction consent: Enables the user to see a text about what they are signing/approving.
  • Business identities:
    • Business: Enables employees in companies to log into a business portal with an identity tied to their employer.
    • Private for Business: Enables a private user to use their personal MitID to represent a privately owned company.

These services are marked as add-ons in the headings. You can also follow the links for more information about each add-on.

# Further reading

# Other sources

Last updated: 20/09/2023 12:20 UTC