In Denmark, NemID has been the official electronic identification system since 2010, with anyone above 15 with a CPR-number being eligible for the service. This e-ID can be used in banking as well as accessing public institutions, such as digital post. Now, there is a new solution on the way: MitID.
MitID is described as a secure and easy-to-use electronic ID. Individuals will use the same login across various platforms, from borger.dk to online shopping. This solution is being tested to meet the demands of today’s technology usage. The NemID app and MitID app are not all that different in use, apart from the disappearance of the key card.
How secure is MitID going to be?
The security involved in MitID is developed in tune with the solutions’ own technical architecture and the revision the Danish Agency for Digitisation conducts annually. Since this system will be shared among Danish companies and authorities, it will remain up-to-date on the latest standards for authentication and security.
The cryptographical key of the solution is realised in hardware security modules that facilitate secure access control. There are sensors which note any break-in attempt for the module. The system is actually designed so that other cryptographical solutions can be applied as they are created.
MitID offers four authenticators: password, time-based one-time password (TOTP), MitID app and a physical chip via USB. MitID will be available for anyone above 13 with a valid identification in Denmark. The MitID app can be instantly downloaded, and physical authenticators are sent by mail.
Individuals can submit complaints regarding MitID and the way their personal data is handled.
Why is electronic identification important?
Digital identities act as proof-of-self in the online world. The analogue era has been phasing out for decades, as technological advancements have facilitated the transition from physical to digital. In a remote setting, like the internet, how do we maintain trust and security when it comes to identity verification?
Businesses and governments have been able to transform digitally thanks to trust between customers and the services they are being offered. There will always be criminals searching for ways into sensitive data and systems they can reap benefits from. Therefore, some more ‘traditional’ forms of identity verification are no longer secure enough, i.e., the use of a password, without any other protection.
It is estimated that over a billion people do not have formal identification. This is a major issue of inclusion; digital identity can provide basic services for people, such as financial, healthcare, and educational opportunities. In many ways, digital identities are building blocks in our shared future.
There is ongoing and critical debate on who should control and benefit from identity information, especially online. It will be crucial for various stakeholders to enter dialogue together to accomplish shared standards and practices in the area of technology. It is difficult to find a universal approach, as all individuals do not have access to the same levels of technology.