Overview

The NemID framework provides a secure way of ascertaining the identity of the person using a web-site.

To use NemID the following must be done first:

• Your company must have a formal agreement with NETS/DanID to use NemID.
• When this agreement is done, you will receive two VOCES certificates from NETS/DanID - one for the testing purposes and one for production. The leading 'V' in VOCES is short for Virksomhed meaning Company.
• These certificates must be handed to MVNO and installed on our servers.

Using NemID to verify a CPR number

When the user has completed an authentication using NemID, the web-site in question knows the PID of the users POCES certificate. The leading 'P' in POCES is short for Personal.

After authenticating with NemID the user must suppy his CPR-number. Using a method on the API the web-site can match the CPR with the PID. If the two match, the web-site knows that whoever is at the keyboard has access to the correct NemID for the CPR-number in question.

• The user points his browser to a page where the NemID client is used.
• Before sending the page, the web-server asks the MVNO API for a set of NemID parameters.
• The page renders in the users browser, and the NemID client is shown to the user. The NemID client is rendered in an iframe.
• The user completes the authentication using the NemID client. All communication is done between the users browser and DanIDs server.
• The NemID client sends a message to the containing page, supplying an encrypted signature.
• The page forwards the encrypted signature to the web-server.
• The web-server sends the encrypted signature to the MVNO API and get a PID back

You can see the detailed method documentation by clicking here.