• Login always occurs at a secure site,
  • You will never have to enter your IceKey on the website of a service provider.
  • All IceKey communications use a secure sockets layer (SSL).
  • All of the IceKey personal data is encrypted, and it is impossible for any part of the system to reveal an IceKey, since only its hash value is stored there.
  • The initial IceKeys issued by Registers Iceland reach you in one of three ways: via a secure connection on your personal banking site, in a closed letter sent to your registered address (domicile), or concealed and handed directly to you if you come to the Registers Iceland Customer Service Centre.
  • In My pages on, you can always look over your login history in order to make certain that no one else has managed to obtain and use your IceKey or eID card.
  • In April 2013, Capacent (an independent knowledge company) performed a risk assessment of the Icelandic National Portal login service. The Capacent conclusion read as follows: "Capacent's investigation did not reveal any serious security vulnerabilities; in fact, substantial knowledge would be required, both technical and concerning the system itself, in order to be able to abuse it."