establishing a digital identity martin roe - director of technology, royal mail viacode
TRANSCRIPT
Establishing a Digital Identity
Martin Roe - Director of Technology, Royal Mail ViaCode
What’s in a name?
Work Health Club
Family Member
Who am I?
Citizen
Work Health Club
Family Member
One Signature!
Who am I?
Citizen
The Signature is mineBecause I signed it!
Note that the Signature is:Perpetual (All my life)Not affected by value of the transaction
This is clearly open to Fraud:Risk can be reduced by using NotariesChecks are increased if value rises
Signing a Contract
Digital ID’s
Digital signatures are ‘One Off’Associated with a single transaction
Signatures are validated against KeysKeys need to be under tight control
Private secure/Public readily availableIssuer must maintain history/audit
Oddly, less open to fraudProcesses are tighter
Digital Signatures
Both Specific or General UseOther uses achievableRestricted by liabilityRestricted by law (currently)
PKI Technology MatureExtending Storage MediumPC, Smart Cards, WAP DevicesHas a full revocation method
Needs a Trusted Issuing Party
Digital Signatures
Examples Travel Agents Insurance Brokers Insurance Assessors Auditors
Trusted Third Parties
OK; I’ve got a Digital Signature.
The world knows who I am; ViaCode have validated me!
Now, what can I use it for?
Signing Documents Digitally
Level Cert.Strength
Meaning
0 No Authentication Required
1 Low On Balance of ProbabilityThey are who they say they are
2 Medium ID Established to a SubstantialDegree of Assurance
3 High Identity Established Beyond aReasonable Doubt
Legal Defintions (CITU/PIU)
Level Cert.Strength
Authentication Method
0 No Authentication Required
1 Low On Line with Checks
2 Medium On Line with Extensive Checks
3 High Face to Face
ViaCode: Citizen Authentication
Level Cert.Strength
Authentication Method
0 No Authentication Required
1 Low Trusted Organisation (Agents)
2 Medium Delegated Face to Face
3 High Face to Face
ViaCode: Business Authentication
PKI provides: Content Confidentiality through Encryption Content Integrity Authentication of both Parties
ViaCode: Document Exchange
PKI does NOT provide: Non Repudiation; inability to deny an event Backed by a Trusted Organisation Backed by Insurance/Liability protection Backed by Audit/Forensic Evidence
ViaCode: Document Exchange
Send eMail/Document to Royal Mail in an Encrypted Session
Receipt Acknowledgement
ViaCode: Document Exchange
Royal Mail re- transmits the Document but without ‘Keys’
Opening Requests ‘Keys’?
‘Keys’ are Returned
ViaCode: Document Exchange
The Originator is informed that the transaction is complete
OR
ViaCode: Document Exchange
The Originator is informed that the transaction is INCOMPLETE
X
ViaCode: Document Exchange
State of the Art
Within the Post Office..
Secure track and trace facility for selected customers
Veronica - International Services can have secure communications with their Dutch division
ViaCode: State of the Art
Major Reseller partnership
300,000 potential certificate holders
Secure communications between European network
Export documentation process reduced from 3 days to 3 hours with ViaCode
ViaCode: State of the Art
New Second Generation Portal Launch
Portal web site with trust a key feature of differentiation
Planning for over 2 million subscribers
ViaCode certificates will secure all transactions and communications
launching summer 2000
Corporate Solution involving Royal Mail, POCL & Parcelforce
ViaCode: State of the Art
Operating as a reseller of ViaCode in the Channel Islands
Targeting lucrative banking, legal and finance sectors
Applications such as on line contract signing money transfer requests and insurance quotes
ViaCode: State the Art
Government
The e-commerce minister Patricia Hewitt MP used a ViaCode certificate in the first ever digital signing of an agreement between two European Governments(Mar 2000)
Legal Sector
8 contracts secured in March 2000 alone
ViaCode: State the Art
Establishing a Digital Identity
Martin Roe - Director of Technology, Royal Mail ViaCode