The Identrus System

PKI FORUM- Dublin

JOHN G BULLARD

MANAGING DIRECTOR

PARTICIPANT RELATIONS

27th June 2000 www.identrus.com

Market Opportunity

Identrus, L L C C O N FIDE N TIA L - D o N ot D uplicate.

Corporate Interest in leveraging the internet for com m ercial activity is accelerating

Source: The Yankee Group

45%

28%

20%

60%

48%

39%

1996 1998

% Interested in ED I over Internet

% Interested in O nline Sales

% Interested in Financial Transactions

Identrus, LLC CONFIDENTIAL - Do Not Duplicate.

1998 was the “take-off” year for Business-to-Business E-commerce

$1.1 Trillion

Source: IDC – Global Market Forecast for Internet Usage and Commerce, July 1998

Acceleration of E-Commerce acceptance in early 1998 resulted in upward revisionsof market forecast

$1000

$800

$600

$400

$200

$01998 1999 2000 2001 2002

1997 forecasts for 1998 were exceeded by 30%

1997

Other industries

Utilities

Motor vehicles

Petro-chemicals

Computing and electronics

2 617

39

80

149

3 817

41

105

183

1 7

34

90

171

320

0

50

100

150

200

250

300

350

1996 1997 1998 1999 2000 2001U

SD

in b

illio

ns

IDC Corporation Forrester Group (US Only) Yankee Group

Financial Institutions as Trusted Third Parties …….Trust and Risk are closely connected……..Systems of Trust are only as viable as the processes they are based upon…

• Keys/certificates issued indiscriminately erodes trust• Certificate Issuers should know the recipients• Certificate Issuers should financially endorse Identities• Issuers recognized as trustworthy enhance the utility• A sophisticated technology capability is required• Processes and systems are required to initially validate personalities prior to issuance,

validate & verify on an ongoing basis, and communicate changes in privilege

Systems of Trust are only as viable as the processes they are based upon…

• Keys/certificates issued indiscriminately erodes trust• Certificate Issuers should know the recipients• Certificate Issuers should financially endorse Identities• Issuers recognized as trustworthy enhance the utility• A sophisticated technology capability is required• Processes and systems are required to initially validate personalities prior to issuance,

validate & verify on an ongoing basis, and communicate changes in privilege

Banks Already …

are positioned as trusted intermediaries in traditional commerce {Signature Guarantors; Payments}

have extensive experience in deploying and managing robust security solutions to customers {Funds Transfer; Online Treasury Workstations}

are beginning to deploy certificates for use when customers desire to access their banks’ payments network {Broadening the acceptability of bank certificates provides seamless connectivity between the buying process and the payments environment}

have broad customer reach {Large Corporate; Middle Market, Small Business}

IDENTRUS RELATIONSHIPSIDENTRUS RELATIONSHIPS

INVESTORS

CUSTOMERS

CUSTOMERS’ CUSTOMERS

IDENTRUS LLC

SOL. PARTNERS

TEC. VENDORS

HR, PREMISES ETC.

Identrus Foundation

International trust infrastructure

Based on Public Key Infrastructure (PKI) technology.

Leverages Financial Institutions for global distribution and local presence.

End-user certificates provide for Identity of transacting parties, Message integrity, and non-repudiation.

Financial Institutions globally are engaging to participate in the Identrus network

As agents of trust, managers of risk, and enablers of commerce, financial

institutions are uniquely positioned to provide CA services to buyers and

sellers and make digital certificates an integral part of the global

electronic commerce marketplace.

Our Market Thesis

United States Federal Reserve Board Order

...

Proposed Activities

Identrus is a joint venture among Notificants and other commercial banks and foreign banking organizations. Under the proposal Identrus would act as the global rulemaking and coordinating body for a network of financial institutions that would act as CAs and therby provide services designed to verify or authenticate the identity of customers conducting financial and nonfinancial transactions over the Internet and other “open” electronic networks. To provide these services, Identrus and its network of participating financial institutions (the “Identrus System”) would utilize digital certificates and digital signatures created through the use of public key cryptography.

…

Conclusion

Based on the foregoing and all the facts of record, the Board has determined that the proposal should be, and hereby is, approved.

…

By order of the Board of Governors, effective November 10, 1999

Voting for this action: Chairman Greenspan, Vice Chairman Ferguson, and Governors Kelley, Meyer, and Gramlich, USA.

Business To Business Interactions

Identrus Root Certificate Authority

Identrus Root Repository

BANKS

COMPANI ES

AUTHORI ZED EMPLOYEES

Business To Business Interactions

Identrus Root Certificate Authority

Identrus Root Repository

BANKS

COMPANI ES

AUTHORI ZED EMPLOYEES

HIERARCHICAL PKI

Identrus

SponsorCorporation

PurchasingMgr. 2

SponsorCorporation

SalesAgent 2

Identrus to CA System Rules &

Contracts

CA to Corp Contract

• Binds sponsor corporation to system

• Define standard operating and liability rules for corporations

{{

Identrus to CA System Rules &

Contracts

AuthenticatedE-Commerce Transactions

Purchasing Manager

Sales Agent

GLOBAL LEGAL FRAMEWORK.:.INT’L CONTRACT LAW.

Firestone E-Bid Form

Company: XYZ CorpAgent: John JonesQty: 1,000Price: $100/tireTotal Value: $100,000Delivery Date: 6/15/98

Validation &Identity

Assurance$1,000/30days

Message/Offer

Real-timeCertificate/Identity

Verification

Real-timeCertificate/Identity

Verification

Identrus

RelyingParticipant

Relying Participant

Issuing Participant

Sponsor Corporation

Sponsor Corporation

Sales Agent

Purchasing Manager

REAL TIME VALIDATION & WARRANTY…...

SponsorCorporationXYZ Corp

PurchasingMgr.

Liability Metering

Bank RM ReportingMax: $10MMOutstd: $10MOpen Bal: $9.9MM

XYZ Corporate ReportingMax: $1MMOutstd: $10MOpen Bal: $.9MM

Employee Level ReportingMax: $250MOutstd: $10MOpen Bal: $240M

$

Time

$

Time

$

Time

$

Time

$

Time

$

Time

Participating Bank

SYSTEM-WIDE RISK MANAGEMENT METERING….

Service Layer Model

Layer 1

Layer 2

Layer 3

Service 1

Service 2

Customer Services

Layer 2 Rules

Layer 1 Rules Identrus provides basic, globale-trust infrastructure

Local Group provides shared value added services on top ofon top of Identrus

Local Participants delivercompeting applications to customers.

Opportunity- the end customer does not want a fistful of cards- just simplicity, transparency and reliability

Online Auction Markets Electronic Content Delivery Insurance Sales & Contracts Securities Trading Government Filings,

Procurement, etc.

EC Applications

ACH Payments Corporate Purchasing International Trade Letter of Credit Statement Delivery Others

Financial Services

Global Trust Identity Certificate

TraditionalTrust Role

Where is Trust required? How much certainty required at each stage?

FindTradingPartner

Offer/Accept

AssessCredit

Contracts/Purch. Order

LogisticsPay /Settle

FindTradingPartner

Bid/Selection

ObtainCredit

Contracts/Purch. Order

LogisticsPay /Settle

Bank

Bank

Buyer

Seller

Emerging Online Trust Roles

Where we stand: Customer Usage/Pilots

• Pilots underway:

– Cisco – Commercial Leasing

– Allianz – Insurance Contract Administration

– Siemens – Online Procurement/Computer Sales

– ComLease – Equipment Leasing

– SAP – MySAP – Single Sign-on and STP for ERP

– eBx – Bill Presentment and Payment

Many others finalizing details with their sponsor banks

– Auction Sites/Online Markets/Exchanges

– Corporate Purchasing

– E-Letters of Credit

– E-Payments

Identrus System Documentation

Identrus System Documentation

Policy documents

Legal documents

Operational documents

Technical documents

Other documents

Risk Management Approach

Risk Controls

Security/Technology• Infrastructure specifications• Security specifications• Exposure Management

Allocation• Customer Agreements• Participant Agreements• Collateral Agreements• Claims and Dispute Resolution

Procedures

Monitoring, Procedures & Practices• Controls and Practices• Minimum Operating Requirements• Collateral and Cap monitoring

System-wide Roles & ResponsibilitiesContracts & Procedures

Seller(Relying Party)

Client AppClient App Business to Business

Interactions

Identrus

PurchasingManager

(Certificate Holder)

Certificate Authority

Risk ManagementModule

OCSP Responder& Repository

TransactionCoordinator

Certificate Authority

Risk ManagementModule

OCSP Responder& Repository

TransactionCoordinator

Root Certificate Authority (CA)

Issuing Participant Relying Participant

Subscribing Customer

Relying Customer

Root CA

Transaction Coordinator

Risk Mgmt Module

OCSP Resp. & Repository

Summary

• The Identrus System allows for a Global Electronic Marketplace

• FI’s issued Digital Certificates for authenticating Businesses, Employees and Application Servers

• Identrus focused on Identity risk management services – Validation, Warranty, Authorization, etc.

• Partnership approach is key to building a robust highly interoperable business system

For additional information about the Identrus:

www.identrus.com

Or email to: info@identrus.com

12