1 / 26

Establishing a Digital Identity: The Role of Signatures in Secure Transactions

Martin Roe, Director of Technology at Royal Mail ViaCode, explores the concept of digital identity in modern transactions. He highlights the differences between traditional signatures and digital signatures, emphasizing the importance of security and trust in digital communications. Digital signatures, while often tied to specific transactions, offer enhanced security measures like encryption and controlled access. Roe discusses applications in various sectors including legal and insurance, showcasing how technologies like PKI and ViaCode facilitate secure document exchanges.

sugar
Télécharger la présentation

Establishing a Digital Identity: The Role of Signatures in Secure Transactions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Establishing a Digital Identity Martin Roe - Director of Technology, Royal Mail ViaCode

  2. What’s in a name?

  3. Work Health Club Family Member Citizen Who am I?

  4. One Signature! Work Health Club Family Member Citizen Who am I?

  5. Signing a Contract • The Signature is mine • Because I signed it! • Note that the Signature is: • Perpetual (All my life) • Not affected by value of the transaction • This is clearly open to Fraud: • Risk can be reduced by using Notaries • Checks are increased if value rises

  6. Digital ID’s

  7. Digital Signatures • Digital signatures are ‘One Off’ • Associated with a single transaction • Signatures are validated against Keys • Keys need to be under tight control • Private secure/Public readily available • Issuer must maintain history/audit • Oddly, less open to fraud • Processes are tighter

  8. Digital Signatures • Both Specific or General Use • Other uses achievable • Restricted by liability • Restricted by law (currently) • PKI Technology Mature • Extending Storage Medium • PC, Smart Cards, WAP Devices • Has a full revocation method • Needs a Trusted Issuing Party

  9. Trusted Third Parties • Examples • Travel Agents • Insurance Brokers • Insurance Assessors • Auditors

  10. Signing Documents Digitally • OK; I’ve got a Digital Signature. • The world knows who I am; ViaCode have validated me! • Now, what can I use it for?

  11. Legal Defintions (CITU/PIU)

  12. ViaCode: Citizen Authentication

  13. ViaCode: Business Authentication

  14. ViaCode: Document Exchange • PKI provides: • Content Confidentiality through Encryption • Content Integrity • Authentication of both Parties

  15. ViaCode: Document Exchange • PKI does NOT provide: • Non Repudiation; inability to deny an event • Backed by a Trusted Organisation • Backed by Insurance/Liability protection • Backed by Audit/Forensic Evidence

  16. Send eMail/Document to Royal Mail in an Encrypted Session Receipt Acknowledgement ViaCode: Document Exchange

  17. Royal Mail re- transmits the Document but without ‘Keys’ ? Opening Requests ‘Keys’ ‘Keys’ are Returned ViaCode: Document Exchange

  18. The Originator is informed that the transaction is complete ViaCode: Document Exchange OR

  19. The Originator is informed that the transaction is INCOMPLETE X ViaCode: Document Exchange

  20. State of the Art

  21. ViaCode: State of the Art • Within the Post Office.. • Secure track and trace facility for selected customers • Veronica - International Services can have secure communications with their Dutch division

  22. ViaCode: State of the Art • Major Reseller partnership • 300,000 potential certificate holders • Secure communications between European network • Export documentation process reduced from 3 days to 3 hours with ViaCode

  23. ViaCode: State of the Art • New Second Generation Portal Launch • Portal web site with trust a key feature of differentiation • Planning for over 2 million subscribers • ViaCode certificates will secure all transactions and communications • launching summer 2000 • Corporate Solution involving Royal Mail, POCL & Parcelforce

  24. ViaCode: State the Art • Operating as a reseller of ViaCode in the Channel Islands • Targeting lucrative banking, legal and finance sectors • Applications such as on line contract signing money transfer requests and insurance quotes

  25. ViaCode: State the Art • Government • The e-commerce minister Patricia Hewitt MP used a ViaCode certificate in the first ever digital signing of an agreement between two European Governments(Mar 2000) • Legal Sector • 8 contracts secured in March 2000 alone

  26. Establishing a Digital Identity Martin Roe - Director of Technology, Royal Mail ViaCode

More Related