• No results found

Reducing fragmentation in a scattered eid marked

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Reducing fragmentation in a scattered eid marked"

Copied!
17
0
0

Loading.... (view fulltext now)

Download now ( 17 Page )

Full text

(1)

Reducing fragmentation in a

scattered eID marked

Norstella, eID workshop

Oslo, 16

th

September 2014

Arne Vidar Haug

(2)

About Signicat

Cloud eID / eSignature

• 8 years experience • Mature cloud model

– Multi-tenant, configurable, easy integration, subscription

• Redundant data centers

– Audited after ISO standard • Offices in NO, SE, DK & FI

Large Customer Base

• Identifies over 60 million users • Global coverage with alternative

ID proofing methods for online use • Used by more than 200

organizations

• Enterprises and consumers

Innovation and Technology

• Early mover and leader on Cross

Border eID and Real Signature • Winner of International Identity

Deployment of the Year Award, and Best Innovation Award at the Cards and Payments Europe Awards

• Work with clients and security technology partners to stay

innovative and ahead of the game

Partner Reach

(examples)

(3)

Trust - necessary for online business

Any business relying on online transactions requires a satisfactory

trust-level for their operation. From government, health care, telco's,

banks and big-box retailers.

This only works if individuals can be accurately, rapidly and cost

effectively authenticated online without face-to-face interaction.

► Identity Providers and Attribute Providers are key to this remote

proofing.

The ability to identify/authenticate individuals online is the

underlying, basic enabler that ensures trust.

► In other words, electronic ID is the key factor. It also serves as a

foundation for relevant value adding services such as e-signature.

(4)

Identitiet er ofte startpunktet for mange

sektorer

Identitet er tradisjonelt håndtert separat av hver sektor:

Offentlig sektor

Er du kvalifisert for et

offentlig gode?

ID Risiko:

- Svindel for tilgang til et gode - Lenger prosessering - Redundant prosessering

Helse sektoren

Hvem er du?

Hva er din medisinske historie? ID Risiko: - Utstedelses svindel - Pasient privacy - Integritet på registre

Finansiell sektor

Hvem er du?

Hvordan vil du betale?

ID Risiko:

- Finansiell svindel - Hvitvask

- Høyere transaksjons-avgift

(5)

Digital Identity

Digital Identity can be fetched to both

► Persons (as a private person or as a role within a company)

► Machines (“internet of things” – some 75 million machine-to-machine

connections will be added in Europe by 2015)

Drive towards more self-service apps and portals

► companies are moving more customer transactions from the offline

labor-intense world to online self-service portals

► Online and mobile transactions are far less expensive to support.

Indeed, for banks, they run just 5% of the cost of branch transactions.

(6)

There is several credential and identity

assurance levels

Assurance Levels • LEVEL 4

• Very high confidence required • Level 3

• High confidence required • Level 2

• Some confidence required • Level 1

• Little confidence required

Binding a credential to a unique individual

Establishing the real identity of an individual

Assurance Levels • LEVEL 4

• Very high confidence required • Level 3

• High confidence required • Level 2

• Some confidence required • Level 1

• Little confidence required An individual

(7)

Strong e-ID:

The potential for 2017- 2020: 450 million

Europeans will have an eID, 350 million in South East Asia, 150 million in Brazil,..

There are many e-identities (both weak &

strong, mobile & web based)

(8)

For use within B2B and B2C scenarios Legitimation and binding signature

e-ID ‘the new way’:

(9)

eID in the Nordics (NO, SE, DK, FI)

More than 18 million citizens has an eID in the Nordics

eID issued by banks / bank cooperation, telco’s and government

Different technology choices, certificate types and collaborative models

► Technology changes over time (now: Java -> Java servlets)

Merchants in the private and public sectors

eID can be used for legitimation, logon and and binding e-signature

Sweden Finland Norway Denmark

N

ordic

eI

(10)

Characteristics with eID schemes

Strict issuing procedures

► Bank’s office, police stations, public offices, etc.

► Identification with passports, public id, etc.

Users are familiar with the eID environment

► Frequently used in banks, public services

► User remember their credentials

High security level

► Often PKI-based with electronic signatures available

► 2-factors or more Something you have Something you know Something you are

(11)

Customers/Users expect fast and convenient

access anywhere, anytime and on any device!

2 5 00 2

1 7 4 13 5 0

Full traceability in financial transactions and products

(12)

Questions for the Service Provider before

implementing eID

What opportunities are there in eID for the business?

How to implement eID in current solutions?

How to implement solutions and procedures for customer service

related to the eID?

How to integrate electronically signed documents into existing

workflow?

How to ensure that usability and ergonomics are right for the

service?

(13)

Relaying Party (Website/App)

Reduce Complexity by using a Digital

Identity Service Provider (DISP)

Identity & Signature as a Service End User SAML(xml) Web Service Authenticators (eID) /OCSP/ Proprietary ID Verification Redirect (https) eID infrastructure: E-signature

DISPs add simplicity in e-identity, such as PSPs did for payments

(14)

The Old Fashioned Way vs. The New Style

- Electronic Signature delivered in a standardised way

Old style >1 Week

New style

>1 Day / No-paper

eID used to sign, together with credentials from cert Text from agreement will appear. Time stamp. Signed data object etc

Norwegian State Educational Loan Fund

(15)

Digital identity as a competitive advantage

Introduce ID solutions that offers customers a flexible and

secure platform for authentication and digital signatures

► Let users choose the eID he is familiar with and not yet another service

specific username and password.

► Introduce risk based authentication

► Use an ID-Hub as one-stop-shop to remove complexity and deliver trust

by providing easy access to all relevant eIDs that scales well with the business.

Customer benefits

► Low friction, intelligent authentication enables convenient access to the

services, anytime and anywhere.

► Secure and adaptive protection means higher completion rate

► Same ID and user experience across all applications, channels and

(16)

Value for business

Green values

• Replacing paper and ink with E-signature

• Supporting sustainable IT with Software as a Service Business process productivity

• Increasing self-service and time to completion (e-signature) • Integrating to existing eServices easily

Risk managment

• Enabling strong user authentication (e.g. Bank codes, mobile eID) • Authenticating temporary (ad-hoc) users

• Empowering e-signature for contracts, binding offers etc. Cost-effectiveness

• Reusing existing electronic identities (eID’s)

• Outsourcing authentication and e-signature services • Cutting down logistical costs

17

Business boost

• More transaction completed, and increased adoption and usage • Reduced fraud (strong authentication/non-repudiation)

(17)

Thank you

www.signicat.com

[email protected] +4793060304

References

Download now ( PDF - 17 Page - 1.35 MB )

Related documents

Eid Mubarak Best Wishes In Urdu

On this festival people offer eid prayers and wish before their fellows and relatives a lot happy Eid Mubarak and send eid mubarak wishes in Urdu and Hindi.. Zendagi ka her din Eid

Development of the BIRD: a metadata modelling approach for the purpose of harmonising supervisory reporting at the European Central Bank - Directorate of general statistics: master and metadata

In this report, I will provide a basis for understanding the work undertaken in the team, focussing of the technical aspect of relational database modelling and metadata

PicketLink Federation User Guide 1.0.0

• SAML v2 Web Browser SSO (HTTP/Redirect Binding) Support for JBoss Application Server and Apache Tomcat with XML Signature Support.. • SAML v2 Web Browser SSO (HTTP/POST

The Belgian e-id: hacker vs developer

14 14 eID Architecture eID reader CCID PC/SC PKCS#15 PKCS#1 authentication signatures eID IdP PKCS#11 CSP tokend minidriver SSL eID Applet PKI CRL OCSP DSS TSA TSP CA NTP ID SAML

The Economic and Employment Consequences of Repealing Federal Health Reform: A 50 State Analysis

This report examines the consequences of repealing two key elements: (1) federal premium tax credits that help low and middle income Americans afford insurance

Transatlantic Divergence in Legal Thought: American Law and Economics vs. German Doctrinalism, The

In the United States, legal realism discredited classical legal thought and opened legal scholarship for external criteria. Legal realism, among other things, argued

English and Welsh Civil and Social Justice Panel Survey: Wave 1. Findings and Technical Report

Respondents to the first wave of the CSJPS, conducted between June and October 2010, were asked about the experience of problems in each of 15 distinct civil justice

General and specific paraphrases of semantic relations between nouns

In this paper, we describe techniques for paraphrasing the semantic relations that can hold between nouns in a noun compound, using a semi-supervised probabilistic method to