Reducing fragmentation in a scattered eid marked



Similar documents
Signicat white paper. Signicat Solutions. This document introduces the Signicat solutions for digital identities and electronic signatures

Electronic Citizen Identities and Strong Authentication

View from a European Trust Service Provider Server Signing: Return of experience and certification strategy

TABLE OF CONTENTS. Introduction 3 OTP SMS Two-Factor Authentication 5 Technical Overview 9 Features 10 Benefits 11 About MobiWeb 12 Quality 13

Research Priorities Jean-Pierre Tual, Industrial Relations Director, Strategy and Innovation

How To Create A Global Signer For The Internet Of Everything

Ubisecure. White Paper Series. e-service Maturity Model

Position Paper Ecommerce Europe. E-Payments 2012

MyBank and banking on Banks. Why the Current account is the killer app for digital commerce and identity

THE LEADING EDGE OF BORDER SECURITY

Authentication methods for mobile services INF 5261

Guide to building a secure and trusted BYOID environment

How much do you pay for your PKI solution?

Global eid Developments. Detlef Eckert Chief Security Advisor Microsoft Europe, Middle East, and Africa

Mobile Banking FEATURES & BENEFITS OF MOBILE BANKING

Biometric Electronic Signaturein a Bank Biometryczny podpis elektroniczny w kontekście banku

esign FAQ 1. What is the online esign Electronic Signature Service? 2. Where the esign Online Electronic Signature Service can be used?

How To Create Trust Online

LEGAL FRAMEWORK FOR E-SIGNATURE IN LITHUANIA AND ENVISAGED CHANGES OF THE NEW EU REGULATION

Identity & Privacy Protection

Longmai Mobile PKI Solution

Encryption as a Cloud Service provides the lowest TCO

nexus Hybrid Access Gateway

ACI TOKEN MANAGER FOR MOBILE: TOKEN SERVICE PROVISION, HCE AND EMBEDDED SECURE ELEMENT IN THE CLOUD

Secure and simple authentication via mobile phone

Position Paper Online Payments in Europe

eidas as blueprint for future eid projects cryptovision mindshare 2015 HJP Consulting Holger Funke

We make cards and payments work for people as a part of everyday life. We bring information to life

NCSU SSO. Case Study

Information Technology Branch Access Control Technical Standard

Apple Managed with Microsoft. Anders Meinert, Sebastian Bredsdorff,

BI at Nets. Frances D Silva. CIO forum, Dec. 2012

Mobile Wallet Platform. Next generation mobile wallet solution

WHITE PAPER Usher Mobile Identity Platform

E-Signing Functional description

Mod 2: User Management

TrustedX - PKI Authentication. Whitepaper

Securing Identities & Trust

COMMISSION OF THE EUROPEAN COMMUNITIES

Rolling out eidas Regulation (EU) 910/2014. Boosting trust & security in the Digital Single Market

The Top 5 Federated Single Sign-On Scenarios

300% increase 280 MILLION 65% re-use passwords $22 per helpdesk call Passwords can no longer protect you

Made for MSPs by an MSP

Combatting Counterfeit Identities: The Power of Pairing Physical & Digital IDs

bbc Overview Adobe Flash Media Rights Management Server September 2008 Version 1.5

Explanation of MasterCard SecureCode & Verified by Visa

Entrust Secure Web Portal Solution. Livio Merlo Security Consultant September 25th, 2003

Position Paper e-payments

Knowledge-Based Authentication Challenge Response System

Your privacy and the safety of your accounts and information is our top priority, which is why we ve added extra security to our mobile services.

White paper December Addressing single sign-on inside, outside, and between organizations

Exploring ADSS Server Signing Services

SINGTEL BUSINESS - PRODUCT FACTSHEET MANAGED CLOUD SERVICE (SINGTEL IAAS)

Lexmark Enterprise Software. Transforming customer engagement

IBM esignature overview

Alternative authentication what does it really provide?

People-Focused Access Management. Software Consulting Support Services

Strong Authentication for Secure VPN Access

February Are You Ready for E-invoicing?

PrinterOn Print Management Overview

Agilent MicroLab Software with Spectroscopy Configuration Manager and Spectroscopy Database Administrator (SCM/SDA)

one admin. one tool. Providing instant access to hundreds of industry leading verification tools.

Simplify Your Banking with eservices May 5 th, 2015

Two-Factor Authentication

Planning and Budgeting Cloud Service

Getting Started with StoreGrid Cloud

DS : Trust eservices. The policy context: eidas Regulation

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

E-Signature Adoption Trends

Quick Start Guide: Utilizing Nessus to Secure Microsoft Azure

DIGITAL IDENTITY ACROSS

NCR APTRA PASSPORT Part of NCR s enterprise hub for remote deposit capture

Web Applications Access Control Single Sign On

Microsoft Azure Multi-Factor authentication. (Concept Overview Part 1)

Role Based Identity and Access Management Basic Infrastructure for New Citizen Services and Lean Internal Administration

How To Control A Record System

Derived credentials. NIST SP ( 5.3.5) provides for long term derived credentials

Two-Factor Authentication over Mobile: Simplifying Security and Authentication

SAP Cloud Identity Service

Ericsson Mobile digital identity

IDENTITY-AS-A-SERVICE IN A MOBILE WORLD. Cloud Management of Multi-Modal Biometrics

FTP-Stream Data Sheet

ROADMAP. A Pan-European framework for electronic identification, authentication and signature

Transcription:

Reducing fragmentation in a scattered eid marked Norstella, eid workshop Oslo, 16 th September 2014 Arne Vidar Haug VP Business Development / Co-Founder, Signicat

About Signicat Cloud eid / esignature 8 years experience Mature cloud model Multi-tenant, configurable, easy integration, subscription Redundant data centers Audited after ISO standard Offices in NO, SE, DK & FI Innovation and Technology Early mover and leader on Cross Border eid and Real Signature Winner of International Identity Deployment of the Year Award, and Best Innovation Award at the Cards and Payments Europe Awards Work with clients and security technology partners to stay innovative and ahead of the game Large Customer Base Identifies over 60 million users Global coverage with alternative ID proofing methods for online use Used by more than 200 organizations Enterprises and consumers Partner Reach (examples) eid schemes

Trust - necessary for online business Any business relying on online transactions requires a satisfactory trust-level for their operation. From government, health care, telco's, banks and big-box retailers. This only works if individuals can be accurately, rapidly and cost effectively authenticated online without face-to-face interaction. Identity Providers and Attribute Providers are key to this remote proofing. The ability to identify/authenticate individuals online is the underlying, basic enabler that ensures trust.. In other words, electronic ID is the key factor. It also serves as a foundation for relevant value adding services such as e-signature.

Identitiet er ofte startpunktet for mange sektorer Identitet er tradisjonelt håndtert separat av hver sektor: Offentlig sektor Er du kvalifisert for et offentlig gode? ID Risiko: - Svindel for tilgang til et gode - Lenger prosessering - Redundant prosessering Helse sektoren Hvem er du? Hva er din medisinske historie? ID Risiko: - Utstedelses svindel - Pasient privacy - Integritet på registre Finansiell sektor Hvem er du? Hvordan vil du betale? ID Risiko: - Finansiell svindel - Hvitvask - Høyere transaksjonsavgift Innvirkningen føles av hver og en men det var før gjenbrukbare eid

Digital Identity Digital Identity can be fetched to both Persons (as a private person or as a role within a company) Machines ( internet of things some 75 million machine-to-machine connections will be added in Europe by 2015) Drive towards more self-service apps and portals companies are moving more customer transactions from the offline labor-intense world to online self-service portals Online and mobile transactions are far less expensive to support. Indeed, for banks, they run just 5% of the cost of branch transactions. Source: BCG

There is several credential and identity assurance levels User X Binding a credential to a unique individual Assurance Levels LEVEL 4 Very high confidence required Level 3 High confidence required Level 2 Some confidence required Level 1 Little confidence required An individual Establishing the real identity of an individual Assurance Levels LEVEL 4 Very high confidence required Level 3 High confidence required Level 2 Some confidence required Level 1 Little confidence required

There are many e-identities (both weak & strong, mobile & web based) Strong e-id: The potential for 2017-2020: 450 million Europeans will have an eid, 350 million in South East Asia, 150 million in Brazil,..

e-id the new way : Verified KYC credentials from trusted sources (e.g. Government or Bank): For use within B2B and B2C scenarios Legitimation and binding signature

eid in the Nordics (NO, SE, DK, FI) More than 18 million citizens has an eid in the Nordics eid issued by banks / bank cooperation, telco s and government Different technology choices, certificate types and collaborative models Technology changes over time (now: Java -> Java servlets) Merchants in the private and public sectors eid can be used for legitimation, logon and and binding e-signature Sweden Finland Norway Denmark Nordic eid

Characteristics with eid schemes Strict issuing procedures Bank s office, police stations, public offices, etc. Identification with passports, public id, etc. Users are familiar with the eid environment Frequently used in banks, public services User remember their credentials High security level Often PKI-based with electronic signatures available 2-factors or more Something you have Something you know Something you are

Customers/Users expect fast and convenient access anywhere, anytime and on any device! Full traceability in financial transactions and products 1 2 500 2 7 4 13 5 0 They also expect flexibility, simplicity, adapted content & services

Questions for the Service Provider before implementing eid What opportunities are there in eid for the business? How to implement eid in current solutions? How to implement solutions and procedures for customer service related to the eid? How to integrate electronically signed documents into existing workflow? How to ensure that usability and ergonomics are right for the service? How to ensure overall security and trust over time?

Reduce Complexity by using a Digital Identity Service Provider (DISP) Relaying Party (Website/App) End User Authenticators (eid) eid infrastructure: /OCSP/ Proprietary ID Verification E-signature Redirect (https) Identity & Signature as a Service SAML(xml) Web Service DISPs add simplicity in e-identity, such as PSPs did for payments

The Old Fashioned Way vs. The New Style - Electronic Signature delivered in a standardised way Norwegian State Educational Loan Fund - Loan agreement with BankID + PAdES signature Old style >1 Week eid used to sign, together with credentials from cert New style >1 Day / No-paper Text from agreement will appear. Time stamp. Signed data object etc

Digital identity as a competitive advantage Introduce ID solutions that offers customers a flexible and secure platform for authentication and digital signatures Let users choose the eid he is familiar with and not yet another service specific username and password. Introduce risk based authentication Use an ID-Hub as one-stop-shop to remove complexity and deliver trust by providing easy access to all relevant eids that scales well with the business. Customer benefits Low friction, intelligent authentication enables convenient access to the services, anytime and anywhere. Secure and adaptive protection means higher completion rate Same ID and user experience across all applications, channels and borders.

Value for business Business boost More transaction completed, and increased adoption and usage Reduced fraud (strong authentication/non-repudiation) Enabler for new services or ways of working Cost-effectiveness Reusing existing electronic identities (eid s) Outsourcing authentication and e-signature services Cutting down logistical costs Risk managment Enabling strong user authentication (e.g. Bank codes, mobile eid) Authenticating temporary (ad-hoc) users Empowering e-signature for contracts, binding offers etc. Business process productivity Increasing self-service and time to completion (e-signature) Integrating to existing eservices easily Green values Replacing paper and ink with E-signature Supporting sustainable IT with Software as a Service 17

Thank you www.signicat.com arne.vidar.haug@signicat.com +4793060304 18

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information