The enacted European Electronic Signatures
and National Signature Directives
grants electronic signatures and contracts the same legal weight as handwritten signatures on printed documents and will have a significant impact on the way business-to-business and business-to-consumer transactions are performed. While these law will almost certainly accelerate the use of digital signatures for all sorts of e-commerce transactions, these law does not specify a single de facto standard authentication technology used to generate digital signatures. The more authentication
pieces drawn from each type, the more assurance there is of a person’s or system’s identity.
Identification form and assurance categories are the following types:
Something you know - a password; a PINtoken;
Something you have- a token; a creditcard;
are – a fingerprint or keystroke behaviour.
A Public Key Infrastructure
(PKI) needed for a legal digital signature supports the enrollment, distribution, management, backup, and revocation of public and private key pairs, usually contained in a digital certificate. The system is based on pairs of keys - the assertion that data encrypted with a single key can be decrypted only by its paired key and vice versa. The PKI operates within one or many certificate authorities (CA), entities responsible for authorizing and issuing a certificate.
We therefore partner with Certificate Authorities so that they can deliver their certificates, key pairs on our Universal Serial Bus (USB) cryptographic token in order for their customers to generate digital signatures in an easy manner. USB cryptographic tokens offer an easy and secure way to generate, store and deploy digital identities for a host of e-commerce applications and transactions as well as other security functions.
Our USB PKI tokens
also have the unique ability to plug the security gap found in many digital signature schemes. The USB PKI token is the same as a smart card except it contains an embedded reader, serialized to the computer through a USB data port. A typical use of the USB PKI Token is to generate and store the private key and certificate. This private key cannot be exported out of the card. In this way it can guarantee that the holder of the private key is also holding the token. Private keys that are stored in software on a computer may be vulnerable to compromise as they can be easily copied to other devices.
Should you have any questions about opportunities for Certificate
Authorities, please do not hesitate to contact