Critical. Authoritative. Strategic.


CBR is proudly produced & published
by Technews
Issue Date: February 2001 (es)

Smartcards and PKI: a winning combination

February 2001

The growing number of electronic transactions between businesses promises to present a wealth of opportunities over the next three years. Until recently, the absence of ways to secure these transactions was slowing development. Today, however, PKI (public key infrastructures) and smartcards offer a reliable solution.

Reduced costs, time savings and increased productivity; enterprises are well aware of the potential benefits electronic commerce can bring to business relationships. Whether the two parties are linked by a point-to-point system or a virtual e-marketplace that brings together buyers and sellers in the same sector of activity, business-to-business (B2B) is of growing importance to the e-economy.
New e-market places are springing up fast in all sorts of industries from agriculture to automobile manufacturing, banking and more. B2B deals already account for about 85% of all total e-commerce transactions and analysts are predicting an imminent boom. By 2004, according to Forrester Research, the market will be worth about $1500 bn versus $55 bn in 1999.
But the main barrier to the adoption of Internet commerce remains the lack of security and trust.
B2B market far more exacting
Electronic commerce between businesses and consumers (B2C) relies on securing payments. But the business-to-business market is far more exacting. It requires a system for signing not only financial transactions, but also all electronic messages carrying orders, contracts, invoices and other confidential documents. Public key infrastructures (PKI) are the most promising solutions here, which is why they are so essential for securing B2B transactions.
Acting in tandem: PKI and smartcards
PKI relies on asymmetric cryptography such as RSA or DSA to encrypt and de-crypt data, and issue or validate message signatures, with a pair of keys. Every user is assigned a top secret, private key, which is used to sign messages, and another public key which lets the receiving party validate this digital signature. Among the many advantages this system offers recipients is the capacity to verify a document's origins. If, for example, a Japanese supplier responds to a request for proposal from an American buyer on the Internet, the public key can establish that the supplier is whoever they claim to be, and ensure that the offer the potential purchaser receives is the same one as was originally sent.
Trusted third parties?
To create a technical link between a user's credentials and his digital signature, the PKI infrastructure requires a trusted third party or certification authority. The role of the CA is to issue digital certificates, the electronic equivalent of an identity card, which is systematically used with every transaction.
The entire process depends on maintaining the security and confidentiality of private keys. Without this essential link, the chain would be broken every time a user refuses to recognise their signature and calls the electronic transaction into question.
Secure key storage
The problem in a PKI environment is much the same as that facing any other cryptography system - secure key storage. That is where the smartcard comes in.
At present, smartcards offer the surest solution for storing the user's pair of keys. Especially as the private key, the most sensitive part of the system, never leaves the card! Thanks to its secured microprocessor, own coding algorithms and integrated anti-piracy devices, locking the keys away in a smartcard is like keeping them in a mini-bank vault. That is why it can be relied on to generate digital signatures.
The Identrus initiative
Banks are front line players in the traditional commercial relationships between businesses. Clearly, they also have a part to play in B2B e-commerce and are determined to retain their place in tomorrow's market for financial transactions. Identrus was launched commercially in September 2000 and is looking to bring together more than 300 banks with thousands of business customers each.
Founded by seven of the world's biggest banks - ABN Amro, Bank of America, Barclays PLC, Chase Manhattan, Citigroup, Deutsche Bank and Hypo Vereinsbank - in April 1999, and now including about thirty financial institutions, Identrus offers businesses access to a secure global network for B2B transactions. Of course, these services are only available to customers of the member banks.
The GemSAFE IS card, reader and software kit enables users to encrypt and sign electronic transactions
The GemSAFE IS card, reader and software kit enables users to encrypt and sign electronic transactions
Gemplus and Identrus
Identrus offers a rapid, pragmatic means for securing B2B transactions between customers and suppliers. To do so, Identrus has defined a global technology infrastructure based on the smartcard and PKI, as well as common business practices and regulations for every participant.
"Gemplus has taken the strategic decision to get strongly involved in B2B e-commerce," says Frank Edmé, Director of the Gemplus Banking B2B Business Unit. "Identrus is one of the most exciting initiatives in this arena, and we therefore decided to invest a lot in this project by creating a dedicated business unit and assigning significant resources for research and development."
Gemplus already offers the GemSAFE IS Identity Signature for the Identrus System, a global solution for the financial institutions that belong to Identrus and their corporate customers. The solution can be fully customised thanks to Gemplus' consulting services. In addition to the card, reader and software kit that lets authorised users encrypt and sign electronic transactions, it features a Card Management System and a full service for card personalisation which assigns the pair of keys and certificate when cards are issued.
For details contact Alexandre George on tel: (011) 880 1509, fax: (011) 880 3117 or e-mail: alexandre.

Others who read this also read these articles

Search Site

Search Directory

  • Search for:


Previous Issues