Mobile identity you really trust

Slides:

Advertisements

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Advertisements

© Copyright International Telecommunication Union (ITU). All Rights Reserved page - 1 Alexander NTOKO Project Manager, ITU Electronic Commerce.

Taxpayers registration and e-services provided by the Estonian Tax and Customs Board Karin Aleksandrov Chief Expert Service Management Department.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

WPKI available technology diagram and the business model

UbIdentity Ubiquitous Identity Management in the Cloud 20/03/2014 Dan BUTNARU Product Line Manager Trusted Identity.

August 2004 Providing Industry-wide Security and Identity Management Solutions.

Company registration portal Create Your Own Company in 12 minutes! Estonia Ingmar Vali.

6/2/2015Information Technology Standing Committee of the IMO 1 Digital Certificate Initiative Guy Springgay Holiday Inn - Oakville.

The Estonian Electronic Signature Legislation and case studies EESSI Seminar Budapest, Taavi Valdlo Estonian Informatics Centre

ID-Card and Mobile-ID Computer Security 2009 world Foundation.

Designing and Implementing Secure ID Management Systems: BELGIUM’s Experience Washington - September 27 th, 2010 Frank LEYMAN © fedict All rights.

E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean

ID card – vision in action Tarvi Martens SK, Estonia.

Estonia e(m)-ID and e-services Towards cross-border services Seth Lackman, ITL.

Positioning presentation ESTABLISHING A BUSINESS PLATFORM FOR THE DOMINICAN REPUBLIC AND THE REGION Santo Domingo Chamber of Commerce.

Civil Registry Agency of the Ministry of Justice, Georgia Georgian ID card Mikheil Kapanadze.

I DENTITY M ANAGEMENT Joe Braceland Mount Airey Group, Inc.

E-services for business: convenience that counts Anna Hrapovitskaja Estonian ICT Demo Center.

CREATION AND IMPLEMENTATION OF E-SERVICES FOR SERVICE AVAILABILITY IMPROVEMENT Indrek Mõttus Chief specialist of employment infosystems EUIF.

X-Road (X-tee) A platform-independent secure standard interface between databases and information systems to connect databases and information systems.

European Electronic Identity Practices Country Update of Austria Peter F Brown Office of the CIO, Austrian Federal Chancellery Chair, CEN eGov Focus Group.

AFRALTI1 The Impact of the Mobile Money Revolution in Africa The Impact of the Mobile Money Revolution in Africa.

Mobile Identity and Mobile Authentication (mobile e-signature) Valdis Janovs Sales Director Lattelecom Technology SIA.

1 Smart Card – EMV – Security – Internet 10 June 2002 Presentation by Mr. Alan Siu Deputy Secretary for Information Technology and Broadcasting Government.

Vilnius, October 21st, 2002 © eEurope SmartCards Securing a Telework Infrastructure: Smart.IS - Objectives and Deliverables Dr. Lutz Martiny Co-Chairman,

Estonian Informatics Centre 2nd Conf. on eServices in E. C. R.1 Estonian example of integration e- government services Ahto Kalja Tallinn Univ. of Technology,

Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam

LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

Internet Trust Defined. Delivered. Electronic Business the Way It Was Meant to Be.

Electronic Payment Systems

Citizen and business centric eGovernment services – business behind portals Arvo Ott, PhD, e-Governance Academy

Estonian Informatics Centre PICMET´051 eGovernment in Estonia: Best Practices Ahto Kalja 1, Aleksander Reitsakas 2, Niilo Saard 2 1 Inst. of Cybernetics.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

Electromobility programm

IT in the Swedish public sector Britta Johansson

ICT and the REPUBLIC OF ESTONIA What do know about E-Estonia 1.

Registration Processing for the Wireless Internet Ian Gordon Director, Market Development Entrust Technologies.

How can the SMART card help in new channels?

Author: Ingelin Olsen Content Strategy- mission and vision Functionality Demo Summary.

EGovernment Services in Poland Today & in The Future Dariusz Bogucki Ph.D, IDA II, National Co-ordinator National Registers Department, Ministry of Internal.

Logo Add Your Company Slogan China Financial Certification Authority Third-party certification authority Team 13 ：吉露露、吴莹莹、潘韦韦（ CFCA ）

DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE.

Network Security Lecture 27 Presented by: Dr. Munam Ali Shah.

Belgian EID Card 15/12/2004 Derette Willy eID program manager.

ABDUL RASHID MBAECM, MBA, MIS, CHRM, BA, DIP PRESIDENT PHONE ANTIQUA ROAD, MISSISSAUGA L5B 2T8 ONTARIO, CANADA.

Using Public Key Cryptography Key management and public key infrastructures.

European Electronic Identity Practices Country Update of Estonia Speaker: Ivar Jung Date:

The information contained in this document belongs to Milvik AB and to the recipient of the document. The information is strictly linked to the oral comments.

Cross border electronic signature services Ingmar Vali Head of Court Registers Department Centre of Registers and Information Systems

Bulding blocks of e- government Ingmar Pappel. Bulding blocks of e-government  Personal Code  Digital Identity  Digital signature  X-Road  Organizations.

Baltic WPKI Forum Overview for Baltic IT&T 2007 Andres Aarma, Certification Centre Ltd. 19 April 2007.

Content Introduction History What is Digital Signature Why Digital Signature Basic Requirements How the Technology Works Approaches.

 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.

The Opportunity LifeCenter offers ways for insurance professionals to create additional revenue streams that most do not consider. Insurance agents are.

MOLDOVA: OPENING NEW FRONTIERS IN E-GOVERNANCE TALLINN MAY 31, 2016 GOVERNMENT OF REPUBLIC OF MOLDOVA IURIE ȚURCANU Government Chief Information Officer,

Presentation by Mr. Fariz Jafarov Deputy director of E-services Development and Social Innovations Department State Agency for Public Service and Social.

Estonian ICT October, 2009.

Smart Data infrastructure

ESign Aashutosh.

Estonian e-Governance best practices and cooperation with UN Ingmar Vali Centre of Registers and Information Systems Estonia Who am I, where I am from:

Microsoft Services Provider License Agreement Program reference card

E-Commerce for Developing Countries (EC-DC)

HIMSS National Conference New Orleans Convention Center

560+ people dedicated to innovation across 5 R&D labs

PKI (Public Key Infrastructure)

ITB Identity Solutions.

Presentation transcript:

Mobile identity you really trust Liisa Lukin, Sertifitseerimiskeskus

This the problem our company is dealing everyday life This the problem our company is dealing everyday life. To provide a possibility to have an identity for electronic environment! Reality in internet. Dogs say that they are humans, old grumpy men say that they are young and handsome guys. For some services this is not enough, that you say that “hello! my name is Liisa”

Our mission To guarantee that there are electronic ID’s on the market that both public and private sector can trust Trust in an identity: who issues, who believes, who can fake, price of fake Identity itself is not enough (many countries where is token) but no usage or trust at all.

Company backround The only provider of certification services in Estonia Running the core infrastructure for Estonian eID Established in February 2001 Currently 35+ employees SK is privately held company with 4 shareholders having 25% each: Major clients: Republic of Estonia, Trüb, Gemalto, Estonian banks and telecom operators, ealth sector Now also more focus on export Including issuance of certificates and using the certificates.

Usage of Estonian eID Population: 1,3 mln >410,000 active ID-card users >40,000 Mobile-ID users 10 mln transactions per month Inc. ~1.5 mln Mobile-ID transactions Number of transactions per month: ~25 for each eID user ~38 for each Mobile-ID user SK is running the core infrastructure for Estonian eID SK is owner of eID infra components

Mobile-ID solution Mobile-ID provides a secure mechanism for subscribers to identify themselves to any service providers Subscribers are issued an SIM-card with a cryptographic certificate proving their identity The service provider uses the Mobile-ID to verify the identity of the subscriber

Mobile-ID in Estonia On the market since 2007 as an alternative to ID card Offical document from 2011 All operators are supported SK was driving development and implementation of requirements Unique toolset to combine WPKI and PKI possibilities SK is offering the CA and TSP services – owner of the core infrastructure All service providers (public / private) support Mobile-ID for authentication and signing Trust of issuance procedure Mobile-ID shares the two main functions of the ID-Card – it enables secure authentication and digital signatures. But it comes with an added benefit – since you can do everything on your mobile phone, you won’t need an ID-Card reader. You can be away from your computer, travelling or just walking your dog, and only need a mobile phone to sign documents, perform bank transactions etc.

Secure authentication and digital signature in every pocket DEMO Secure authentication and digital signature in every pocket

Mobile-ID is trusted by: Banks Government Public Services e-Services Web Sites Swedbank E-voting Gateway to eEstonia, eesti.ee portal IIZI Insurance Broker Student information systems SEB Bank Estonian Tax and Customs Board Document signing portal If P&C Insurance Ltd E-Learning Development Centre Danske Bank Center of Registers and Information Systems Public transport ticketing system Electricity provider portals Tallinn University Student Information System Nordea Estonian Road Administration (Vehicle Register) eKool education information system Tele2 / EMT / Elisa Apollo Book Shop e-shop LHV Pank Estonian Agricultural Registers and Information Board Nasdaq OMX Estonian Securities Market Medicum - medical assistance Estonian University of Life Sciences Krediidipank Public Procurement Register Unemployment Insurance Fund Lottery tickets Company loyalty card websites Tallinn Business Bank Health Information System GoSwift – information system for managing a common border queue Gas consumption portal e-auctions Bank: Use M-ID to authorize online banking transactions from the handset, 70% of M-ID transactions come from banking. Government Use handset with secure M-ID SIM to vote in national elections Web sites Use M-ID to securely login to any supporting website without using a password Digital signing of documents Submit any document to the M-ID web service to be signed digitally; Recipient can verify authenticity of the document at the M-ID service Source: id.ee

Comparison to “regular” bank token: Functionality PKI Mobile-ID PIN calculator OTP Works with any browser + Not vulnerable to key logger Not vulnerable to man-in-the-middle attacks - Digital signing support SSO solution No additional hardware to carry Based on PKI No

Mobile-ID setup

Mobile-ID solution role players Mobile-ID Service Provider Operates Mobile-ID Service Solution provided by SK Should be a party trusted by all service providers to provide identity verification services Provides Mobile-ID Service platform to all MNO-s in a country or region of operation Earns a fee for each identity verification transaction Certification Authority The entity that generates and signs the ID certificate for each user Could be an existing trusted CA in the country of operation CA services could be provided by SK Earns a fee for each certificate issued Mobile Network Operator (MNO) Issues the M-ID SIM with SIM Application provided by SK Earns a fee for each SIM issued, as well as a monthly M-ID subscription fee Acts as Registration Authority for CA Note: A single entity can fulfill multiple roles, e.g. MNO could also be the TSP and the CA. Revenue model: The subscriber has to purchase a Mobile-ID SIM The subscriber pays a monthly fee for the Mobile-ID service Each service provider pays a fee for each identity verification transaction CA receives money for every issued certificate

Revenue model The subscriber has to purchase a Mobile-ID SIM The subscriber pays a monthly fee for the Mobile-ID service Each service provider pays a fee for each identity verification transaction CA receives money for every issued certificate

Revenue example Assumptions 1 million subscriber base Average 0.01 € per ID verification Subscriber pays 10 € for Mobile-ID SIM card with a 5 year certificate Subscriber pays 0.7 € per month subscription for the service Description Year 1 Year 2 Year 3 M-ID active users 67K 97K 127K Annual transaction volume 10M 20M 30M TSP: Annual transaction revenue (€) 100K 200K 300K MNO: Annual SIM revenue (€) 670K MNO: Annual subscription revenue (€) 562K 814K 1,066K Total revenue (€) 1,332K 1,314K 1,666K

Summary SK has technology and competence to serve or set up full Mobile-ID Service Solution SK is able to deliver with partners the full implementation or support customers with already existing partners

Contact Thank You! www.sk.ee/en www.id.ee www.mobile.id.ee Margus Arm Head of Sales and Marketing margus@sk.ee Thank You!