lørdag den 11. oktober 2008

Digital Signature - A Danish Perspective


Friday I had the pleasure to participate in one the first public presentations on the new Danish Digital Signature that will replace the current ‘soft’ certificate, that began it’s existence in 2003 and currently has been issued 10 1.2 mio Danes. The conference was organized by Dansk IT, the Danish IT user association, and was managed and coordinated by Palle Sorensen from the IT and Tele authority, Ministry of Science and Technology.

The official presentation of the new certificate was made by the head of department in the Ministry, Marie Munk. (Marie Munk’s presentation in Danish). The main benefits of the new certificate is that it is organized dy an organization Dan_ID that is an affiliate of the Payment Services organization owned by the Danish Banks. Dan-ID took over the CA from TDC, the Telecompany that won the first round of tender back in 2003. This means that we will now have a certificate that is recognized not only by the Public authorities in Denmark, but also by the banks. And as we already today have more than 3 mio net-bank users, the coverage of the new digital signature is bound to increase.

The financial sector was represented by the CIO of Danske Bank, who took a day off from the financial crisis and made an excellent presentation on the banks’ expectations. (Danske Bank presentation )

The detailed presentation on the benefits and the roll out plan was made by Johnny Bennedsen, manager of Dan-ID (presentation not yet available) and a very experienced person in the field of managing payments cards and identities from his long career in PBS, the Payment Service organization.

Dansk IT had invited also a speaker from the Frauenhofer institution, Frauenhofer: Alexander Nouak on biometrics – Security versus convenience, to speak about biometrics and pitfalls. A very interesting presentation and a clear demonstration that you can not ‘just’ rely on neither fingerprints, iris scans nor 3D facial recognition – because all of these can be faked.

Following this first we had an interesting presentation by Christian Lang, IT- and Tele authority on the topic of establishing secure trading using the digital signature, also mentioning the EU PEPPOL project, and then a presentation by Jens Baunbæk on real estate trade and financing networks.

Finally I was asked to give a presentation on status in Europe and future trends in e-Identity - From Digital Signature to e-Identity - and it may have been a bit provoking for the organizers and the speakers that the reality does not really put Denmark in any leading position when we are talking about digital identities. In fact, as you can learn from a number of articles and current status papers on e-ID in Europe, we have taken a bit of a different course than the rest of Europe as we haven’t even begun discussing how the digital certificate can be married with a trusted digital identity card with Biometrics. In fact, a part from Denmark, only Greece and Lichtenstein does not seem to have any plans at all for ID-cards in spite of the fact that we all have to have new passports with biometrics in just a year from now if we want to go to US. See for instance European eIdentifty Conference Haag June 2008 and a recent overview by Porvoo Group: January 2008 – Status and overview of eID.

My presentation showed some of the most interesting countries like the Austrian, Estonian and Belgian smart card schemes and discussed the new German plans for ID card (German plans for e-ID revealed June 2008 ). Even UK (As long as Gordon Brown is in charge) will have a national ID card.

Other aspects of the future is of course related to business use of e-Identities, which is still lagging behind in most countries and particularly the European Interoperability Framework and the stated need for a common identity scheme to promote cross-national transactions (See Launch of the STORK project June 2008 ), particularly when dealing with public authorities in other EU countries. (See IDABC e-IDM in Europe – February 2008 ).

It is a journey, we are on the route. But it seems that Denmark is trying to stay on the bicycle path and not on the main road. This may create problems for us if we are not starting to plan for upgrading our new digital signature..

1 kommentar:

Jimmy Jarred sagde ...

I am pleased with the detail you have provided in this article about digital signature methodology. I also read the presentation that you gave using the link shared. It was excellent.
digital signature