Leading the Digital Change, Part 2 – Turning eIDs into universal tools

In our previous article on eID schemes in the Nordic countries, we looked at some of the data showcasing the remarkable adoption and engagement rates for such schemes. A robust electronic identification and signature mechanism provides the foundation over which digital service delivery platforms are built.

Read more

What is Crypto-Agility?

Crypto-agility, or cryptographic agility, is the capacity for an information security system to adopt an alternative to the original encryption method or cryptographic primitive without significant change to system infrastructure. NIST guidelines state “maintaining crypto agility is imperative” to prepare for the quantum computing era. Crypto-agility may be achieved through the adoption of new frameworks for incident response and application development, as well as the acquisition of a service software layer to facilitate crypto-agility in legacy applications.

Read more

Federated Signing

This article explores how federated signing can resolve some of the challenges banks face when onboarding customers online in the eIDAS and PSD2 era.

Read more

Leading the Digital Change – eID and eSignatures in Scandinavia

The Nordic countries have led the world in digital adoption and innovation for some time now. They often top most digital competitiveness rankings like the 2017 Digital Evolution Index.

Read more

3DES is Officially Being Retired

According to draft guidance published by NIST on July 19, 2018, the Triple Data Encryption Algorithm (TDEA or 3DES) is officially being retired. The guidelines propose that, after a period of public consultation, 3DES is deprecated for all new applications and usage is disallowed after 2023.

Read more

An Introduction to the Role of HSMs for PCI DSS Compliance

The Payment Card Industry Data Security Standard (PCI DSS) helps to safeguard cardholders’ private information. The Payment Card Industry Security Standards Council (PCI SSC) enforces the standard through recommendations and requirements that aim to ensure security across all organizations involved in the processing of cardholder information.

Read more

Overview of the NIST Digital Identity Model compared to eIDAS

To combat fraud in digital identities and provide guidelines for digital authentication, the National Institute of Standards and Technology (NIST) updated its Digital Identity Guidelines in June 2017 and has provided a digital identity model that represents their updated guidelines with technologies and architectures that are currently available. This article describes the NIST model and compares NIST’s US-minded approach with the European eIDAS-Regulation and its legal framework.

Read more

eIDAS – Digitisation of the on-boarding process Part 2 - The Process

In Part 1 of this series, we looked at the objectives or motives behind having an eIDAS enabled digital on-boarding process. In Part 2, we look at the actual process that is followed currently and a few examples of the nifty tools and tricks that some banks, financial institutions and even independent app developers are using to digitize the customer on-boarding process. The process can be further simplified using tools provided by eIDAS for electronic identification and authentication.

Read more

eIDAS – Digitisation of the On-boarding Process Part 1 - Objectives

The initial client on-boarding is a critical process for banks as well as their clients. For banks, the efficiency and speed of the process can leave a lasting impression in the mind of the customer. It can dictate how amenable the relationship would be in the coming months and years. A cumbersome process can make the customer doubt the technical capabilities of the bank and its ability to service their needs efficiently in the future.

Read more