FeatureThe virtual smart card
Section snippets
A virtual smart card
The concept behind the ‘virtual smart card’ is based on the widely known Public Key Infrastructure (PKI) scheme, where a user disposes of a unique public key pair certified by a trusted body, the Certification Authority, which delivers a digital certificate. While one of the two keys can be made publicly available, the second one must be kept on a secure media as it will enable its respective owner to prove his identity and use it for authentication and/or signature purposes. It is therefore
How does that work?
Let's consider a real customer case scenario. If Claire, an eBanking user, wants to sign an order online, the first step would be for her to subscribe to the ‘virtual smart card’ service by providing her credentials and proving her identity at the local registration authority, which can be the local branch of a participating bank, for example. A public key pair and a certificate are then generated on a central server kept in a highly secure environment.
She would then activate the account with
Does it have a legal value?
As explained above, the concept behind the virtual smart card is derived from the PKI based smart card scheme, but it comes without the complexity associated with the deployment of large-scale PKI systems. For all EU countries, national regulations refer to the transposition of the European Directive 1999/93/EC for secure signature creation devices. Compliance to the latter is achievable through the use of ‘virtual smart cards’ as it is possible to prove that keys are exclusively controlled by
References (0)
Cited by (4)
Digital identity: Transforming GCC economies
2014, Innovation: Management, Policy and PracticeA new cloud architecture of virtual trusted platform modules
2012, IEICE Transactions on Information and SystemsA snapshot of trusted personal devices applicable to transaction processing
2010, Personal and Ubiquitous ComputingA roadmap for personal identity management
2010, 5th International Conference on Systems, ICONS 2010
This feature was provided by Guillaume Forget, Key Account Manager at Cryptomathic and Alexandre Stervinou, Senior Solutions Architect, Cryptomathic.