|
Published at Red Seguridad - September 2008
Adrián Moure Lledó (Executive VP for Sales, Marketing and Devolopment at Safelayer)
Thanks to the Internet, any business activity that does not require the physical presence of the producer and user can be relocated. Moreover, there are increasingly vast possibilities of acquiring all kinds of goods, and booking holidays, flights and a host of services online. The advantages are obvious and, rather than talking about them, we are going to focus on security. We must realise that for this virtual commercial world to work properly, users must have the same level of trust as when they were signing their name on paper. At present, the only way to ensure such a level of trust is by using electronic signature (PKI) technology.
PKI infrastructures perfectly identify the individuals that make up virtual society. Like any physical process that requires legal quality, virtual transactions require identification and verification before performing an action to ensure it is successfully completed. In both cases, the signature serves as proof that the identified individual has executed and accepted the action, which is vital for the successful transfer from a physical environment to a virtual one.
The former Ministry of Industry, Commerce and Tourism issued Law 56/2007 on Measures to Promote the Information Society, known as LISI, on December 28, 2007. The law established the obligation, as of December 29 of this year, for companies that provide the general public with services of special interest to economic activity and those devoted to supplying electricity, water and gas, telecommunications, financial institutions, insurance companies, supermarkets, transport, travel agencies, etc., to facilitate a telematic means of communication to their users holding recognised electronic signature certificates, obviously including the Spanish electronic national identity document (e-DNI). The new telematic communication channel should facilitate procedures such as electronic contracting, modification of contractual terms, registrations, terminations, complaints, billing records, replacement of general information and data, and exercising rights of access, rectification, opposition and cancellation in the area of data protection.
We must now enable applications related to these areas so that they support the diversity of possibilities offered by electronic signature, digital identity and data protection in their trust platforms. We are talking about an active platform whose resources are accessed through standard, and now universal, web protocols.
Undoubtedly, 2007 was a good year in terms of the enactment of new laws such as LISI and Ley 11/2007, which will enter into force next year and regulates the relationship between citizens and the Public Administration. Both will considerably change our virtual relations, making them more efficient.The Digital Signature Act has been the legal framework in Spain since December 2003, incorporating relations between electronic signature technology and commitment to the law. The launch two years ago of the e-DNI broke an important cultural barrier in the use of electronic signature certificates by incorporating an element of physical identification, which Spaniards are already accustomed to with the DNI.The potential of the e-DNI lies in this expansion of the traditional functionality offered by the DNI for physically accrediting a person in the electronic world, incorporating a cryptographic chip and using public key systems that enable services hitherto restricted to a purely physical environment to be offered in electronic environments using digital certificates. |
