|
PKI - Old Technology has a New Rival
By Isaac Bowman
Currently, when most people think of digital signature capturing the first technology
that comes to mind is Public Key Infrastructure or ("PKI"). However, the old guard of
PKI is a dying technology. PKI is a good solution with serious limitations that will
hinder and impede its continued growth. PKI is both expensive to implement and
expensive to maintain. PKI is also time consuming. Professionals do not want to slow
down the sales cycle to send someone to a third party certificate authority just to
make a sale.
PKI authenticates but it fails to identify who a user is. The American Bar Association
identified this critical weakness in its ABA PKI Assessment Guidelines, D.3.1.2 says
"a pseudonym or alias may be used as the name within a certificate" and not their real
name.
VeriSign, one of the largest PKI solution providers, admits in their paper "ROI for
PKI" that "PKI systems are particularly expensive to maintain."
A Better Solution
By giving power to the business and not a third party certificate authority, PrivaSign
can aid businesses trying to comply with regulatory law and standards similar to the
ABA Guidelines pertaining to electronic signatures.
The vast majority of electronic signatures are captured through a method called
"click-wrap". People use this method every time they install new software or purchase
something online using a credit card. The system will validate their identity and then
require the user to click an "OK" or "I Accept" button to install the software or
authorize a credit card transaction. The reason most people use the "click-wrap"
process is in its simplicity. There is no training required and most users get
comfortable with the process after just one use. Click-wraps have been tested in the
courts by dozens of companies, including AOL-Time Warner, Microsoft, Netscape, Sun
Microsystems and Dell just to name a few. The technology necessary to use the product
is built directly into web browsers so there is no software to install. Finally, it is
significantly less expensive to maintain, install and process than traditional PKI
technologies.
PrivaSign uses a patented, proprietary
"click-wrap" method to capture the actual signature and the industry standard form of
encryption known as Secure Socket Layer ("SSL") technology, along with MD-5, SHA1 and
SHA2 file integrity hashes to protect the PrivaSign client's data with a tamper proof
seal. SSL is commonly available in virtually every web browser and the user does not
need any special training or instruction in order to use the service.
PrivaSign's patented technology allows for fast digital signature capturing on
virtually any document and from any web browser. This flexibility will allow
businesses to keep implementation costs at a minimum and increase the likelihood that
signatories will be able to use the system.
About the Author By: Isaac Bowman
Isaac Bowman is Vice President of the Electronic and Digital Signatures International
Standards Commission and an IT business consultant. He graduated form UT of Dallas
with a major in Information Systems. Isaac Bowman has published over 50 articles on
electronic signatures and completed the largest online resource for electronic
signature laws and regulations.
ibowman@privasign.com
www.isaacbowman.com
Additional References
Article Source: http://www.simplysearch4it.com/article/23836.html
If you wish to add the above article to your website or newsletters then please include the "Article Source: http://www.simplysearch4it.com/article/23836.html" as shown above and make it hyperlinked. |
Some other articles by Isaac Bowman | |
| |
|
|
|