Thales today announced that the Thales' Authentication Server has been certified for use as a BankID Control Server (BICS) within the Swedish BankID network. This approval means that SafeSign can be used to provide the security infrastructure for all the digital identities issued over the BankID banking network. With SafeSign Authentication Server, participating organisations (so called "purchasers") will be able to verify digital signatures generated under the scheme, authenticate users and provide a strong audit trail for all transactions.
BankID is a joint bank IT infrastructure for electronic identification and electronic signature over the internet that is based on PKI (Public Key Infrastructure). BankID is open to take on board additional banks provided that they have a customer-identification process that guarantees the customer's identity.
As part of BankID, SafeSign Authentication Server allows members of the public to identify themselves to government authorities, companies and organisations, and even electronically sign legally binding documents. Thales' SafeSign Authentication Server allows end-users to use a range of smart card or software based certificates, issued by different authorities, to authenticate payment transactions. This allows the purchaser to use the standards already implemented in the market, such as PKI certificates from a number of suppliers, and a range of personal tokens. This makes it the perfect tool for validating certificates issued by banks participating in BankID, but also other suppliers of digital certificates approved by Statskontoret (the Swedish State Procurement Agency).
This is an important move for BankID as it recognises that increased electronic document exchange requires a function for validating identities and electronic signatures that can support future developments and international standards and PKIs. By implementing the SafeSign Authentication Server, BankID purchasers can put in place a security infrastructure that meets all present authentication requirements and is flexible enough to satisfy future developments.
Johan Eriksson, Head of Business Development of BankID, said: "We are happy to certify that SafeSign Authentication Server fulfils the requirements outlined for BankID Control Server compliant software. As increasing numbers of people use more services online, the need for reliable authentication and security becomes increasingly vital."
Paul Meadowcroft, Head of Transaction Security, e-Security activities, Thales, said: "The SafeSign Authentication Server is already proving its success at the heart of the BACS' new BACSTEL-IP system. This certification by BankID will allow us to prove its success in other markets and we will soon be making announcements of our first customers using it within the BankID scheme. We believe that SafeSign Authentication Server offers the most complete solution available and we are very happy that it has satisfied all the certification requirements for BankID Control Server certified software."