London, 24 November 2004: Thales today announced that the Swedish National Payment Clearing House (BGC) has chosen to implement Thales' SafeSign Authentication Server to provide digital signature verification of payments in a new, Internet based application. The new system allows digital identities issued by, amongst others, BankID and Posten, the state-owned post office, to be used to digitally sign payment instructions. Previously run over a closed dial up network, the move to the internet will provide BGC with all the advantages of an IP infrastructure. SafeSign is a critical part of this as it allows BGC to determine and authenticate the digital identities supplied by issuers approved by the Swedish State Procurement Agency (Statskontoret) that issued the payment instruction.

The SafeSign Authentication Server is at the heart of the BGC system verifying digital signatures, authenticating users and providing a strong audit trail for all transactions. BGC has also made use of SafeSign's high level of adaptability allowing it to be accessed through the existing mainframe systems. In addition, BGC chose SafeSign because of its scalability allowing it to meet increased demand in the future.

With the new IP-based system and SafeSign in place, BGC will be able to validate transactions coming from customers. This is regardless of whether the customer has a hardware or software based digital identity issued either by BankID or Telia on behalf of Posten. Together with BGC's own internal transactions, this means that the new IP-based system has to deal with messages coming from three different channels. Another key strength of SafeSign is its ability to authenticate transactions from a number of different channels using different PKI schemes.

The move to IP is an important step for BGC and it has recognised that increased electronic document exchange requires a function for validating identities and electronic signatures that can support future developments and international standards and PKIs. By implementing the SafeSign Authentication Server, BGC has put in place a security infrastructure that meets all present authentication requirements and is adaptable enough to satisfy future developments.
Mr Mathias Engan, Product Manager, of BGC, said: "We had very specific needs at BGC for validating transactions and required a robust, highly scalable and secure system to meet these requirements. SafeSign meets these requirements in a very flexible and adaptable way. In SafeSign we are confident that we have a system that not only meets our needs today, but will be able to adapt to future changes."

Paul Meadowcroft, head of transaction security, e-security activities, Thales, said: "This is the first deployment of SafeSign authentication server as a BankID Control Server and it is a testament to the strength of the product that BGC has chosen it for their own authentication needs. As a secure, highly flexible multi-channel authentication platform, we are confident that SafeSign is unsurpassed within the industry. Our successes in Sweden, follow our initial deployment at BACS in the UK and demonstrates the dominance of this product."

Become a bobsguide member to access the following

1. Unrestricted access to bobsguide
2. Send a proposal request
3. Insights delivered daily to your inbox
4. Career development