1 / 31

" Multipurpose Smart ID Card with PKI “

Smart Card Logon. Bio Digital Signature with Smart Card + e-ID + Credit Card. Credit card – POS - ATM. National Smart ID. " Multipurpose Smart ID Card with PKI “. Dr. Unho Choi UNHCR. PKI – DEVELOPING COUNTRY. Nigeria, Kenya ……. Mongolia. Iran. ICAO, e-UNLP ……. Morocco.

vida
Download Presentation

" Multipurpose Smart ID Card with PKI “

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Smart Card Logon Bio Digital Signature with Smart Card + e-ID + Credit Card Credit card – POS - ATM National Smart ID "Multipurpose Smart ID Card with PKI“ Dr. Unho Choi UNHCR

  2. PKI – DEVELOPING COUNTRY Nigeria, Kenya …… Mongolia Iran ICAO, e-UNLP …… Morocco Equator Vietnam Philippines Rwanda Jordan Costa Rica Brunei Iraq Egypt Cameroon Indonesia Kenya US, France, Sweden, Germany, Turkey, Norway …… Panama Started completed Proceeding

  3. Sample Nigeria - CHIP DESIGN

  4. Sample Nigeria = NID + Credit card • The credit card provider said it was rolling out a pilot scheme that will initially target 13m people. The project ties in with the Nigerian government’s plans to introduce identity cards and reduce Nigerians’ reliance on cash transactions. • Ajay Banga, MasterCard’s chief executive, said recently that the governments in Nigeria and Kenya were talking about moving towards becoming “cashless” societies.

  5. eIDMigration to Multiapp: eID, eGov, eService Three policies are established. eIDeGov eServices China Portugal Belgium Sweden Indo-nesia Hong Kong Finland Malaysia Examples

  6. eID - Multiapp Multi App 1 App 3 App´s 5 App´s 10 App´s eService eService eHealth eTicketing eService eDL eGate eBanking eLibrary eID eService eHealth eTicketing ATM eDL ePurse eGates Travel document Finland FINID Italy CNS Hong Kong HKSAR Malaysia MyKad Example

  7. Idea Definition Framework Specification Test/Study Phase Roll Out Phase eID Government projects needs typically 3 to 5 years to start roll outs. • Albania • Algeria • Austria 1G • Bahrain • Belgium • China • Ecuador • Estonia, 2G • Finland, 2G • Germany, 1G • Hong Kong • Indonesia, 1G • Ireland • Italy, 2G • Japan, 1G • Macao • Malaysia, 2G • Morocco • Netherlands, 2G • Oman • Portugal • Saudi Arabia • Serbia • Spain • Sweden • U.A.E, 2G • … • Argentina • Bolivia • Botswana • Hungary • Indonesia, 2G • Japan, 2G • Kenya • Poland • Romania • Rwanda • South Korea • Sri Lanka • … • Armenia • Austria 2G • Brazil • Chile • Cyprus • Egypt • France • India • Kirgizstan • Nigeria • Norway • RSA • Russia • Tanzania • Turkey • Venezuela • … • Bangladesh • Bosnia • Germany, 2G • Greece • Italy, 3G • Mexico • Taiwan • Vietnam • … Current Status National eID/eGov (Examples) Japan, 1G (JUKI)

  8. SMART card - BIO SIGNATURE ? On Card Biometric Comparison (OCC) authentication : The cardholder’s fingerprint biometric representation is captured by the reader and transferred to the card, where it is matched against the cardholder’s stored biometrics. : Concept is simple * You are you * - Continue use of “match on card” in existing and new industry specifications. - “match on card” is more generally accepted recognizable in the biometric industry. - ISO/IEC 19795-7:2010 — Biometric performance testing and reporting : Testing of on-card biometric comparison algorithms - ISO/IEC 24787-1:2010 used on-card comparison and will use on-card biometric comparison - NIST SP 800-76-2 uses  On-card comparison  Fingerprint on-card comparison  On-card biometric comparison - Revisions to the PIV Biometrics Specifications FIPS 201 Updates at Sep 2012

  9. Sample Logical acces to computer

  10. MasterCard is partnering with the UN wfp - World Food Programme- • WFP And MasterCard Launch Partnership For "Digital Food"

  11. Smart ?

  12. Sample France Money at Your Fingertips: Supermarket Tests Biometric Payments By Scanning Fingerprints Instead of Credit Cards

  13. Sample End of chip and Pin? Shoppers test payment by fingerprint

  14. Sample Kenya 2013 – fingerprint atm • Banks go for fingerprint identification to curb ATM fraud • The Kenya Bankers Association in turn launched a cost-shared Sh2.5 billion plan to migrate all banks to secure ATMs and plastic cards by September 30. • Nearly 11 million cards will be affected by the move, but some banks having already issued the new cards.

  15. BYOD SECURITY ? Cloud computing ?

  16. Sample iPhone 5 Added to US Government Services all Federal employees to utilize their PIV cards when accessing Government resources.

  17. Sample Samsung and LG on the Run to Integrate Inferior Fingerprint Technology into their Somewhat Smartphones ?

  18. Smart Payment with Smart (Card + Phone) for Smart TV • 1. Fingerprint / Iris • PKI ( OTP ) • Matching On Card Built in VPN PKI NFC RFID

  19. One Stop Smart shop Smart card + POS + ATM

  20. Smart cards with an integrated fingerprint sensor • 1. Fingerprint / Iris • PKI ( OTP ) • Matching On Card Embedded Fingerprint Sensing Device for ID Cards The finger sensing device may be embedded into standard laminated identification (ID) cards. A finger sensing device that can image the user's finger through standard laminations used in smartcard and RF-ID card fabrication may now be economically built into those cards, using standard low cost card assembly processes. By Patently Apple 2013 NFC RFID

  21. Biometric Security Pay + Report + Transfer

  22. Virtual Money ?

  23. Sample Internet Bank? - U.S. Senate hearing

  24. Hash ? Address ? • Bitcoin payment Addresses • 27-34 alphanumeric characters • Bitcoin functions using public-key cryptography, in which a pair of cryptographic keys, one public and one private, are generated.[24] In the case of Bitcoin, the public key functions as an address to which payments can be sent, and the private key acts as a safeguard; it must be presented when making a payment from an address. Because anyone with a private key can spend all of the bitcoins associated with its corresponding public key, securing and protecting is important to prevent theft, which has occurred on numerous occasions.[22] The practical day-to-day security of Bitcoin wallets remains an on-going concern.

  25. Digital bank ? The financial services industry is becoming what I call the BIT industry (banking, information and technology), where information, through technology, is transformed into knowledge. In this new world, banks should transform into “digital” banks, or rather into new forms of information services company. A new financial ecosystem is being created. In two decades, we will go from 20,000 “analogue” banks today worldwide to no more than several dozen “digital” banks.

  26. Sample APP COMMERCE - Internet commerce ? E - Wallet USIM Card Account Bank Account Bank Account Bank Account Bank Account

  27. Mutual Recognition ? • Public-key infrastructure (PKI) is a system for the creation, storage, and distribution of digital certificates for encryption, authentication and digital signature etc. (ITU standard) • e.g.: maximum supports 9 PKI keys (physically separated 9 different block for each ) • 3. e.g.: it’s compatible with the commercial Smartcard Framework (WSF) and supports applications such as Domain logon, VPN, email, secure Web access, and wireless LAN authentication.

  28. PKI – Bio digital signature solve ? • Each e-ID + Credit card like Nigeria case • Bit Coin + Internet Bank for Smart Wallet • Smart Phone App commerce • Smart card + Smart Phone + Smart TV • Smart Car + Smart Phone like Infotainment issue at CES 2014 • Smart Phone with Smart Appliance • Automatic Container Tracking for Import/Export by WCO, US TWIC etc. • Smart Card for TAXI / Rent car Safety • Smart Home Commerce like Internet Commerce etc.

  29. Next PKI for bio digital signature ? • Global Root CA for National eID? • UN Root CA ? • Smart Phone / Smart Card / Smart Car ? • ITU : PKI + Biometrics + Cloud etc. • ITU + ISO Standard body ?

  30. Q&A “ Takechain of Mountain view ” Unho Choi Ph.D., CGEIT, CRISC, ISO 27001, CISSP, PMP choi@unhcr.org

More Related