Security & Privacy
We use the most advanced but well-proven methods in secure communication, user identity and authenticity verification, access authorization, carring of the data integrity and non repudation, respecting privacy of exchanged information. This is achieved through the use of public key infrastructure (PKI). The certification policy of the customers is the determining factor for the use of security certificates for multiple purposes. The most usual application of the certification policy in securing communication includes encryption, certification of authenticity of the transmitted piece of information by electronic signature, but it can also be used for the identification logging into the operating or information system.
There are several approaches to making the storage of private key or other personal information of the user secure. Based on our experience and best practice we recommend using intelligent tokens (e.g. smartcards), which represent a simple and effective mean for the protection of sensitive information. The use of smartcards is currently on the increase and with the gradual implementation of e-government solutions, smartcards are expected to penetrate from the field of business from national to inter-national level. Electronic passport based on the strongest PKI rules, using biometric identifiers is a bright reference.
Today's solutions use modern means to ensure access to information systems and data protection, including asymmetric key cryptography with its own Public Key Infrastructure (PKI). The entire PKI infrastructure is based on the PrimeKey EJBCA integrated certification authority which is ranked amongst the world's top Enterprise PKI solutions.
Currently, the technologies designed to facilitate secure storage of sensitive information of citizens in electronic travel documents using smartcards and smart chips are implemented in a number of countries (including Slovakia and other EU countries). The requirements on security for this information increase with the sensitivity of the stored data. The stored biometric data requires new security tools and communication protocols, such as the extended access control (EAC), which ensures that the capture of sensitive information can only be made by authorised and certified control systems.
Travel documents can be used in the public points of contact (such as banks, post offices, public institutions, etc.) as vehicles for unambiguous identification of their holder. The solutions we offer also allow for incorporation of such checks and identification features into the information and front-office systems.