Sunday, February 8, 2009

The application of 3rd party certification programme in Malaysia


Let’s get protected!!! (3rd party certification programs)

Have you ever thought that is it secured to make an online transaction? Is the website that I visit can be trusted? How do I know my privacy is not being intruded by others? Here are a bunch of questions that we all would like to ask first before start to do an online transaction. All of these questions causes some of people deliberately limit the online transaction because they don’t fully trust the e-commerce process. These people simply fear for the security of personal and financial information transmitted over the Web. In order to reduce this problem, the application of third party certification programme is using in Malaysia.


What is third party certification program?
First of all, third party certification program is a procedure by which an authoritative body gives formal recognition that a body or person is competent to carry out specific tasks.

Why does the 3rd party digital certificate so important and is needed? Well, it assures you with:
  • Confidential which guarantees you the protection against third party invasion of the messages passed between 2 parties;
  • Authentication of the other party’s digital signature is verified by the person himself – to avoid being spam
  • Integrity of the information passed between the 2 parties is not intruded by third party;
  • Non-Repudiation where ensure the party did not deny the action of sending or receiving any transaction/information being made.
  • Safety online transaction – eg: secure online shopping cart

MSC Trustgate


Certification authority (CA) is an entity which issues digital certificate for use by other party. It is an example of a trusted third party. One of the certificate authorities is MSC Trustgate.com Sdn Bhd. MSC Trustgate.com Sdn Bhd is the most famous application of 3rd party certification program in Malaysia. It was incorporated in 1999 as a licensed Certification Authority (CA) operates within the Multimedia Super Corridor under the Digital Signature Act 1997 (DSA).


The objective of MSC Trust gate is to secure the open network communications from both locally and across the ASEAN region. While the vision is to enable organizations to conduct their business securely over the internet, as much as what they have been enjoying in the physical world.


For your information, Trust gate have provide digital certification services such as digital certificates, cryptographic products and software development. It offers complete security solutions for individuals, organizations, government, and e-commerce service providers by digital certificates, digital signatures, encryption and decryption. In present, MSC Trust gate has 12 million in paid up capital.


Among the projects they have implemented are:

  • E-banking Security Deployment and E-procurement Integration
  • User Authentication and Customer Clearance Approval System
  • Public Key Infrastructure (PKI) to assist all type of companies and institution conducting their business over the internet. The state of the art back-end infrastructure that costs RM14 million is probably one of the best in the region.




Here are some products and services that are offered by Trustgate: SSL Certificate, Managed PKI, Personal ID, MyTRUST, MyKAD ID, SSL VPN, Managed Security Services, VeriSign Certified Training and Application Development. Please refer to http://www.msctrustgate.com/ for more details about the products and services that are offered.


VeriSign’s certificate authority technology was created in 1994. The company has created the most widely recognized digital certificate or digital ID for authentication of parties in ecommerce and other electronic interaction. It also creates software to authenticate users and then provides validation and registration capabilities (also known as Public Key Infrastructures, or PKIs) to provide a dynamic library of digital identities.

Functions of VeriSign SSL certificate:

(1) Global Server ID
Global Server ID adopts today's strongest encryption commercially available for secure communications via Server Gated Cryptography (SGC) technology. GSID authenticates your web sites and enables 128- or 256-bit encryption to secure communications and transactions between the site and its visitors. Every purchase of GSID comes with a VeriSign Secured Seal that you can display on your web site. The seal is an instant proof that your web site is genuine because you have been verified by the World Leader of SSL Provider, and your customers can conduct business with you free of worry.


(2) Secure Server ID
Secure Site SSL Certificates protect the transfer of sensitive data on Web sites, intranets, and extranets using a minimum of 40-bit and up to 256-bit encryption. It includes VeriSign Secured Seal.


In conclusion, implementation of third party certification programmes could help to improve customers trust as end users know exactly who they are dealing with and feel comfortable that the information they send is not falling into unknown hands. They know that their server is receiving accurate transmissions that have not been tampered with or viewed en route.


Related Links:
http://www.msctrustgate.com/
http://en.wikipedia.org/wiki/Digital_certificate
http://www.verisign.com/

Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)