Digital Identity – Present Day Reality
In order to exist in today’s digital world, we all need our own digital, or electronic, identities. Frankly, nearly all of us could be diagnosed with a digital "multiple personality disorder", as we reply to the requests of various providers of online services to use their authentication methods, most of which either lack security or provide a poor user experience. Halcom’s brand new solution, OneID, aims to make life easier for users and providers of online content. It is designed as a universal identifier that guarantees a great user experience and top-notch security and mobility levels.
- Something only the user has (e.g. a smartphone or card),
- Something only the user knows (e.g. PIN, password),
- Something only the user is (biometric characteristics, e.g. fingerprint or retina)
- An endless barrage of new user names and passwords which are to be remembered and regularly changed, but yet still get hacked by criminals;
- Secure passcode generators must be kept at hand at all times and all content needs to be entered;
- Digital certificates on smart cards, which may ensure safe registration and safe electronic signature but will only work in certain browsers and must normally be installed by qualified technical staff.
A Digital Certificate in the Cloud – The Digital Identity of the Future
- The registration or signing process starts in the online application: users select OneID as the signature method and enter their OneID user name. The application will now send a request to Halcom CA to obtain personal authorisation (electronic signature of the content).
- Users receive a push notification on their smartphones (“something only the user has”) informing them of the online application request.
- As the user opens the notification in their mobile application, they can see the content of the request (e.g. Confirm log-in to application XXX as user YYY, Confirm payment of XYZ to account ZZZ, Sign contract), and decide whether to reject the request or confirm it using an e-signature.
- In order to confirm the request, enter the second authentication factor into the application, “something only the user knows” (e.g. PIN) or “something only the user is” (e.g. fingerprint).
- The mobile application forwards the user’s decision to Halcom CA. If the request is confirmed, Halcom CA signs it electronically using the user’s digital certificate, and notifies the application accordingly. The process is complete.