|
In any exchange – whether it involves money, product, or information, the e-Commerce environment must be able to guarantee the:
A) Identity of each person or business in the transaction,
B) Integrity of the data being transmitted, and
C) Confidentiality of the data.
In other words, anyone conducting a transaction over the Internet must be confident that the products they see on a Web Site actually are "as advertised". Business people, vendors, and customers must be sure that the business interested in partnering with them is a legitimate operation. It is critical that the person receiving a credit card number or e-mail message really works for a legitimate firm. A secure electronic environment also means that data will not be stolen or altered in transmission, and that one's business dealings are not on-line for the entire world to read.
KPMG, one of the world's leading consulting/accounting firms, has developed just such an environment for the G77 TIN / WCN. The GMC Authentication System enables each Chamber to establish itself as a Registration Authority (RA). The Chamber, as Registration Authority, uses a Certificate Identification Policy (CIP) document to issue Digital Certificates (DC) that validate the identity of every business that operates on the G77 TIN / WCN.
To receive a certificate, applicants bring their credentials to the Chamber. There, the Registration Authority Operator checks the credentials by referring to the CIP document, which the applicant has already filled out. The fee to register is US $105.00.
After the process is completed, the applicant is ready to conduct business on the Network, using the Digital Certificate (DC) as identification. Each business's DC is encrypted (code-protected) by the most powerful encryption key available for commercial purposes, currently 2,048 bit keys. The DC is, in effect, a "passport to trade" because it verifies the identity of each trader.
Using this method, the Chamber authorizes the user to conduct business on the Network, and helps assure the security of data and transactions. The Chamber also serves as the trusted third party that validates the integrity of the digital environment. Only valid users can access resources such as user accounts, files, and databases. The entire certification process guarantees the security of the on-line transaction.
Digital Certificates are issued by a Certificate Authority (CA) or Registration Authority (RA). Banks, industry associations, and merchant service providers are among those institutions that serve as CA's and RA's to issue DC's. The Chambers of Commerce serve as Registration Authorities for the Digital Certificates at GMC TIN/CCIs.
Authentication refers to the use of "digital signatures" that guarantee the identity of the parties to an on-line transaction. Such digital signatures will accompany any communication sent over the G77 Chamber TIN / WCN.
Authentication requires encryption. Encryption is the method used to encode and unlock an on-line communication. Encryption is used for all transactions that require security.
In effect, encryption prevents unauthorized persons from reading your messages. For example, you send an order for 400 tons of steel to a company in the Ukraine. The encrypted code requires a digital, or electronic, "key" to unlock it before the message can be read. Both sender and receiver have a program that understands the code used to encrypt the message. This program alone can read the message; without the key, the code cannot be unlocked. Thus the information protected by the code is secure.
Such methods are in wide use. They allow merchants and card users to complete transactions authorized by a trusted third party, i.e., the credit card company.
Through the GMC/KPMG Certification Authority system, the Chambers are part of a "trust hierarchy" that allows them to play the role of Registration Authority. Digital Certificates assure the integrity and security of transactions and other business dealings.
Additional brochures, diskettes, and demos that explain Digital Certificates are available from GMC TIN CCIs. (Click on Training Resources for instructions on how to order these materials).
|
