Zetes : Be eID applications & readers

Belgian eID :

applications & card readers

Microsoft Event June 2 2004

Bart SymonsBart.symons@zetes.com

Zetes : Be eID applications & readers

Course Outline

• Zetes & Belgian eID project

• New Belgian eID card : three key functions

• Quick Applications overview

• eID Tools to use

• eID Card Readers : quid ?

• eID applications demo :– Web authentication using MS Internet Explorer– Signing Word documents based on eID

certificate

Zetes : Be eID applications & readers

Where to situate Zetes

• Belgian group, created in 1984

• Revenue ~100 M € in 2003 with 450+ people

• Two business axes :

– Automatic Identification, Authentication & Data Capture (tracking & tracing of goods)

– Identification of people (authentication, digital signature, encryption) -> P.A.S.S. Division

• Responsible for full Belgian eID implementation

• Bart Symons : architect for the eID and other INTL people identification projects.

Zetes : Be eID applications & readers

Smart Card services: ZETES CARDS

• ZETES Cards & Services:value-adding producer of intelligent & memory cards

• Complete value chain– Manufacturing– Personalisation– Logistics services

• Highly secured production site in Be

• Web-based tracking system

Zetes : Be eID applications & readers

Smart card services: ZETES PASS

• ZETES PASS =Personal Authentication& Security Services

• Solution Provider for authentication of people accessing e-services

• Integrator of customised projects including– Authentication– Non-repudiation (digital signature)– Data integrity– Confidentiality

Zetes : Be eID applications & readers

Three types of uses :data capture, authentication & signature

IDIDaddressaddress

e-Business e-Identity files : data capture

Free memory for e-Applications applications e.g.

- Biometric access- e-driver license- Alternative for SIS card- Target groups: Doctors, Lawyers, Companies- Other ….

Reference :eID white paperdeveloped by

authentication

digital signature

Certificates

RRN SIGNRRN SIGN RRN SIGNRRN SIGN

and

Zetes : Be eID applications & readers

Practical use in companies : data capture

• Cost reduction by using the right employee data in different processes (ref KPMG PPT) :

– HR division capturing employee data when employees change address or performing personnel evaluations

– HR division capturing new hires data– Employees filling out non-anonymous forms to

evaluate trainings– Reception desk : receiving visitors and applying

security policy– Etc.

• Physical building access based on eID files with central authorisation dbase : less used (most companies prefer contactless cards)

Zetes : Be eID applications & readers

Practical use in companies : authentication

• Remote website log-on based on eID(homeworkers and traveling employees) : different access possible based on employee status (centrally managed)

• Accessing the company intranet based on eID – principle of performing the authorisation through central database (employee “role”)

• B-t-B : authentication as first step in e-invoicing and e-purchase

Zetes : Be eID applications & readers

Practical use in companies : digital signature

• Signing e-mails : proving mail integrity and non-repudiation (ref KPMG example)

• Signing Word documents, PDF-documents in e-trading

• Signed e-documents can be e-archived : cost reduction (less paper, transport, etc.)

• Using digital signature is fast and accurate : internal company requests or interaction with partners

• ! UNIQUE : eID digital signature has same value as handwritten signature !

Zetes : Be eID applications & readers

Practical use in companies : eID tools built by Zetes

RRN : tools available

FedICT : launched May

Zetes : Be eID applications & readers

eID Toolkit Graphical Interface

Zetes : Be eID applications & readers

eID multi-platform middleware

• Microsoft Windows environments– Win98 and up

• OS neutral standards– Linux, MacOSX, Sun Solaris

• Java OpenCard Framework– Generic Java interface for card readers and

applications on card

Zetes : Be eID applications & readers

eID Card Readers

• Requirements :– minimum open standards to comply with

(ISO 7816)– PIN pad not mandatory but recommended– Labeling by FedICT very soon

• Different reader options available :– Mobile or fixed– With or without pinpad– eID only– eID & SIS– eID & payment– eID, SIS & payment

Zetes : Be eID applications & readers

eID Card Readers : fixed solutions

• Connected without pinpad

Most frequent use : for data capture (eg ISABEL roll-out to their 80.000 customers)

• Connected with pinpad for signature/authentication operations

Zetes : Be eID applications & readers

eID Card Readers : mobile solutions

• Solutions with pinpad :

Most frequent use : health market

• PCMCIA version :

• “Value Checkers” : low demand

ZETES PASS-Mate™

Zetes : Be eID applications & readers

eID Card Readers : payment

• Banksys :– CZAM Smash being adapted– CZAM BBD (bank counters) also– CZAMi not compatible (low memory)– Low end (CZAM PC) not eID compatible

• Thales terminals :

Zetes : Be eID applications & readers

eID applications Demo

– Web authentication using MS Internet Explorer

– Signing Word documents based on eID certificate

Zetes : Be eID applications & readers

THANK YOU !

Recommended literature :• Zetes eID White paper – developed by Zetes in combination with CertiPost (october

2003)• ‘10 million new Belgian electronic ID cards : a success !’ – developed by Zetes as

academic paper submission for the official Dublin e-government conference (june 2004)

• E-government: the approach of the Belgian federal administration, Brussels, FEDICT & CrossRoadsBank of Social Security, 2003 (F. Robben – J. Deprest) - http://www.law.kuleuven.ac.be/icri/frobben/publication%20list.htm