Drive for greater use of digital signatures

Drive for greater use of digital signatures

In a bid to encourage greater use of electronic transactions, the National Root Certification Authority (NRCA) is to promote the use of digital signatures in e-transactions dealing with government organisations.

Published on January 8, 2008

The NRCA is the central organisation that registers and issues digital signature certificates for Thailand's three certification-authority (CA) providers. It is also responsible for certificate revocation, renewal and publication.

Government Information Technology Services director Sak Segkhoonthod said the NRCA planned to launch three pilot projects to encourage government agencies and business organisations to use digital signatures in electronic transactions.

The projects are: the use of digital signatures in the National Single Window Exchange, the launch of an Asean CA-to-CA scheme and the development of bi-party CA projects.

A digital signature is an electronic signature that can be used to authenticate the identity of the sender of a message or a signatory to a document, and possibly to ensure that the original content of a message or document is unchanged.

It is based on public key infrastructure, which enables the parties in a dialogue to establish confidentiality, message integrity and user authentication without having to exchange any secret information in advance, or even to make prior contact.

A digital signature is

easily transportable, cannot be imitated by anyone else and can be automatically time-stamped.

Until now, digital signatures have been used in Thailand mainly in the National Single Window Exchange, which recorded about 1 million e-transactions last year.

In its efforts to encourage their greater use, the NRCA plans first to work with the National Single Window Exchange to increase the number of e-transactions using digital signatures to between 4 million and 5 million within three years.

"The low use of digital signatures in the country is due to the lack of killer applications," Sak said.

"From now on, we will work closely with government organisations to launch more e-applications requiring the use of digital signatures. Most of them will be e-services provided for private sector organisations by the Customs Department and the Business Development Department."

The NRCA is collaborating with both departments and expects about 200,000 Business Development Department e-transactions to use digital signatures this year, Sak said.

The NRCA is also planning to promote interoperability between CA providers in order to facilitate the use of digital signatures across the providers. At present there are three CA providers: CAT Telecom, TOT and Thai Digital ID. They have collectively issued about 100,000 digital signature certificates, but the certificates are still proprietary and cannot be used across other CA providers.

The number of CA providers is expected soon to increase to five.

Interoperability will also be promoted among CA providers in other Asean countries. A pilot Asean CA-to-CA project will be launched in March, starting with Thailand, Malaysia, Singapore and the Philippines.

The NRCA also plans to initiate pilot bi-party CA interoperability projects between Thailand and Japan and Thailand and Taiwan.

In addition, it plans to encourage greater use of object identification (OID) in the Kingdom, primarily for important e-documents that require additional security and identity, such as official e-documents from government organisations and business e-documents among private companies.

The NRCA is the official Object Identifier that issues OIDs for both organisations and commercial CA providers.

All moves are also expected to promote the greater use of the country's CA providers.

Asina Pornwasin

The Nation