Digital certificates: used every day, but almost unknown

The foundation for secure transactions on the net; Survey: Only one in six Internet users can explain what this term means; CeBIT: Bundesdruckerei presents solutions to be used with certificates; PKI as a Service: cryptography at a press of a button from the cloud

Berlin – They secure online banking, eCommerce and social networks; they are used in digital electricity meters, electronic prescriptions, in car-to-car communication and during registration procedures in digital town halls. Almost every Internet user uses them every day, whether for private or work purposes, but hardly anyone knows what they are: digital certificates. Only one in six Internet users in Germany (16 percent) can explain what this term means. Every fifth user (21 percent) has already heard the term, but cannot explain it. More than half of those online (60 percent) have never even heard of digital certificates. This is the result of a representative consumer survey commissioned by Bundesdruckerei GmbH. "Digital certificates are vital for protecting Internet transactions, they provide the foundation for more advanced security solutions, but the Internet community is still unfortunately largely oblivious to this," says Ulrich Hamann, CEO of Bundesdruckerei. "At CeBIT, we want to show private companies and public authorities and hence indirectly end customers how easy it is to use such certificates and how they can make Internet transactions even more secure."

Bundesdruckerei's subsidiary D-TRUST is one of only a handful of German trust service providers whose certificates are trusted by conventional applications. Certificates from D-TRUST are used, for instance, to secure communication between users and servers in Microsoft's new cloud in Germany: Beginning mid-2016, Microsoft will successively offer its Azure, Office 365 and Dynamics CRM Online cloud services from German data centres.
According to the survey, almost two thirds (64 percent) of all German citizens, i.e. online and offline, have never heard the term digital certificates. But almost all of today's secure authentication, encryption and electronic signature methods are based on these certificates. They can be used by anyone or anything to provide their true identity in the digital world. Certificates protect the cryptographic keys of individuals and organisations against forgery and Manipulation.

Internet users are usually familiar with digital certificates in the address line of their Internet browser where they appear as so-called Transport Layer Security certificates (TLS certificates). The address line turns green when ownership of a website can be proven to be trusted, i.e. this is, for instance, confirmation that the website currently displayed to an online banking customer is in fact the bank's genuine website. Trust service providers like D-TRUST verify the allocation of the website and the existence of the owner using trusted sources, such as the commercial register. The user's Internet browser checks two things: whether the website certificate was issued by a trusted service and whether it is still valid. All the checks must be successful for the browser line to turn green, i.e. indicating that the website is trusted. In this way, phishing attacks can be avoided.

Organisations require a public key infrastructure (PKI) in order to create, manage and validate digital certificates. But setting up and operating a dedicated IT system like this is a complex and costly matter. Moreover, self-created certificates are not recognised outside the organisation, i.e. are rarely suitable for networked industry and other applications. That's why many small and medium-sized companies opt not to use strong cryptography.

At CeBIT 2016 (Hall 7, booth C18), Bundesdruckerei will present its new cloud offer: PKI as a Service. This means that small and medium-sized organisations do not have to go to great lengths in order to be able to use highly secure TLS, encryption, signature and authentication solutions. Instead of investing a lot of time and money in their own PKI, customers can use standard interfaces to connect existing infrastructures to Bundesdruckerei's PKI. They can then benefit from Bundesdruckerei's experience at a click of a button so to speak. "Bundesdruckerei is one of the biggest issuers of secure electronic identities in Europe. Due to its independent role and recognised expertise, external business partners are more than willing to trust the certificates created," explains Mr Hamann.

Certificates for electronic identities can be easily and securely issued at D-TRUST and can be collected either manually or automatically. Applications and business partners can use the integrated validation service at all times to check the authenticity and validity of the certificates. These certificates are recognised world-wide and their contents can be adapted to the customers' needs. In order to achieve outstanding security with two-factor authentication, PKI as a Service also enables simple personalisation of hardware tokens: from smart cards to wireless NFC/Bluetooth tokens for mobile applications.

Note regarding methodology:
The information contained here is based on a survey conducted by Bitkom Research in February 2016 on behalf of Bundesdruckerei GmbH. 1,005 consumers over the age of 14 were polled, including 812 Internet users. The survey is representative. The question asked was: Have you ever heard of or read the term "digital certificates" and do you know what so-called "digital certificates" are?

Digital certificates: used every day, but almost unknown

File size: 146.89 KB

Format: PDF

Download file