e-signed docflow system in georgian financial sector nana enukidze – e-business development...
DESCRIPTION
E-Signed DocFlow System 3 Purpose Scope: Centralization of Electronic Document Management system in Banking Sector E-Signed DocFlow System Users: Bank clients Any Third Party (e.g. Court, law enforcement … Companies)TRANSCRIPT
E-SIGNED DocFlow SYSTEM in
GEORGIAN
FINANCIAL SECTOR
NANA ENUKIDZE – E-Business Development Consultant
2
Background Information
Conditions precedent: From commercial banks’ side: General readiness
and maturity for the engagement into e-business
From NBG’s side: Creating reliable and trustworthy environment for utilizing electronic signature
Essential components for replacing paper based document to e-doc:
• Creation of Electronic Document with Electronic Signature
• Creation E-signed Document Management System
3
E-Signed DocFlow System
Purpose Scope:
Centralization of Electronic Document Management system in Banking Sector
E-Signed DocFlow System Users:
• Bank clients • Any Third Party (e.g. Court, law enforcement …
Companies)
4
ESDS in Action
http://www.esds.com.ge/
Purpose Scope:
Centralization Electronic Document Management system in Banking Sector
E-Signed DocFlow System Users :
• Customer of Banking Sector • Any Third Party
5
While administering ESDS the NBG ensures:
• Receive the Electronic document directly from a Bank
• Security of the Electronic Signature
• Integrity of the Electronic Document
• Possibility to Detect ANY changes in the Electronic Document
• Signature Non-repudiation (by signatory ) Environment
• Possibility to Access Safely the Electronic Document
• Possibility of Signatory Identification after the signing
• Possibility to Archiving Securely Electronic D for a long time
6
Simple way to received E-signed Document
YOU have to:
• Sign E-document by using Your Signature Biometric Data
• You automatically receive E-Doc ID and Pin code • You can use any Internet connected device for
receiving E-Doc
• Visit www.esds.com.ge • Enter E-Doc ID / then Pin code • Enter (don’t forget : ) “search”
The ORIGINAL VERSION of The E-Signed Doc IS in YOUR device
7
For YOU & for Third Parties
If you are the signer you can:• Receive the Original Version of E-Doc any time • Using the same PIN cod for 5 days Multiple times• Request NEW Pin cod Any time • Send Doc ID and Pin cod to ANY Third Party - It is your
right!
Third Party – receive YOUR E-signed Doc:
• Use www.esds.com.ge
8
E-Signed Doc in Banking Sector
9
Project participants
• National Bank of Georgia _ Assess ES service providers (TSP)
and
approves commercial bank’s
security policy
• Commercial Bank _ Creates reliable and trustworthy
environment
• Electronic Signature Creation Device supplier - TSP
• Digital Signature Certificate Authority (CA) - TSP
• Biometric data encription key pare generated body - TSP
• Time Stamp service provider - TSP
• Signatory
• Expertize Bureau
10
Handwritten Electronic Signature
11
Minimum Technical Requirements
– Biometric data _ ISO standard ISO/IEC 19794-7:2007(E)– Public-key cryptosystem _ RSA– Key length _ 2048 bit– Cryptographic hash function _ SHA256– Public-Key Certificate _ X.509– Time Stamp protocol _ RFC 3161 (cryptographic time-
stamp)– PDF A/ - 2a format document _ Long term validation
12
E-Document Structure in Banking Sector
I _ Customer’s signature: – Client’s encrypted biometric data– Client’s encrypted biometric data is embeded to the document– Integrity of the document is ensured by digital signature certificate ( I
certificate)– Cryptographic Time-Stamp is used for first digital signature
II _ Bank’s signature _ Signatory – physical entity: – Client’s encrypted biometric data– Client’s encrypted biometric data is embeded to the document– Integrity of the document is ensured by digital signature certificate ( I
certificate)– Cryptographic Time-Stamp is used for second digital signature
III _ Electronic Stamp: – CA issues Signature digital certificate to the Bank _ Stamp certificate (II
certificate)– Client’s encrypted biometric data is embeded to the document– Integrity of the document is ensured by digital signature certificate – Cryptographic/Local Time-Stamp is used for Electronic Stamp
13
NBG COMPETITIVE STRENGTH
Successful implementation of Advanced ES in banking sector means:
– Utilizing ES according The Directive requirements
– Favorable legislative environment _ appropriate amendments and
methodological guidelines performed by NBG
– Ability and readiness to regulate complex technical solution from
NBG's side
– Availability of expertize (forensic analysis) of handwritten electronic &
digital signature
– Commensurate readiness among the major commercial banks
14
NEXT STEPS IN FINANCIAL SECTOR - 2016
Availability of Distance performing 100%
Banking operations
15
Electronic Signature in Banking Sector
Thank You