E-SIGNED DocFlow SYSTEM in 

GEORGIAN

 FINANCIAL SECTOR

NANA ENUKIDZE – E-Business Development Consultant

2

Background Information

Conditions precedent: From commercial banks’ side: General readiness

and maturity for the engagement into e-business

From NBG’s side: Creating reliable and trustworthy environment for utilizing electronic signature

Essential components for replacing paper based document to e-doc:

• Creation of Electronic Document with Electronic Signature

• Creation E-signed Document Management System

3

E-Signed DocFlow System

Purpose Scope:

Centralization of Electronic Document Management system in Banking Sector

E-Signed DocFlow System Users:

• Bank clients • Any Third Party (e.g. Court, law enforcement …

Companies)

4

ESDS in Action

http://www.esds.com.ge/

Purpose Scope:

Centralization Electronic Document Management system in Banking Sector

E-Signed DocFlow System Users :

• Customer of Banking Sector • Any Third Party

5

While administering ESDS the NBG ensures:

• Receive the Electronic document directly from a Bank

• Security of the Electronic Signature

• Integrity of the Electronic Document

• Possibility to Detect ANY changes in the Electronic Document

• Signature Non-repudiation (by signatory ) Environment

• Possibility to Access Safely the Electronic Document

• Possibility of Signatory Identification after the signing

• Possibility to Archiving Securely Electronic D for a long time

6

Simple way to received E-signed Document 

YOU have to:

• Sign E-document by using Your Signature Biometric Data

• You automatically receive E-Doc ID and Pin code • You can use any Internet connected device for

receiving E-Doc

• Visit www.esds.com.ge • Enter E-Doc ID / then Pin code • Enter (don’t forget : ) “search”

The ORIGINAL VERSION of The E-Signed Doc IS in YOUR device

7

For YOU & for Third Parties  

If you are the signer you can:• Receive the Original Version of E-Doc any time • Using the same PIN cod for 5 days Multiple times• Request NEW Pin cod Any time • Send Doc ID and Pin cod to ANY Third Party - It is your

right!

Third Party – receive YOUR E-signed Doc:

• Use www.esds.com.ge

8

E-Signed Doc in Banking Sector

9

Project participants

• National Bank of Georgia _ Assess ES service providers (TSP)

and

approves commercial bank’s

security policy

• Commercial Bank _ Creates reliable and trustworthy

environment

• Electronic Signature Creation Device supplier - TSP

• Digital Signature Certificate Authority (CA) - TSP

• Biometric data encription key pare generated body - TSP

• Time Stamp service provider - TSP

• Signatory

• Expertize Bureau

10

Handwritten Electronic Signature

11

Minimum Technical Requirements

– Biometric data _ ISO standard ISO/IEC 19794-7:2007(E)– Public-key cryptosystem _ RSA– Key length _ 2048 bit– Cryptographic hash function _ SHA256– Public-Key Certificate _ X.509– Time Stamp protocol _ RFC 3161 (cryptographic time-

stamp)– PDF A/ - 2a format document _ Long term validation

12

E-Document Structure in Banking Sector

I _ Customer’s signature: – Client’s encrypted biometric data– Client’s encrypted biometric data is embeded to the document– Integrity of the document is ensured by digital signature certificate ( I

certificate)– Cryptographic Time-Stamp is used for first digital signature

II _ Bank’s signature _ Signatory – physical entity: – Client’s encrypted biometric data– Client’s encrypted biometric data is embeded to the document– Integrity of the document is ensured by digital signature certificate ( I

certificate)– Cryptographic Time-Stamp is used for second digital signature

III _ Electronic Stamp: – CA issues Signature digital certificate to the Bank _ Stamp certificate (II

certificate)– Client’s encrypted biometric data is embeded to the document– Integrity of the document is ensured by digital signature certificate – Cryptographic/Local Time-Stamp is used for Electronic Stamp

13

NBG COMPETITIVE STRENGTH

Successful implementation of Advanced ES in banking sector means:

– Utilizing ES according The Directive requirements

– Favorable legislative environment _ appropriate amendments and

methodological guidelines performed by NBG

– Ability and readiness to regulate complex technical solution from

NBG's side

– Availability of expertize (forensic analysis) of handwritten electronic &

digital signature

– Commensurate readiness among the major commercial banks

14

        NEXT STEPS IN FINANCIAL SECTOR - 2016

Availability of Distance performing 100%

Banking operations

15

Electronic Signature in Banking Sector

Thank You