SmartTrust to offer digital signing alternative for desktop applications in a bid to overcome slow deployment of smart cards and readers
The divide between fixed and mobile Internet channels will be further narrowed with the release of SmartTrust Personal V3.0 from Sonera SmartTrust.
With over one million copies already sold, the latest version of the PC-based solution will allow a number of desktop applications, including Microsoft Outlook and Explorer and Netscape Messenger and Communicator to accept digital signatures signed using a mobile phone equipped with signing keys.
"Digital signing keys stored within smart cards have always offered the most secure means of digitally signing transactions and communications. However, the deployment of smart cards and smart card readers as peripherals to PCs has been slow to take off, impacting on the number of users able to leverage this extremely secure way of authenticating themselves and encrypting information," explains Sten Lannerstrom, Product Portfolio Manager at Sonera SmartTrust.
"The SIM (Subscriber Identity Module) card within a mobile offers an equally tamper-resistant environment and has the advantage of being a mass-market device used by millions of people around the world."
By linking the mobile device to SmartTrust Personal, users will be able to digitally sign emails, web transactions and a growing number of SmartTrust partner applications such as electronic forms and VPN connections from their PC without the need for a separate smart card reader. They will also be able to authenticate themselves during Windows 2000 session log-ins.
"The combination of mobile technology with the now ubiquitous applications being run on most desktop PCs will offer users the most secure and convenient means of communication," added Lannerstrom.
SmartTrust Personal V3.0 is due to be released in Q3 2001.
SmartTrust Personal combines support for smart cards and digital signatures with strong encryption, enabling end users to securely conduct financial transactions, e-commerce and other security-critical services from their desktops.
As SmartTrust Personal implements the PKCS #11 standard and includes a Microsoft Cryptographic Service Provider (CSP), it can be integrated seamlessly with a number of third party products, such as mail clients from Microsoft and Netscape. SmartTrust Personal can also be used in Virtual Private Network (VPN) solutions as a digital signature add-on to XML-forms software and any other type of security-critical application.
The software is compatible with all major smart card and SIM card manufacturers and includes cryptographic support of 128-bit key length.
It uses the standard client authentication procedure in the SSL 3.0 protocol and utilizes the security proxy feature in standard Internet browsers.
SmartTrust Personal has been tested on Windows 95, Windows 98, Windows NT 4 and Windows 2000.