Methics develops mobile PKI clients under the brand name Alauda. New Alauda client app product is called as Unified Signature SDK. Alauda Unified Signature SDK combines multiple mobile PKI key stores seamlessly so that they complement each other.
With the talks of implementation of Identity Wallet for European citizens (EUDI Wallet), Qualified or Secure signature creation devices to perform eIDAS compliant signatures or seals (QES), year 2022 has been full of developments in Trust Services and Digital Identity sphere.
There are only few practical ways to implement security of user’s private keys, sole control and smooth user experience for Identity Wallets. We explained in our blog ‘Qualified Signature Creation Device for EUDI Wallet: Future of Strong Authentication‘ how three key stores remain an option to provide features of a signature creation device conformant to open standards.
Unified Signature SDK which combines multiple mobile PKI key stores seamlessly so that they complement each other. Usage of any key store is optional. SDK provides the flexibility to the user while maintaining needed level of trust and security for their multiple keys and certificates/credentials.
As number of mobile identity applications is growing the threat of Identity theft and fraud is also on the rise. Sole control of user’s private keys and privacy are seen as critical attributes for any robust trust services. Unified Signature SDK provides flexibility to the user while maintaining needed level of trust and security for their multiple keys and certificates/credentials.
Unified Signature SDK provides an option to user to select their key store and signature method. Our Unified Signature Protocol (USP) which is implemented by Unified Signature SDK, is able to provide same user experience for any key store selected.
Our implementations of Kiuru MSSP and signature solutions already support digital identity over a wide variety of signing key stores. Such as Signature Activation Module (SAM) as a remote key store, SIM/eSIM as local key store, or app keystore in smartphones.
Image below shows, how customer app or Identity Wallet app can utilize Unified Signature SDK to extend different technologies to their users. As EUDI Wallet scheme will allow both private and government entities to make a Digital Wallet commercially available for European citizens, Unified Signature SDK can be used for both purposes.
When Kiuru MSSP receives requests from mobile PKI clients, they are handed similarly. MSSP binds together the PKI infrastructure including identity registration, verification and certificate management. It means Signature/Authentication requests of the users appear similar to the service provider through our MSSP regardless of user’s client. While the user experience remains similar.
For example if smartphone app or keystore technology is not secure enough for some users, they can switch apps or use eSIM/SIM card instead as a SSCD (secure signature creation device).
When a user is changing their smartphone, they also need to create new keys (if they use smartphone keystore). However, if they have SIM/eSIM they can enroll new keys without any additional hassle.
You can use existing SIM/eSIM credentials i.e private keys to enroll your short term smartphone credentials. In this way, user can renew these vulnerable smartphone keys as often as they want.
Methics is positioned to support the key stakeholders responsible for making the EUDIW a reality. As a global leader of open standard Mobile ID services, our products are delivering tech for strong authentication. Methics can integrate existing services and high level of assurance identity mechanisms to a new identity framework. We support digital identity over a wide variety of authentication mechanisms and security assertions. Methics will offer a bridge between traditional PKI and W3C decentralized identity projects to provide identity and signing services. Feel free to get in touch with us if you want to discuss the presented model and how SSCD/QSCD can be provided from EUDI wallet to European residents.
If you are interested you can read Methics other blogs related to this topic:
- Qualified Signature Creation Device for EUDI Wallet: Future of Strong Authentication https://www.methics.fi/qscd-for-eudi-wallet-app/
- EU Digital Identity Wallet for every resident: Leveraging open standard SSCD https://www.methics.fi/eu-digital-identity-wallet-for-every-resident-leveraging-open-standard-sscd/
- Digital Identity & Self-sovereign Identity (SSI) https://www.methics.fi/digital-identity-self-sovereign-identity-ssi/