Authentication and Digital Signatures in E-Law and Security : A Guide for Legislators and Managers

The concept of authentication has been around for a long time in many forms. For example due diligence in commerce has traditionally been formalized to determine whether the data presented in commercial propositions are accurate and comprehensive....

Full description

Bibliographic Details
Main Authors: Asian Development Bank, Inter-American Development Bank, World Bank
Format: Working Paper
Language:English
en_US
Published: World Bank, Washington, DC 2014
Subjects:
B2B
B2C
ID
PKI
WEB
Online Access:http://documents.worldbank.org/curated/en/2004/12/20165808/authentication-digital-signatures-e-law-security-guide-legislators-managers
http://hdl.handle.net/10986/20214
Description
Summary:The concept of authentication has been around for a long time in many forms. For example due diligence in commerce has traditionally been formalized to determine whether the data presented in commercial propositions are accurate and comprehensive. With the emergence of e-commerce the concept of authentication has encompassed new realities that are a feature of the relatively narrow avenues for information and potentially high risks inherent in an online environment. This paper seeks to provide an understanding about the different ways of assuring authentication. These authentication rules and tools including for example public key infrastructure (PKI) are sometimes meant to set a legal and technological framework for trustworthy electronic transactions, promoting e-procurement, e-commerce, e-business, and e-government. The two considerations of business risk and legal validity are both intrinsic to the concept of authentication. This report explores the issues and solutions affecting the concept of authentication in terms of legislation, management and technology. This report finds that for online authentication things is not always what they may seem and that legislation and technology alone cannot build a trust environment and, if misunderstood, may produce a high risk illusion. It is crucial that the limitations and fallibility of the technology be explicit in its commercial applications and that business risks be managed accordingly.