This press release was converted from a PDF and may not display properly
Smart Card Signatures and Authentication
vSEC:ID extends applications such as web applications with digital signing capabilities. It supports all major web browsers, and can be integrated into any existing web application. It is an easy-to-use security tool that uses secure tokens (for example smart cards) and PKI-based digital signatures for strong authentication and data integrity. vSEC:ID helps corporations, consumers, trading partners, governments and citizens to perform secure and non-repudiate transactions.
Figure 1: vSEC:ID overview
vSEC:ID has two major components, the vSEC:ID Client and the vSEC:ID Server. vSEC:ID Client interacts with the secure tokens to do the cryptographic calculations needed for the secure transactions. vSEC:ID Server performs the cryptographic operations required to verify the signatures made on the client side and for validating the certificates used. The vSEC:ID server can perform OCSP and CRL checks along with the capability to interface to HSMs.
Example of how vSEC:ID can be used
A document to be signed, e.g. for a B2B transaction, is created by the web application on the server. The web server also generates a HTML page which includes the vSEC:ID Client component to display the document to be signed to the user, so that the user "signs what he/she sees". After inserting the smart card (holding a valid certificate) in a smart card reader, and typing in the PIN, the user can sign the transaction with a simple click. Next, the data is transmitted securely from vSEC:ID Client to the web server for verification by the vSEC:ID Server.
Figure 2: Web page using vSEC:ID Client
Figure 3: Web component Figure 4: Installed version
The vSEC:ID Server is a high performance server component. It has several interfaces to make it as easy as possible to integrate into any web application. The application interfaces include HTTP, XML and Java. It also interacts with other back-end components such as HSMs through standard interfaces (PKCS#11). It can perform all standard PKI operations, such as sign, encrypt, decrypt, verify and validate certificates.
©2008 – Versatile Security Sweden AB - The information contained in this document has been carefully checked and is believed to be accurate. However, Versatile Security reserves the right to change or discontinue these products without prior notice. Versatile Security, the Versatile Security logo and vSEC:ID are trademarks and service marks of Versatile Security Sweden AB and are registered in certain countries. All other trademarks and service marks, whether registered or not in specific countries, are the property of their respective owners.