Three solutions to come out of Estonia – Guardtime, Signwise and SecureMAIL – share the objective of making your steps in the cyber-world more secure and private.
I
1. Guardtime – real-time authentication for electronic data exchange
Guardtime’s key technology is called Keyless Signature Infrastructure or KSI. The technology is aimed at organisations that deal with large-scale digital data and the challenges of securing the integrity of that data. Simply put, if you want to be sure (either for business or regulatory reasons) that the data is not tampered with, you need a method to “stamp” it.
How does it work: Guardtime generates an electronic stamp for the data called a signature. The signature acts like a lie detector, helping you verify when and by whom a piece of data was created and if it has been changed. The revolutionary part is that instead of relying on humans to verify the data, it can be done automatically, by means based on mathematics. This eliminates the unreliable part of the equation – the human.
Who are the users of Guardtime: Typically, Guardtime partners with distributors in different jurisdictions. These can be telecommunications companies or cloud infrastructure providers. However, Guardtime also has solutions for private individuals who need proof of authenticity for PDF content or want to sign their WordPress blog posts to establish ownership and time.
2. Signwise – a simple, secure and legally binding e-signing solution
Scanning signed documents into PDFs and emailing them is a procedure that should belong in the past. In Estonia, digital signatures are a common practice; however, it can be complicated if you have parties without an Estonian ID-card, as is the case for multi-national companies. Signwise sets its sight on resolving this problem and bringing the ease of digital signatures to the world, enabling you to sign a contract online in minutes.
How does it work: Signwise works with government-issued smart cards or IDs, which contain electronic certificates confirming the identity of the signer and proving the authenticity of the electronic signature. After identifying yourself with your ID-card, the software transports your desired files or documents to the recipient, also identifiable with an ID, via secure channels so that it does not even travel through the open internet. This means that you can be totally sure who the document came from and also that no one else was able to view it. The founder of Signwise, Tiit Anmann, says that the software is meant to work regardless of operating system or browser.
Who are the users of Signwise: Currently the company targets its services at organisations that have a lot of paperwork to be signed with their customers (eg banks). However, it is also being used in the public sector. The service is free for private individuals.
3. SecureMAIL – a new level in e-mail security
SecureMAIL is a solution by the Estonian company BHC Laboratory that helps keep your sensitive email correspondence authentic and confidential between you and your recipient. It challenges current email encryption providers by being inexpensive and not interfering with the user experience. The creators of SecureMAIL imagine a future where encrypted email is the standard and regular email is referred to as “insecure” or “public” email.
How does it work: SecureMAIL provides users with a personal hardware security token that is instantly available for secure email communication. The solution is compatible with all email programs. In the background, a token management system (TMS) operates with an integrated public key infrastructure (PKI), owned and controlled by the customer. Running the system does not require specific IT knowledge nor help from an IT professional. TMS deployment is made easy for the customer. It can be run from a server, a workstation or a laptop.
Who are the users of SecureMAIL: Obviously, the investment makes sense for organisations that give high value to confidentiality – be it cutting-edge innovators or legal advisors. However, the user experience is where SecureMAIL most challenges existing email encryption solutions that alter the user’s workflow and tempt the users to bypass the solution.
I
This article was originally published by e-Estonia. Cover image: Images.com.
