Download (direct link):
140 Chapter 6
Figure 6.2 The Indentrus four-corner model.
As shown in Figure 6.2, there are three levels of organizations that must interact to complete a successful transaction in the Identrus model: the banks that issue Identrus-enabled certificates, the companies that participate in the process by using a bank's services, and employees that conduct the transactions. The banks that interface directly with Identrus are called Level One Financial Institutions (LOFIs). LOFIs can act, for their customers, as the subscribing or relying financial institution, depending on which merchant initiated the transaction. LOFIs have basic infrastructure that they must maintain in order to adequately conduct transactions, as shown in Figure 6.2. Typically, as far as PKI is concerned, LOFIs issue or revoke Identrus-compliant certificates and smart cards. In addition to the actual issuance, the LOFIs also ensure that customers enforce proper control over the issued certificates and smart cards in order to provide warranties on transactions effectively. Warranty and liability management for their customers is a key role for the LOFIs, including Level Two Identrus banks (which do not connect directly with Identrus).
IDENTRUS: PKI IN THE FAST LANE
The Royal Bank of Scotland is a member of the Identrus network providing a service called TrustAssured. This service utilizes Identrus Global Certificates to provide encryption, nonrepudiation, authentication, and trust through the form of warranties as provided in the Identrus model. This case study looks at how the Royal Bank of Scotland solved one specific problem with the Identrus model, based on PKI.
Financial Solutions 141
Sixt Kenning is a multinational vehicle rental company with a significant leasing division in the United Kingdom. With its fleet of more than 12,000 vehicles, it regularly carries out leasing transactions with Lombard, the asset finance arm of RBS. The number of vehicles financed can vary from 30 to 500 per month, and a contract has to be signed by both parties for every deal. This used to mean a Lombard relationship manager traveling to and from customers' offices with the paperwork or the documents being sent by courier, fax, or post. Therefore, there was a considerable time lag between the company's receiving the contracts, signing them, and getting access to the financing from Lombard. This could create cash flow problems in the case of multimillion pound deals involving thousands of vans or lorries.
TrustAssured from the Royal Bank of Scotland (RBS) helps companies manage risk and improve efficiency by speeding up deals to gain competitive advantage and yet giving their ecommerce transactions the same risk profile as traditional paper-based transactions. The TrustAssured service enables businesses to facilitate the electronic signing, exchange, and storing of documents and files online.
The basic advantages of the TrustAssured services are these:
? Reduced costs of doing business by migrating paper-based processes onto the Internet
? Reduced complexity of building trust relationships with counterparts around the world
The Sixt Kenning leasing division is now using TrustAssured Sign and Store to do these transactions online with Lombard. The purchasing executives authenticate and sign the contracts online through a "hack-proof" Web site using their own unique digital signatures, which are held on their smart cards. Additional security (should their smart cards or laptops get into the wrong hands) is a private PIN number and secure encryption. The documents are also time and date stamped, giving a protected audit trail.
Stuart Gordon, finance director at Sixt Kenning, deals with other leasing companies that still fax or post legally binding documents: "With Lombard a document can arrive at nine o'clock and can be checked and signed by ten o'clock. In the meantime, this allows us to set the wheels in motion much more quickly to authorize payment. With other companies it's cumbersome. By post, it can take up to a week. There has been a huge reduction in the time wasted. Now it takes a matter of minutes to check a document and seconds to sign, instead of a couple of days due to the traveling and waiting for faxes or postal deliveries," he added.
RBS customers need to be confident that as a trust service provider, RBS will deliver the services it claims to offer honestly and expertly. tScheme is the industry-led body set up to approve these services and provide that confidence. RBS was the first bank to be awarded with this quality mark.
142 Chapter 6
Some recent examples (in the last few years) of usage of Identrus-enabled applications have included the following:
?? Cisco Systems Capital group used Bank of America as its provider for Identrus-enabled applications so that Cisco could process leasing transactions online. Costs savings were seen in the reduction of paperwork and increased speed with which leasing arrangements could be accomplished.