Event took place on 28th of November in Bengaluru and was hosted by eMudhra. Here are a few highlights from presentations given on this event and you can also see the full recording of the livestream from Youtube at https://www.youtube.com/watch?v=uR3TBKajl1o
Members present were Bangladesh, China, Hong Kong, India, Iran, Japan, Malaysia, Saudi Arabia, South Korea, Thailand, Taiwan and Vietnam. Invited guests were from Europe, Indonesia, Philippines, Kenya, Cameroon, Ghana, United Arab Emirates and Nepal.
Mutual recognition of local secure (qualified) digital signature systems was a topic that was mentioned in a lot of the presentations.
Driving force behind it is Japan that proposed Data Free Flow with Trust (DFFT) at the G20 OSAKA Summit in 2019, DFFT was mentioned for the first time, and it was further developed at the G7 Hiroshima in 2023. India with the G20 presidency had mutual recognition of national digital transactions as one of the main topics and announced by Mr. Arvind Kumar together with Japan and Kenya.
The European Commission has established a trust list for third countries where Ukraine is already present and other countries have a clear process of joining. India and Japan are expected to join very soon. As a first step their signatures will be recognized in advanced level and after a government level mutual recognition agreement they can be very easily changed to qualified electronic signatures also.
Indian Secure Trust Ecosystem & Moving towards mutual recognition by Aashish Banati
- India has over 20 Trust Service providers. Full list at https://cca.gov.in/licensed_ca.html
- Billions of eSignature and eSeal transactions are done every day with long term certificates
- Over 450 million short lived eSign transactions are created
- Remote trust for issuing certificates can be acquired from Unified Payment Interface (UPI) and Aadhaar authentication to create digital signature in a few seconds
- Tax filings and e-procurement are very popular use cases for digital signatures
- Foreign CA-s can be recognized in India in one month
European Union eSignature Programme introduction by Apostolos (Tolis) Apladas
- Eu has developed open source DSS library, eIDAS Dashboard, Trusted List Browser, ETSI signature conformance checker, and Third Countries Trust List Programme (TCTL)
- European Union has 234 active Qualified Trust Service Providers
- TCTL explains how to handle mutual recognition of Advanced and Qualified trust services
- European Digital Identity Wallet will come with free qualified electronic signatures for wallet users.
Kenya’s Digital Landscape & the African Perspective by Dr. Vincent Ngundi
- Mobile Penetration in Kenya is 131%. Internet users are 92%
- Kenya’s National Public Key Infrastructure (NPKI) has 1 Root CErtificate Authority and 4 Certificate Authorities. 6 more Certificate Authorities are awaiting for accreditation https://ke-cirt.go.ke/licensed-accredited-e-csps/
- 1% increase in Digital Trust means on average 600 USD increase in GDP per Capita
- Building digital trust into our global digital economy can unleash trillions of dollars of opportunities – WEF 2022
Cameroon’s initiatives on digitalization with the power of PKI by Eric Josue Boumndjel
- Cameroon has a framework for mutual recognition or qualified electronic signatures
- Antic is part of AAECA-Net (Arab & African e-certification authorities network) that has 12 members
- AAECA-Net established a working group in 2022 for the development of a strategy for mutual recognition. Countries invoiced are Tunisia, Cameroon, Bening, India, Sudan, Saudi Arabia and Qatar.
- 2022 vs 2023 the number of secured digital transactions has been growing ~10x and has huge potential to grow much more.
- Main difficulty in higher adoption is lack of regulations requiring electronic certification
Ghana’s Digital Space by Solomon Richardson
- Mobile penetration 129%. Network coverage 89%, Mobile broadband 99%
- Ghana has adopted GhanaCard as a person’s ID by NIA . 17 million GhanaCards are issued with population of 32.7 million
- Entity and Company digital identity by register of companies (* I did not find any information online about it after quick googling)
- First CA has just been established with National PKI on the national ID card
- A lot of time will be spent in 2024 with private sector to identify use cases, set up applications and license CAs
- Tender for new PKI regulation will be created in Q1 2024 as current law is outdated
South Korean Public Key Infrastructure, Compliance and Assessment by Jinhwan Shin
- New revised law has been introduced in 2020
- 2 branches of digital certificates. Government PKI for government employees and National PKI for everyone.
- Digital Certificate usage in 2017 – Internet Banking 98%, e-Government 91%, e-Commerce 86%
- Many banks have become Certificate Authorities.
- Popular chat app KakaoTalk is certificate authority https://kakao.com/talksafety/en/toolandguide/version/certificate
- PASS is digital identity app launched by 3 largest telcos (SK Telecom, KT and LG Uplus)