The era of signing electronic contracts with simple authentication is coming

[FIDO Hackathon Winners Relay Interview] ‘CrossCert-TEEware’

Digital signatures, in terms of convenience, naturally overwhelm handwritten signatures. As it is based on electronic files instead of paper or seal, it is relatively unlikely to be forged or altered, and you do not have to carry the necessary materials for signature. The identification process does not require a physical ID.

Fast Identity Online (FIDO), a simple authentication technology that authenticates device owners with biometric information, PIN numbers, or hardware key information stored only on the device, also adds convenience to digital signatures.

However, the challenge remains that simple authentication alone makes it difficult to verify the identity of the device owner.

The CrossCert-TEEware team, which participated in this year’s Fast Identity Online (FIDO) Hackathon, further thought about the electronic signature that can verify the identity of the device owner through simple authentication based on FIDO.

As a result, we developed a ‘DID-based electronic contract solution’ that combines electronic ID based on distributed ID technology with FIDO.

Han Sang-wook, the team leader of the Korea Institute of Electronics and Convergence Technology, is the mentor of the team. While the company was looking for an opportunity to integrate FIDO in various fields, the company participated in hackathons to create various business items and foster talent.

[A simple authentication-based online identification technology that combines FIDO authentication and DID electronic identity card, and an overview of DID-based electronic identity card with authentication key.]

TEEware is a startup founded by researchers at the Institute of Information Security (KAIST) and the Institute of Trusted Execution Environment (TEE).

Kwak No-hyun, CEO of TEEware, said, “We have planned an electronic contract solution by combining FIDO and DID that we were interested in.”

CrossCert-Teeware Team

The use of DID-based e-contract solutions allows for identity verification by simply submitting a digitally signed document, due to the nature of the DID technology that allows information entities, rather than specific organizations, to provide personal information.

The sender generates a DID-based electronic identity card while performing FIDO user registration. This ID is included in the FIDO authentication key. After FIDO authentication, the PDF document is electronically signed and sent to the recipient.

When the recipient checks the digital signature displayed on the PDF, the recipient uses the FIDO authentication key included in the digital ID, which is posted on the DID, to verify the key owner along with the digital signature with the DID digital ID.

The CrossCert-TEEware team emphasized that it was not just a simple technology verification level, but also completed the business verification by applying this technology to the electronic document distribution process.

Both companies are currently conducting a pilot project for simple and transparent management of research notes by applying them to online university identification system based on simple authentication based on hackathons.

After the hackathon, MOU was signed to develop close joint projects.

One team leader said, “The result was a good result through passionate mutual collaboration based on TEEware and open innovation.” “We will gradually apply this case in the company for better product quality.”

Kwak said, “We will not only be awarded the FIDO Hackathon, but will also organize and develop the requirements for more commercialization with Mentor.”

http://www.zdnet.co.kr/view/?no=20191107075932