A technique called asymmetric (or public key) encryption can be used as proof of identity when using the Internet for business transactions. By combining two encryption keys, one private and one public, identification, privacy and digital signatures can be achieved.

An additional tool is a certificate, an electronic document, signed electronically by a Trusted Third Party (TTP) e.g. a bank or public authority, that describes the holder. It is equivalent to an identity card. A system using asymmetric encryption and digital certificates to achieve secure Internet services is called a Public Key Infrastructure (PKI).

Certificate mainly serves the purpose of authenticating its user, but more efficient use should include methods such as billing. TelCos now handling the exhausting and resource consuming routines of billing, could entirely free themselves from this if certificates controlled the routines. This could be implemented by giving certificates a value, a life-time. E.g., rights for accessing different services could be based on Certified Tickets. Similarly billing in European IP-Roaming could be based on Certified Tickets. Certificates enable reliable implementation of billing, routines, yet also simplifying them significantly from what they now are.

There are a range of potential applications and services to be explored that can bring excellent new business opportunities for TelCos. The near future will show how certificates rapidly become a widely used mean of authentication. Inevitably certificates will play a crucial part when providing services over the network.

The main customer for the results of the Project  are identified sales, marketing and networking divisions at EURESCOM  Shareholders as well as the European Commission electronic signature initiative & relevant standards bodies.

What are the key results of this Project?

The main objectives of this Study are to:

• clarify what is the strategic business position of PKI for the TelCos
• identify application services such as electronic commerce for TelCos where the use of certificates will be a key issue for new business opportunities
• identify market opportunities where the importance of Europe-wide PKI is significant for the TelCos
• propose a reference PKI model for TelCos to establish Certification Authority (CA) services for new applications
• contribute to the work of the European Commission on items such as CA licensing and cross certification issues