Topic: Trends

What’s “Electronic” About “Electronic Signatures”?

The short answer is: Nothing. Why would this be an interesting question at all? The piece of EU legislation that currently regulates digital signatures uses the word electronic 357 times in 42 pages. So what’s wrong with it? Continue »

Digital Signature Solutions: Why You Should Take a Second Look

Signing documents digitally (usually over the Internet) is hot, and for a reason. Heads of state may afford pomp and ceremony when signing an agreement.

Businesses need a much less costly way for their steady flow of transactions. So does the public sector in their interactions with citizens. Digital signatures have the potential to reduce hassle and cost.

But how safe are they? If you are evaluating solutions, stop and take a second look. Does the solution deliver in the area you expect?
Continue »

Digitala underskrifter, hur funkar de? (in Swedish)

Är digitala underskrifter ett obegripligt hokus pokus för datanördar? Verkligen inte! Det går att förstå hur de fungerar. Alla borde ha åtminstone ett hum om tekniken eftersom den har blivit så vanlig.

Den här beskrivningen gäller digitala underskrifter med BankID eller liknande, där man kan använda svenskt personnummer. På slutet tar vi upp att det finns andra metoder.
Continue »

Att skriva under en momsdeklaration (in Swedish)

Att skriva under en momsdeklaration på webben är något som ett stort antal småföretagare gör rutinmässigt. Men håller underskriften för juridisk prövning?

Skatteverket måste vara en av de mer progressiva myndigheterna i Sverige. Tillgängligt, bra bemötande, förstklassig webb. Kan digitala underskrifter vara den klassiska flugan som stör parfymens doft?
Continue »

WYSIWYS: Naturlag för underskrifter, digitala och analoga (in Swedish)

Digitala underskrifter är rutin och vardagsmat. Förvånansvärt ofta uppstår ändå frågan: Vad är det vi skriver under egentligen? Det gäller speciellt i offentlig sektor. Har du tvivlat någon gång på vad du skrev under?

Den här artikeln ger besked.
Continue »

Obscurity Removed from Swedish BankID

The Swedish BankID is a digital authentication and signature framework that has become a huge success. In a previous post I complained about an obscurity in the Swedish BankID. I am happy to report that the obscurity has now been removed.
Continue »

Obscurity in the Swedish BankID

The Swedish BankID is a digital authentication and signature framework. As mentioned in a previous post it has been a huge success.

So why complain? I do complain because, as BankID has become ubiquitous in all kinds of Swedish internet services, it has set a dubious standard. BankID contains elements of security by obscurity that abuses the rights of the general public. The obscurity is not limited to technicalities. It also involves legally questionable practices that have become de facto standard.
Continue »

Update: BankID Security Hole Patched

A previous post described a security hole used for big-time fraud abusing the Swedish BankID.

The company behind BankID, Finansiell ID-Teknik AB, announces a remedy, available immediately.
Continue »

The Gaping Security Hole in Swedish BankID

The Swedish BankID, a digital authentication and signature framework, is a huge success. Even with the small (10 M) population of Sweden, the number of authentications runs into billions annually.

However, unfavourable publicity recently hit BankID. A number of very public big time fraud convictions broke the hush-up wall that banks traditionally build around their security. All of a sudden customers of banks and financial institutions were flooded with information on how to handle their BankID in order to protect themselves.

Can BankID really be broken? A “yes” seems obvious, but, well, not exactly.
Continue »

E-signatur hos Coop/MedMera (In Swedish)

Fortsättning på tidigare tema, nu med MedMera Bank. Banken begär information från sina kunder, bland annt för att uppfylla penningtvättlagen. De uppgifter banken begär fyller jag i i min webbläsare. Så kommer underskriften. Continue »