The most widespread use of PKI is server identification certificates. SSL requires a PKI certificate on the server to assert its identity in a trustworthy manner to the client. Every HTTPS web server connection uses SSL and therefore also uses PKI. This outreach web focuses on client-side applications of PKI - using end user PKI certificates instead of or in addition to server certificates.

Client-side applications of PKI fit three main categories:

1. Authentication
2. Digital signatures
3. Encryption

Authentication applies to any application that needs to know with assurance the identity of the user and that the user is actually the one who is present. Traditional authentication typically uses usernames and passwords. PKI provides a more secure titleernative to this whereby identity is proven by possession of a private key instead of a password. A password is still usually required to protect the private key, but that password is managed locally by the user instead of shared with the application server (a major improvement in security).

Digital signatures enable a user to put their "digital John Hancock" on an electronic document. This is directly analogous to signing in pen on a paper document except it goes one step further and associates the exact contents of the digital document with the signature in a way that makes tampering with the document's contents after the signature easy to detect. Again, it is possession of the private key that assures that only the owner of the PKI digital credentials could have executed the signature.

Encryption is standard protection of data in a file with a twist. Anyone can encrypt data intended to be read by a particular user by using their public key for the encryption process. But only the designated user possesses the private key that can decrypt the data, so its privacy is assured by the security of their private key.

Our site www.ipoengine.in is a unique example of all the above three categories. It provides an opportunity for banks & stock brokers to enhance their revenue streams by offering investors internet based e-subscriptions to IPO and Public Issues of Equity and Debt.

IPOengine can integrate into a bank or brokers' website as a private label experience in an ASP mode allowing a quick start-up with a low one time integration and per application fee. Now it does not matter where your investor is located, he now has access to your services on a 24x7 basis without the need to spend time, effort and money in communicating his intentions to subscribe for an IPO or Public Issue.

This website of www.ipoengine.in is a proof of concept demonstration of how an end-to-end online system of managing, collecting and reconciling an IPO / Public issue is possible using key components of PKI (The IT Act 2000) with digital certificates, online internet banking payment and the ability to collate and disseminate investor data using state-of-the-art RDBMS.

  Back to Top