ARTICLE: The missing ingredient in digital certificate management

How a simple integration can safeguard trust in tomorrow’s digital economy

The world’s digital economy owes much to the enabling properties of digital certificates.

stephan-wolf
Stephan Wolf, Chief Executive Officer at the Global LEI Foundation

This latter point exposes yet another problem. Entities’ circumstances change; digital certificates do not. Should an entity rename itself, move premises or change its legal status, for example, these vital updates can not be reflected in their live certificates. Updating them effectively means starting again: legacy certificates are revoked. Updated certificates are reissued. However, this process only works in some circumstances. In case a downstream application can’t access the relevant revocation list, outdated information persists.

This, of course, assumes that the entity does what it should. In reality, a fair number of organisations will allow their active certificates to persist unchanged until their natural expiration date, and only then update their data. Whether this occurs deliberately or unwitting is, to some extent, immaterial, since the result remains the same: certificate information held about that organisation is not kept up to date in a systematic way, or at all, by the information holders. The broader implication is that certified information is in circulation when it is out of date, and that organisations may also often have multiple certificates under different names, each with varying and inconsistent information. In short, the trust system is undermined.

This ‘maintenance problem’ intensifies as entities expand their use of digital certificates across a broader range of business activities, such as approving business transactions and contracts, client onboarding, transacting within import/export and supply chain business networks, or submitting regulatory filings and reports.

In response, entities urgently need a fast and simple way to ensure the information they are obtaining through digital certificates is suitably reliable.

An elegant solution: Integrate the LEI into digital certificates

Integrating the Legal Entity Identifier (LEI) into digital certificates at the point of issuance addresses these issues head-on. The LEI is a 20-character, alpha-numeric code based on the ISO 17442 standard that connects to key reference information to enable clear and unique identification of legal entities, globally. Each LEI contains information about an entity’s ownership structure, answering the questions of ‘who is who’ and ‘who owns whom’ – crucial for those operating to mitigate risk.

If the LEI can be embedded into digital certificates, it can become the common link between them that is so urgently needed. This would allow anyone to easily tie together all certificate records associated with an entity, determine which certificates are current, and clear up variances. In this way, it can provide certainty of identity and trust in any online interaction between entities, making it easier for everyone to participate safely in the global digital marketplace. It also significantly reduces the complexity and cost, both people and technology-related, associated with due diligence and validation of customers, partners and suppliers.

In order to facilitate the use of LEIs in digital certificates, the Global LEI Foundation has been working closely with standards setting organisations such as the International Organisation for Standardization (ISO) and ETSI European Telecommunications Standards Institute in the EU. These technical standards are necessary for the certificate authority industry to consistently embed LEIs into certificates.1

Looking ahead: digital solution adoption, APIs and new use-cases for digital certificates

Global LEI Foundation research that identified KYC challenges in the financial services industry reveals that 61% of stakeholders believe that the growth of digital solutions will actually make identity verification more difficult. As entities continue to adopt digital solutions that utilise emerging technologies, such as IoT and blockchain, their use of digital certificates will increase, not least because digital certificates technology now has consolidated regulatory backing, which enables greater reliability and trust in digital identity. This will continue stimulating further demand for precisely the kind of automated verification that the LEI can enable. To cope with this level of demand, certificate handling has no choice but to become faster, and current information must be obtainable on demand via application programming interfaces (APIs). Here, the LEI could become an essential building block for the usage of digital certificates – and digital signatures – in any kind of distributed supply-chain.

Today, different digital ID systems are based on varying standards, keys and encryption and the only common link between them is the entity name, which can vary widely and change over time. Without a consistent numerical link between IDs, automated methods will always result in errors and further challenges for organisations. The LEI is perfectly poised to provide this consistent link and, by doing so, cement its position as a force for good in the digital economy as a whole.

For more information about how to simplify identification in the global digital economy with the LEI watch this video: https://www.youtube.com/watch?v=SL6gWP7IsVc

Author: Stephan Wolf, Chief Executive Officer at the Global LEI Foundation

gleif-logo