The Application of 3rd Party Certification Programme in Malaysia

Third party certification is a process by which a product or service is reviewed by an independent third party to validate a set of standards, claims or criteria are being met. It provides a measure of conformity, satisfy customer demands and limit supplier risks by eliminating the expense of repeating testing. It is a kind of certification that gives confident to customers to surf internet due to the increased in phishing and spoofing attacks on the internet. For example, it can avoid online users’ computer system being spammed, hacked and attacked by malicious software such as virus, Trojan horse and worms. Besides, it can secure the confidential information of the online users such as IC number, passwords, credit card numbers, telephone number and etc. The most famous application of third party certification programme in Malaysia is provided by MSC Trushgate.com Sdn Bhd.

MSC Trustgate.com Sdn Bhd was incorporated on 1999 and is a licensed Certification Authority (CA) operating within the Multimedia Super Corridor. Certification Authority (CA) is the body that given the license to operate as a trusted third party in the issuance of digital certifications. The reasons for this incorporation are to meet the growing need for secure network communications and become the catalyst for the development of e-commerce, both locally and across the ASEAN region.

Besides, MCS Trustgate.com Sdn Bhd is licensed under the Digital Signature Act 1997 (DSA) which is a Malaysian Law that sets a global precedent for the mandate of a CA. Thus, as a CA, MCS Trustgate.com Sdn Bhd’s core business is providing digital certification services, such as cryptographic products, digital certificates, and software development. For instance, the company has provided solutions and trusted services to help companies to build a secure network and application infrastructure for their electronic communications and transactions over the network. Furthermore, they also delivering high quality services by brought their recognitions with the government, enterprises and e-commerce sites. The example of products and services that provided by MCS Trustgate.com Sdn Bhd are SSL Certificate, Managed PKI, Personal ID, MyTRUST, MyKard ID, SSL VPN and etc. Furthermore, MSC Trustgate.com Sdn Bhd are also is an affiliate of VeriSign in the South East Asia region and a member of VeriSign Trust Network.

The vision of MSC Trustgate.com Sdn Bhd is to enable organizations to conduct their business securely over the Internet, as much as what they have been enjoying in the physical world. This is due to the security is the primary concern of entering into the new Internet economy.

In order to help all types of institutions and companies conducting their businesses over the Internet, MSC Trustgate.com Sdn Bhd provides the finest Public Key Infrastructure (PKI) for them. Managed Public Key Infrastructure (MPKI) service is a fully integrated enterprise platform designed to secure intranet, extranet, and Internet applications by combining maximum flexibility, scalability, and performance, with greater security and availability. This service allows enterprise to establish a robust PKI and Certification Authority (CA) system cost-effectively and quickly with complete control over security policies, certificate lifecycle management, authentication models and PKI hierarchies.

The service also enables lower operating costs and faster deployment while providing an open platform that integrates with off-the-shelf solutions. By using this service, many organizations can set up their own multiple digital certification program easily, quickly and economically. They can issue 250 or more digital certificates to partners, customers, employees or supplies. This solution helps to secure online transactions, sign them digitally and control the access to intranets and extranets.

MyKad is designed by government with PKI capability that allows its holder to conduct online transaction with privates sectors and government agencies. MCS Trustgate.com Sdn Bhd had provided MyKey which is the solution that allowing users to authenticate themselves online and to sign documents or to conduct transaction digitally. Moreover, MSC Trustgate.com Sdn Bhd is the main PKI developer and integrator for MyKad which offered different types of MyKey (MyKad PKI) modules for developers who desires to develop MyKad applications such as MyKey Application Programming Interface (API) and MyKad Client Kit.

About VeriSign
VeriSign, Inc. is the trusted provider of Internet infrastructure services for the networked world. Billions of times each day, it allows companies and consumers all over the world to engage in trusted communications and commerce through its SSL, identity and authentication, and domain name services. It has the ability to know and trust the parties with due to doing business and communicate in the networked world has become critical.

Besides, VeriSign internet infrastructure has become the heart of the Internet by protecting valuable data and enabling key transactions. This is because VeriSign has facilitates 50 billion authoritative Domain Name System (DNS) queries a day since 1998 with 100% availability. It also intends to increase the capacity of the .com and .net DNS by 10 times by 2010 to provide the stability and security required for global online transaction. It has issued 2 million VeriSign® Identity Protection (VIP) credentials to consumers for strong authentication on a network of leading Web sites so that consumers will feel confident when the conduct online business transaction.

VeriSign SSL Certificates is the public encrypted key that Webmaster sends to CA which is a standard part of most web browser packages and web server when works with the Secure Sockets Layer (SSL) technology. It is the leading Secure Sockets Layer (SSL) Certificate Authority under MCS Trustgate.com Sdn Bhd which enables the security of communications, e-commerce and interactions for websites, extranets and internets. It means that VeriSign is used to enhance the security of server of the website and providing security solutions to protect organization’s consumers, website, networks and brand. It also increases customers’ confidence in conducting online business transaction due to the increased phishing and spoofing attacks on the Internet. VeriSign also will protects the organization’s website and make it easier for the visitors build trust on the organization because the encryption of sensitive information during online transaction is enabled .Each of it has unique, authenticated information about the certificate owner which his or her identity will be verified by Certificate Authority when it is issued.

Digital certificate is usually attached to an e-mail message or an embedded program in a web page in order to verify that user or website is who they claim to be. The general functions of digital certificate are user authentication, encryption and digital signatures. User authentication will provide security by using username and password. Encryption will make the data transmission secured through the information encrypted. So, recipient of the data is the person who only can receive the message. Digital signatures are like the hand signature in the digital world which can ensure the integrity of the data. Therefore, the users will conduct online transaction confidently without fear of the personal data being stolen, transacting party denying any commercial commitments and information corrupted by third parties. Moreover, the digital certificate can assist in the development of internet based activities.

In conclusion, by applying the 3rd party certification is secured for e-shopping and enhance the trust and confident to the organizations’ website and products..




Reference:

http://msctrustgate.com/about_us.htm
http://www.mykey.com.my/Website/home.php
http://www.verisign.com/corporate/information/index.html
https://www.msctrustgate.com/product/mpki.htm