By Lyal Collins
Principal, ASCF
Email: lyalc@ozemail.com.au
This paper is a discussion on costs associated with "confidence endowed" digital certificate implementations. Presently, there is little open discussion of the overheads associated with deploying digital certificates, yet such discussion is essential to ensure the PKI proposals that standards bodies and governments are defining on our behalf.
Levels of confidence and indicative costs are compared for large scale, bank like commercial deployments of digital certificates and the resulting digital signatures from these deployments.
Lyal Collins spent 10 years working with National Security systems with the Department of Foreign Affairs and Trade before joining Commonwealth Bank of Australia in 1994. Four years and a security related patent later, he is now the principal of ASCF, consulting firm specialising in electronic commerce strategies, internet security and payment technologies.
Authentication of remote parties, especially where those parties have never previously met, is a difficult challenge, one which digital certificates are intended to answer. As yet, there is little discussion on the commercial implementation of digital certificate or PKI (Public Key Infrastructure) systems
The algorithms implicitly supporting digital certificates and signatures provide a definitive "true or false" indication in relation to a signed item of data. The conditions under which digital certificates are issued, and digital signatures generated impact upon the exact meaning of the "true or false" result obtained by their use.
Rather than focussing upon the term "trust", this document uses the concept of "confidence"; confidence imports a sense of accepted risk whereas " trust " used in this arena often conveys the complete absence of doubt or risk.
This paper discusses some operational costs of Certificate Authorities (CA) for widespread deployment of "confidence endowed" digital certificate systems. Some comments may also apply to localised and "closed" usage environments.
The paper discusses costs associated with Certificate Issuing and End User Support.
Typically, a digital certificate is described as a "document of identity", but may "certify" additional attributes, such as age, residential address, electronic address, organisational authority (e.g. purchasing officer, CEO, access to business or personal accounts etc)
Credit cards and cheques are widely accepted due to the application of consistent and reliable user authentication processes to the account opening or the issuance of a credit card. The challenge is to reproduce similar levels of confidence with electronic techniques. The potential for fraud and mistrust the market could suffer if a credit card or cheque book were to be issued on the basis of a phone call or a post box mailing address, is immense.
Typically, certificate based systems do not indicate the nature of the originating environment. The recipient is left hoping the originator practices appropriate security measures but without any cost effective means to verify that this is actually the case.
Confidence in traditional signatures is based on the presumption that forgery is rare, and detectable. Certificate Practice Statements (CPS) and digital signature systems give the signature recipient the same presumption but leave the originator to disprove this presumption without reliable technology based evidence to support or deny this presumption.
Likewise, it is unreasonable to expect that confidence in digital certificates can be achieved when they are issued on the basis of a phone call, or via the Internet. Should this certificate enable account or payment access, the confidence that a recipient may place in transactions may be low, or non-existent. Verisign's Class 2 (CPS) [1] shows the basis for confidence in their identification processes.
Many proposed mechanisms suggest [2] or specify identify verification will be performed in person, generally in conjunction with the provision of documented evidence. Indeed, it is unlikely that evidence free procedures for certificate issuing will achieve marketplace confidence. For example, although a bank already knows its customers, the bank needs to be highly confident verify that it acts upon the customer's wishes. The certificate must only be provided to the real customer in order for the bank to manage it's customer obligations.
Identify Verification Costs
In the case of a bank, it may be assumed to take 5 minutes to check documents provided at a counter, with the cost of that counter staff is $100 per hour (premises, wages and document storage and handling costs). The per certificate cost is of identity verification is approximately $8.34. Off-line document verification cost may actually be higher where paper signature verification is required. Distribution media costs can be assumed to add about $2.00 - $5.00 per certificate. Other options such as issuing passwords on account statements etc are also possible, but typically require application development and integration costs.
Set up cost items for over-the-counter identification including training, application processing systems, customer education, and distribution media (certificates require electronic media for distribution). Estimated Smartcard unit costs of $5.00 and mailed diskette costs of $2.50 are used.
For an example involving 1000 sites or branches, each with 5 staff, these costs can exceed $10million (averaging $10,000 per site). Expectations of greater take-up in subsequent years required scalable and flexible systems are required, adding to set-up costs.
If this example bank targets 100,000 customers in the first year, the total set-up costs is around $10million, while cost per issued certificate is around $100.00. Targeting 1 million customers drops the unit cost to approximately $10.00 - 12.00 for this example. Smartcard reader costs are ignored here, but can be expected to add at least $100 per access point in these example quantities.
For validity checking of these assumptions, PBS in Denmark has indicated that the combined cost of installing and accrediting a SET CA and payment gateway for its member banks was US$15 million, while another Scandinavian credit card processor reported around US $1m to install a SET gateway [3].
We can therefore take this as an approximate benchmark cost for issuing certificates.
The required capital needs to be invested if digital certificates are to be used with confidence.
The question of who will bear these costs needs to be considered. Many Australian consumers pay $20 or $30 per year for a credit card. Increasing this by $10 is a 50% increase to the consumer, and unlikely to be accepted by consumers. For credit card use, digital signatures may actually increase consumer risk profiles, since Mail Order/Telephone Order provisions will most likely not apply, increasing buyer liability for credit card purchases. Consumer acceptance therefore requires careful promotion for successful adoption of certificates.
Certificates are not widely used for several, which include a lack of business understanding of certificates, and few direct benefits from implementing certificate based systems. It is rare for CEOs or CIOs approve project budgets on the basis of indirect benefits, or the promise of mid to long term tangible benefits.
Obviously, education and training will go along way toward reducing those factors reducing take-up levels.
Education needs to start at the top, so that the CEO and CIO level officers within the company know what, and why they are launching into the use of certificates.
This is often not as easily as it sounds, since e-commerce fundamentals also must be covered in this education process. A shortage of access time to these senior executives often means the message doesn't get through, or becomes garbled along the way.
Password Maintenance
Many other proponents of certificate based systems claim they will replace the multiple passwords that we all accumulate over time.
In reality, the need for centralised password management is removed, while password or biometric techniques are still required to control use of the certificate.
What has changed is that password administration is now managed at the end-user's location, not centralised at head office, or the LAN server etc. For many software applications today, this also means the end-user manages their own passwords, and the process can no longer be audited.
This, it is claimed, will mean the end of help desks devoted to password maintenance for end-users. While no empirical data exists for this claimed benefit, care must be taken with the implementation to ensure that the password maintenance functions decrease support costs
Since passwords are now decentralised, and managed on end-user machines, the help desk can no longer reset lost or forgotten passwords. Instead, the certificate now must be replaced when a password is lost or forgotten. Where motivation for implementing digital certificates is the reduction of help desk costs, care must be taken to ensure the reverse does not occur.
Assuming every system one accesses is certificate aware, there is now a single point of access control at the end-user's system. A single point of control is also a single point of failure. Depending upon the business models and user needs, implementing such an approach may be very dangerous, particularly if high value transactions, high trust or safety critical applications are involved.
An examination of costs associated with issuing identity certificates shows that there are significant unit costs involved.
Support costs were also discussed, showing that support costs may not reduce unless careful process planning and extensive user education is undertaken.
The ability to transparently integrate digital certificates into business processes is not yet available due to poor support in COTS (Commercial Off The Shelf) applications.
While this situation is improving, better integration is essential before certificate based technology provides enough simplicity and reliability for widespread operation in organisations.
When these factors are better understood, clear business cases and reliable certificate and digital signature operations will result.
[1] The Verisign Class 2 Certificate Policy Statement (CPS) includes words to the effect that Class 2 certificates "are issued without requiring the applicant's personal appearance before a trusted party such as a notary; therefore, relying parties should take this into account before accepting a Class 2 certificate as identification of the subscriber
[2] See SAA MP75-1996 "Strategies for the implementation of a Public Key Authentication Framework (PKAF) in Australia", Standards Australia. Also see the AADS proposal authored by Lynn Wheeler at http://www.garlic.com/~lynn/
[3] Reported in "Momentum Grows For SET Protocol", http://www.internetwk.com/news/news0601-3.htm