The OISTE Foundation
Founded in 1998, OISTE was created with the objectives of promoting the use and adoption of international standards to secure electronic transactions, expand the use of digital certification and ensure the interoperability of certification authorities’ e-transaction systems.
OISTE holds special consultative status with the Economic and Social Council of the UN (ECOSOC) and is an accredited member of the Non-commercial Users Stakeholders Group (NCSG) of ICANN as part of the Not-for-Profit Operational Concerns (NPOC) constituency.
transfer the control and management of technologies dealing with digital identities to neutral authorities working for the public interest.
an Internet where users engage in online transactions and communications under systems of digital identity management that offer robust protection against fraud and theft, while protecting the fundamental right to privacy.
(1) represent the voice of civil society in the debate about the social and political dimensions of different solutions to digital identity management; (2) represent the voice of civil society in the debate about the legal, economic and technical dimensions of Public Key Infrastructures (PKI) as a solution to strong digital identification of persons, objects and content.
* * * * *
OISTE and the World Summit of the Information Society (WSIS)
OISTE fully embraces the Geneva and Tunis Declaration of Principles (B5 / Art 35) which states…
“Strengthening the trust framework, including information security and network security, authentication, privacy and consumer protection, is a prerequisite for the development of the Information Society and for building confidence among users of ICTs”.
OISTE’s contribution at the WSIS 2003
In 2003, OISTE advocated for the transfer of the control and management of technologies related to domain name systems and digital identity management to neutral authorities working on the public interest as a means to solving the problem of the shortage of DNS and setting up a universal, neutral and inter-operable root certification authority for digital identity.
OISTE’s contribution to the WSIS 2005
In 2005, OISTE underlined the challenge to which all states are confronted: holding a right to their citizens’ identity in the digital world. The difficulty lies in the fact that whilst the state fulfils a role of identity management in the physical world, in cyberspace nobody holds the same level of authority. As a result, digital identity management becomes an ad-hoc matter, with many, often improvised solutions, none of them more authoritative than the others. In the Internet, the citizen mutates into the end user: e-mail addresses, user-names and passwords replace national identity.
In 2005 the OISTE Foundation insisted on the importance of setting up the basis for certified digital identities using Public Key Infrastructures (PKI), building and respecting international standards, under the coordination of a Policy Approval Authority (PAA), using a primary root key that guarantees universal technical and legal interoperability.
OISTE’s contribution to the WSIS Forum 2012
The International Secure Electronic Transactions Organization, OISTE, convened a workshop during the WSIS Forum 2012 under the title “Matching the speed of the running code: public awareness and digital identity management”. During this meeting, OISTE published a Position Paper proposing the following:
Strengthening the trust framework
The OISTE foundation recognizes the importance of showing improvements in Agenda Action Line 5, Building confidence and security in the use of ICTs and Line 7, the development of ICT applications to e-government, e-health, e-education, e-business, e-agriculture; but wishes to emphasize that this will not be possible unless all stakeholders succeed in introducing secure, interoperable and user-centric methods of digital identity management.
Furthermore, the OISTE Foundation reminds all stakeholders that finding workable solutions to digital identity management is a precondition for establishing a global culture of cybersecurity.
In this sense, the OISTE Foundation stresses the importance of:
- Addressing the hard issues linked to the use of cryptography and Public Key Infrastructures (PKI), which constitute the foundation for providing robust and authoritative digital identities: i.e the lack of interoperability; the automatic recognition by the web-browser and the barriers linked to local law;
- Considering the convenience of establishing an International Clearing House that will deal with the problems listed above, upon which all stakeholders will confer the authority to create a secure Identity Ecosystem. The main function of this International Clearing House is promoting collaboration between the private and the public sector;
- Agreeing on the need of a binding international legal framework for the protection of privacy, personal identifiable information and personal data;
- Prioritizing the adoption of improved methods of digital identity management for effective child protection over the Internet;
- Encouraging the development of low assurance solutions to digital identity management and educating the public about when and where these solutions are appropriate.
Collaboration with the International Telecommunications Union (ITU)
After the ITU launched the initiative Electronic Commerce for Developing Countries (EC-DC) in 1998; OISTE, in association with WISeKey and the World Trade Centre were among the first partners to sign a partnership agreement with ITU. Considerable financial contributions followed towards infrastructure, services and training for developing and least developed countries expanding the scope of the initiative from e-commerce to e-government, e-procurement, e-health, e-learning and e-payments using Public Key Infrastructure (PKI), operated from OISTE’s cryptographic root.
In the scope of two years, more than 220 organisations including telecom operators, ministries, chambers of commerce, Internet Service Providers, trade associations, NGOs and financial institutions benefited from the first electronic certification authority (CA) for developing and least developed countries. In the year 2000, a training workshop attracted some 500 participants from 128 countries.
Among many examples of beneficiaries, it is worth mentioning a PKI-enabled secure B2B portal in Mauritius, successful collaborations with Fundandina in Venezuela, Vinakey in Vietnam, Corporación Ecuatoriana de Comercio Electrónico (CORPECE) in Ecuador, Câmara de Dirigentes Lojistas in Brazil, LimaTel in Perú and many others.
A number of these initiatives are still active in the field of e-commerce and e-government.
- GV – ID (Globally Verifiable Digital Identity for Migrants), with different multilateral organizations (World Bank, INTERPOL) and the Association for International Mobility
- Globally Verifiable Seafarers’ Identity Document and Services Platform, together with the Association for International Mobility (AIM) and INTERPOL
- January 2014, round table at the Davos World Economic Forum co-organised with the Fraunhofer Institute for Open Communication Systems (FOKUS) and the International Organization for Knowledge Economy and Enterprise Development (IKED): “Addressing Identity Management, Privacy, Security and Trust in Digital Communication”
- January 2015, round table at the Davos World Economic Forum co-organised with the Fraunhofer Institute for Open Communication Systems (FOKUS) and the International Organization for Knowledge Economy and Enterprise Development (IKED): “Searching new business models for digital identity management: empowering the end user”. Access the content at https://www.youtube.com/watch?v=Xt3csSymGyg
- Assessing the role of cryptography in protecting privacy and ensuring trust in modern communications, ongoing conversation with government missions, UN bodies and international NGOs in Geneva
- The right to disappear online;
- The defence of the fundamental right to privacy in the digital world.
- The OISTE Foundation is a signatory of the International Principles on the Application of Human Rights to Communications Surveillance.
Technical & Financial audit:
- Technical: WTE y E. Alvarez Auditores, Sevilla, Spain
- Financial audit (OISTE): Duchosal Berney, Révision Fiscalité Fiduciare SA, Genève
Compliance with Principles and Criteria for Certification Authorities (CAs)
AICPA / CICA (The American Institute of Certified Public Accountants / Canadian Institute of Chartered Accountants)