About Us - Galexia News
OECD issues Recommendation and Guidance on Electronic Authentication - June 2007
On the 12th of June 2007, the OECD Council adopted a new Recommendation on Electronic Authentication. The Recommendation recognises the role that electronic authentication can play in developing trust in online transactions by providing certainty and strengthening protection of information security and individuals’ personal data. It calls on member countries to: work towards “technology-neutral” approaches for authentication in both domestic and cross-border contexts; foster the development, deployment and use of sound electronic authentication mechanisms that meet privacy and security needs; encourage compatibility and interoperability of authentication schemes as a means to facilitate cross-sectoral and cross-jurisdictional use; and raise awareness, including among non-members, of the benefits of the use of electronic authentication. The Recommendation is specifically aimed at “electronic authentication of persons and entities” as opposed to authentication of the validity of documents or electronic signatures.
The Recommendation is accompanied by a Guidance document, defining a set of ‘Foundation’ and ‘Operational’ Principles for the use and implementation of authentication mechanisms. The Foundation Principles identify security, privacy, and risk management goals and establish that the roles and responsibilities of different participants in the authentication process should be proportionate to their degree of knowledge and control. The Operational Principles address issues of usability, fitness for purpose, education, disclosure, complaints handling, audits and assessments, cross-jurisdictional recognition and interoperability, and standards.
- OECD Recommendation on Electronic Authentication and Guidance for Electronic authentication (external site) »