Fraudulent certificates a "time bomb" says eTick MD

The fraudulent issuing of digital certificates in Microsoft's name was a "time bomb waiting to happen" the managing director of eTick Australia Brett Whitford said.

He said the incident highlights just how much responsibility is placed in the hands of certification authorities and the need for physical audits of organisations applying for digital certificates.

The use of digital certificates for online authentication is expected to more than double over the next five years in Australia and Whitford said physical auditing cannot be neglected.

"We currently have the absurd situation where applying for some classes of digital certificate is like being permitted to apply for a passport online without having to provide any proof of identity," he said.

"If a thorough audit and certification process is not undertaken we risk decreasing the value of digital certificates and undermining confidence in the marketplace; in the face of breaches such as the one involving Microsoft this step is an important part of the process."

As a global audit and certification authority eTick is seeking support to develop "trust lists" in a Pan Asian e-commerce alliance.

Join the newsletter!

Error: Please check your email address.

More about eTickMicrosoft

Show Comments