Information Security
- Q1. What do I need to know about data protection when using GovHK online services?
- Q2. What authentication methods do GovHK online services use?
- Q3. I got a warning message saying "Website Certified by an Unknown Authority" or “Secure Connection Failed” when I use GovHK online services. What should I do?
- Q4. I got warning messages saying "The security certificate was issued by a company that is not trusted " when I use GovHK online services. What should I do?
GovHK uses SSL protocol to encrypt data during network transmission to protect your personal data. All personal data you provide to the Government via GovHK are secured, and access to them is restricted to authorised personnel only.
For general tips on information security, visit the following pages on the InfoSec website:
- Points to note when handling your personal information ( http://www.infosec.gov.hk/english/yourself/personal.html )
- Points to note when handling your accounts and passwords ( http://www.infosec.gov.hk/english/yourself/account.html )
- Points to note when surfing the web and e-shopping ( http://www.infosec.gov.hk/english/yourself/surfing.html )
- Making enquiries and reports to Government and related organisations about information security and computer crimes ( http://www.infosec.gov.hk/english/publics/publics.html )
Different GovHK online services may apply different authentication method(s) as appropriate for the level of security required by their transactions with the users. Possible authentication methods include:
- user ID and password;
- digital certificate stored on a floppy disk or hard disk, whereby user will be required to enter a password and specify where the certificate is stored; or
- the Hongkong Post e-Cert stored on a smart identity Card, whereby the system may prompt for the e-Cert password during the authentication process.
Each online service will specify the applicable authentication method(s). Please refer to the FAQs of individual service for details. For general information about digital certificates and authentication, please refer to the following FAQs section.
- FAQs about digital certificates and authentication ( http://www.gov.hk/en/about/helpdesk/faq/digitalcert/index.shtml )
Warning screen by Firefox 2:
Warning screen by Firefox 3:
GovHK online services make use of certificates issued by the Hongkong Post. You should configure your browser to recognise certificates issued by the Hongkong Post. Please visit the following page to download and install the Hongkong Post Root CA Certificates as illustrated below:
- Hongkong Post Root CA Certificates ( http://www.hongkongpost.gov.hk/product/download/root/index.html )
- Click on the link for “Hongkong Post e-Cert CA1” as highlighted above
- For Internet Explorer users, click “Open”, “Install Certificate” and then click “Next” two times to install the Hongkong Post root certificate
- For Firefox users, tick the checkbox “Trust this CA to identify websites” and click “OK”
- Click on the link for “Hongkong Post Root CA1” as highlighted above and repeat steps 2 or 3
Please also see Q4 below if you see additional warning messages.
GovHK online services make use of certificates issued by the Hongkong Post. You should configure your Java software to recognise certificates issued by the Hongkong Post. Please follow the steps below:
- Visit the links in Q3 above to download both “Hongkong Post e-Cert CA1” and “Hongkong Post Root CA1” to your harddisk. You need to right click on each of the links as highlighted in Q3 and select “Save Link As” to store the certificate file to your harddisk.
- Start Windows Control Panel and open “Java”
- Select the tab “Security” and then the button “Certificate”
- Select “Secure Site CA”
- Click “Import”, change the file type to “all files” and select the “Hongkong Post e-Cert CA1” certificate that you have downloaded to your harddisk in step 1
- Repeat step 5 for “Hongkong Post Root CA1”