Electronic authentication such as a digital certificate can serve the function of online identity verification. In addition, digital certificates can encrypt sensitive information in online transactions. Here you can learn more about electronic authentication, what digital certificates do, the digital certificates recognized in Hong Kong and some of the online Government services that accept them.
Electronic authentication is the process of establishing confidence in user identities presented electronically in the cyber world. You can learn more about the safety, guidance and common practices in the conduct of electronic authentication in the website below.
- More on Electronic Authenticationhttp://www.e-authentication.gov.hk/en/home/index.htm
Digital Certificates and Their Uses
A digital certificate is a form of electronic record that serves as an identification of who you are in conducting online transactions. Under the Electronic Transactions Ordinance (Cap. 553) (ETO), electronic or digital signatures have the same legal status as paper-based signatures.
For transactions not involving Government entities, a signature requirement under the law can be met by any form of electronic signature including digital signature so long as it is reliable, appropriate and agreed by the recipient. For transactions involving Government entities, a signature requirement under the law can be satisfied by a digital signature supported by a recognized digital certificate.
Digital certificates can be carried in Hong Kong ID Cards, installed in your PCs and other storage devices where appropriate. Usually, your digital certificate is protected by a password of your own and you will be asked to enter your password before accessing your digital certificates for online transactions.
Digital certificates are issued by certification authorities. Hongkong Post Certification Authority is a recognized certification authority by virtue of the ETO. A commercially-run certification authority can also apply to the Government Chief Information Officer to become a recognized certification authority on a voluntary basis. Recognition will only be granted to those certification authorities and digital certificates that have reached a standard acceptable to the Government.
- More on the Electronic Transactions Ordinance (Cap. 553)http://www.ogcio.gov.hk/en/regulation/eto/
Digital Certificates Recognized in Hong Kong
Recognized digital certificates for personal use currently available in Hong Kong are issued by the two recognized certification authorities, namely the Hongkong Post Certification Authority and Digi-Sign Certification Services Limited.
Hongkong Post e-Certs
Hongkong Post Certification Authority is the public recognized certificate authority in Hong Kong. It issues recognized digital certificates under the brand name “e-Cert”, for personal and organisational use. The e-Certs can be used in a range of Government e-services, online banking services and other services like exchanging encrypted electronic documents with third parties.
The operation of the e-Cert services of the Hongkong Post Certification Authority has been outsourced through an open tendering exercise to a private contractor, namely E-Mice Solutions (HK) Limited since 1 April 2007. E-Mice will run the e-Cert operation until 31 March 2012. Notwithstanding the contracting out of the service, there will be no change to the Hongkong Post Certification Authority’s status as a recognized certification authority under the ETO. The level of e-Cert services provided to the public will not be affected. The fees also remain unchanged.
- More on Hongkong Post e-Certshttp://www.hongkongpost.gov.hk/index.html
Digi-Sign Certification Services Limited is a commercial recognized certification authority. It issues digital certificates under the brand name of “ID-Cert” for both individuals and organisations. The ID-Certs can be used in a range of services such as Government e-services, online banking, online trading and other services involving exchange of electronic documents.
- More on Digi-Sign ID-Certshttp://www.dg-sign.com/eng/index.htm
Online Services that Require Digital Certificates
There is a list of Government online services which require the use of digital certificates. In the commercial sector, digital certificates are accepted by banks, securities trading houses, e-merchants and many more.
- More on Government online services that require digital certificateshttp://www.gov.hk/en/residents/onlineservices/
- More on commercial services that require digital certificateshttp://www.hongkongpost.gov.hk/activity/smartid/benefit/bonus.html
Last review date: January 2013