intra-asean secure transactions framework 310815 - etda · for secure e-transactions legal...
TRANSCRIPT
![Page 1: Intra-ASEAN Secure Transactions Framework 310815 - ETDA · for secure e-Transactions Legal Framework for secure e-Transactions is almost ready. A little reminder: Legal is the supporting](https://reader034.vdocuments.site/reader034/viewer/2022050200/5f53754f59c965234f299f2e/html5/thumbnails/1.jpg)
Intra-ASEANSecure Transactions Framework
>"!#$()(*#+0#=2241%.3(#
#
!""#$%&'()*(+(,) -("'$./0.1&)!"#$% !&''()%"*%+"%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#5% 6"7)%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#8% 9&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#;% <)*2%/&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
)
21#$'(3!"#$%"&'!()**+,!(-*.!
#
>">#=,,1+%3?#/+#@9(./7/A#B1++07.C
!""#$%&'()*(+(,% 456('0.+(") 71&0$1,) 8(091:)1;)
/$1'("".&<)
!"#$% =.)+'&'2%&1%>+&?>)%@&'/&+%0%,"+')A'B%
6)(-C,(0&7).%"*%1)(-C011)*').% =+CD)*1"+%"*%*)7"')%
!"#5% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'%0+.%'/)%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2%
G*""-%"-%&.)+'&'2%'/*">:/%>1)%"-%&.)+'&'2%&+-"*70'&"+%-*"7%0+%0>'/"*&'0'&4)%1">*,)%
=+CD)*1"+%"*%*)7"')%
!"#8% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'H%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2H%&.)+'&'2%&1%4)*&-&).H%0+.%&.)+'&'2%&1%>1).%&+%"'/)*%,"+')A'1%
G*""-%"-%&.)+'&'2%'/*">:/%%!" >1)%"-%&.)+'&'2%&+-"*70'&"+%
-*"7%0+%0>'/"*&'0'&4)%1">*,)%#" &.)+'&'2%&+-"*70'&"+%
4)*&-&,0'&"+%
=+CD)*1"+%"*%*)7"')%
!"#;% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'H%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2H%&.)+'&'2%&1%4)*&-&).H%0+.%&.)+'&'2%&1%>1).%&+%"'/)*%,"+')A'%
G*""-%"-%&.)+'&'2%'/*">:/%!" >1)%"-%&.)+'&'2%&+-"*70'&"+%
-*"7%7>('&D()%0>'/"*&'0'&4)%1">*,)1%
#" &.)+'&'2%&+-"*70'&"+%4)*&-&,0'&"+%
$" )+'&'2%@&'+)11).%&+CD)*1"+%
=+CD)*1"+%"+(2%
21#$'(3!"#$%"&'!()**+,!(-*.!
![Page 2: Intra-ASEAN Secure Transactions Framework 310815 - ETDA · for secure e-Transactions Legal Framework for secure e-Transactions is almost ready. A little reminder: Legal is the supporting](https://reader034.vdocuments.site/reader034/viewer/2022050200/5f53754f59c965234f299f2e/html5/thumbnails/2.jpg)
Background
● Objectives1. Provide guideline, technology-neutral framework, and legal consistency in secure transaction approaches across ASEAN member states2. Increase trust and promote secure and efficient electronic transactions through proper selection of e-authentication mechanism3. Initiate online identity provider service and authentication across cross-border systems
Initiative 2.4 “ Building Trust and promote secure transaction within ASEAN”
● What is Intra-ASEAN Secure Transactions Framework ? - Funded Project by ASEAN ICT - Part of the ASEAN ICT Masterplan 2015
>"!#$()(*#+0#=2241%.3(#
#
!""#$%&'()*(+(,) -("'$./0.1&)!"#$% !&''()%"*%+"%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#5% 6"7)%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#8% 9&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#;% <)*2%/&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
)
21#$'(3!"#$%"&'!()**+,!(-*.!
#
>">#=,,1+%3?#/+#@9(./7/A#B1++07.C
!""#$%&'()*(+(,% 456('0.+(") 71&0$1,) 8(091:)1;)
/$1'("".&<)
!"#$% =.)+'&'2%&1%>+&?>)%@&'/&+%0%,"+')A'B%
6)(-C,(0&7).%"*%1)(-C011)*').% =+CD)*1"+%"*%*)7"')%
!"#5% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'%0+.%'/)%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2%
G*""-%"-%&.)+'&'2%'/*">:/%>1)%"-%&.)+'&'2%&+-"*70'&"+%-*"7%0+%0>'/"*&'0'&4)%1">*,)%
=+CD)*1"+%"*%*)7"')%
!"#8% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'H%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2H%&.)+'&'2%&1%4)*&-&).H%0+.%&.)+'&'2%&1%>1).%&+%"'/)*%,"+')A'1%
G*""-%"-%&.)+'&'2%'/*">:/%%!" >1)%"-%&.)+'&'2%&+-"*70'&"+%
-*"7%0+%0>'/"*&'0'&4)%1">*,)%#" &.)+'&'2%&+-"*70'&"+%
4)*&-&,0'&"+%
=+CD)*1"+%"*%*)7"')%
!"#;% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'H%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2H%&.)+'&'2%&1%4)*&-&).H%0+.%&.)+'&'2%&1%>1).%&+%"'/)*%,"+')A'%
G*""-%"-%&.)+'&'2%'/*">:/%!" >1)%"-%&.)+'&'2%&+-"*70'&"+%
-*"7%7>('&D()%0>'/"*&'0'&4)%1">*,)1%
#" &.)+'&'2%&+-"*70'&"+%4)*&-&,0'&"+%
$" )+'&'2%@&'+)11).%&+CD)*1"+%
=+CD)*1"+%"+(2%
21#$'(3!"#$%"&'!()**+,!(-*.!
![Page 3: Intra-ASEAN Secure Transactions Framework 310815 - ETDA · for secure e-Transactions Legal Framework for secure e-Transactions is almost ready. A little reminder: Legal is the supporting](https://reader034.vdocuments.site/reader034/viewer/2022050200/5f53754f59c965234f299f2e/html5/thumbnails/3.jpg)
1. Law Developmentfor secure e-Transactions
● Legal Framework for secure e-Transactions is almost ready. ● A little reminder: Legal is the supporting framework, but Business Framework or Existing Flow is the main actor.
>"D =4/?(./73%/7+.#E(3?%.72-#
$" =1>(&)=?/()!""#$%&'()*(+(,)
*1!@) *1!A) *1!B) *1!C)
I)7"*&J).%6),*)'%K"L)+% ✓F# ✓F# # #
6&+:()C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % ✓# # #
6&+:()C-0,'"*%N*2D'":*0D/&,%K"L)+% % ✓# # #
I>('&C-0,'"*%6"-'@0*)%N*2D'":*0D/&,%K"L)+% % # ✓# #
I>('&C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % # # ✓#
I>('&C-0,'"*%90*.@0*)%N*2D'":*0D/&,%K"L)+% % # # ✓#
%%%%%%%%%%%%%%%%O%P)D)+.%"+%&7D()7)+'0'&"+%.)'0&(1%
21#$'(3!#/00123456!7280!9"#:!#;5<31=!>/?=3<1@38A!#>BC--BD.B*!!
!
8B%=+&'&0'&+:%"+(&+)%&.)+'&'2%D*"4&.)*%
I0DD&+:%@&'/%'/)%Q*07)@"*L%
!""#$%&'()*(+(,) 456('0.+(")
D(<."0$%0.1&)
E&FG($"1&) D(H10()
!"#$% !&''()%"*%+"%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% T70&(%U%7"E&()%D/"+)%
!"#5% 6"7)%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% I0&(&+:%0..*)11%
!"#8% 9&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% N"**"E"*0'&+:%&+-"*70'&"+%V*)(0').%'"%"+(&+)%E0+L&+:W%
!"#;% <)*2%/&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% RS#%
!"#$%&#'()(*+,-(./#0+1#2(341(#(561%.2%3/7+.2#
#
!"#$%&'( )*+,-./%,"$-("$(0.*1%&"$,1(2&/$-/1%,"$-(
)*+,-./%,"$-("$(3,+,%/.(4,+$/%#&*(
)*+,-./%,"$-("$(!'5*&1&,6*(
)*+,-./%,"$-(7"&(!"$-#6*&(8&"%*1%,"$(
)*+,-./%,"$-(7"&(3/%/(8&"%*1%,"$(
9&#$*,(# # # # #
891%0/:#!/65":,/( #
891%0/:##
891%0/:# # # ;<=#
;$:"$*-,/(( # # # # #
)/"-( #891%0/:#
;<=# ;<=# # ;<=#
</./'-,/(# # # # #
<'/$6/&(# # # ;<=# ;<=#
8=,.,>>,$*-(( # # # # #
4,$+/>"&*(# # # # #
2=/,./$:(( # # # # #
891%0/:#?,*%$/6(
( # # # # #
#
# #
![Page 4: Intra-ASEAN Secure Transactions Framework 310815 - ETDA · for secure e-Transactions Legal Framework for secure e-Transactions is almost ready. A little reminder: Legal is the supporting](https://reader034.vdocuments.site/reader034/viewer/2022050200/5f53754f59c965234f299f2e/html5/thumbnails/4.jpg)
● Methodology for selecting the proper e-authentication mechanism
2. Increase trust by proper e-authentication
● ISO/IEC 29115:2013● OMB M-04-04● NeAF
● ISO/IEC 29115:2013
● NIST Special Publication 800-63-1
1. Assurance Levels and Risk Assessments
2. Identity Proofing and Verification
3.Authentication Mechanism
>"D =4/?(./73%/7+.#E(3?%.72-#
$" =1>(&)=?/()!""#$%&'()*(+(,)
*1!@) *1!A) *1!B) *1!C)
I)7"*&J).%6),*)'%K"L)+% ✓F# ✓F# # #
6&+:()C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % ✓# # #
6&+:()C-0,'"*%N*2D'":*0D/&,%K"L)+% % ✓# # #
I>('&C-0,'"*%6"-'@0*)%N*2D'":*0D/&,%K"L)+% % # ✓# #
I>('&C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % # # ✓#
I>('&C-0,'"*%90*.@0*)%N*2D'":*0D/&,%K"L)+% % # # ✓#
%%%%%%%%%%%%%%%%O%P)D)+.%"+%&7D()7)+'0'&"+%.)'0&(1%
21#$'(3!#/00123456!7280!9"#:!#;5<31=!>/?=3<1@38A!#>BC--BD.B*!!
!
8B%=+&'&0'&+:%"+(&+)%&.)+'&'2%D*"4&.)*%
I0DD&+:%@&'/%'/)%Q*07)@"*L%
!""#$%&'()*(+(,) 456('0.+(")
D(<."0$%0.1&)
E&FG($"1&) D(H10()
!"#$% !&''()%"*%+"%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% T70&(%U%7"E&()%D/"+)%
!"#5% 6"7)%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% I0&(&+:%0..*)11%
!"#8% 9&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% N"**"E"*0'&+:%&+-"*70'&"+%V*)(0').%'"%"+(&+)%E0+L&+:W%
!"#;% <)*2%/&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% RS#%
>"!#$()(*#+0#=2241%.3(#
#
!""#$%&'()*(+(,) -("'$./0.1&)!"#$% !&''()%"*%+"%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#5% 6"7)%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#8% 9&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#;% <)*2%/&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
)
21#$'(3!"#$%"&'!()**+,!(-*.!
#
>">#=,,1+%3?#/+#@9(./7/A#B1++07.C
!""#$%&'()*(+(,% 456('0.+(") 71&0$1,) 8(091:)1;)
/$1'("".&<)
!"#$% =.)+'&'2%&1%>+&?>)%@&'/&+%0%,"+')A'B%
6)(-C,(0&7).%"*%1)(-C011)*').% =+CD)*1"+%"*%*)7"')%
!"#5% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'%0+.%'/)%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2%
G*""-%"-%&.)+'&'2%'/*">:/%>1)%"-%&.)+'&'2%&+-"*70'&"+%-*"7%0+%0>'/"*&'0'&4)%1">*,)%
=+CD)*1"+%"*%*)7"')%
!"#8% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'H%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2H%&.)+'&'2%&1%4)*&-&).H%0+.%&.)+'&'2%&1%>1).%&+%"'/)*%,"+')A'1%
G*""-%"-%&.)+'&'2%'/*">:/%%!" >1)%"-%&.)+'&'2%&+-"*70'&"+%
-*"7%0+%0>'/"*&'0'&4)%1">*,)%#" &.)+'&'2%&+-"*70'&"+%
4)*&-&,0'&"+%
=+CD)*1"+%"*%*)7"')%
!"#;% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'H%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2H%&.)+'&'2%&1%4)*&-&).H%0+.%&.)+'&'2%&1%>1).%&+%"'/)*%,"+')A'%
G*""-%"-%&.)+'&'2%'/*">:/%!" >1)%"-%&.)+'&'2%&+-"*70'&"+%
-*"7%7>('&D()%0>'/"*&'0'&4)%1">*,)1%
#" &.)+'&'2%&+-"*70'&"+%4)*&-&,0'&"+%
$" )+'&'2%@&'+)11).%&+CD)*1"+%
=+CD)*1"+%"+(2%
21#$'(3!"#$%"&'!()**+,!(-*.!
![Page 5: Intra-ASEAN Secure Transactions Framework 310815 - ETDA · for secure e-Transactions Legal Framework for secure e-Transactions is almost ready. A little reminder: Legal is the supporting](https://reader034.vdocuments.site/reader034/viewer/2022050200/5f53754f59c965234f299f2e/html5/thumbnails/5.jpg)
2.1 Level of Assurance
Source: ISO/IEC 29115: 2013 >"D =4/?(./73%/7+.#E(3?%.72-#
$" =1>(&)=?/()!""#$%&'()*(+(,)
*1!@) *1!A) *1!B) *1!C)
I)7"*&J).%6),*)'%K"L)+% ✓F# ✓F# # #
6&+:()C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % ✓# # #
6&+:()C-0,'"*%N*2D'":*0D/&,%K"L)+% % ✓# # #
I>('&C-0,'"*%6"-'@0*)%N*2D'":*0D/&,%K"L)+% % # ✓# #
I>('&C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % # # ✓#
I>('&C-0,'"*%90*.@0*)%N*2D'":*0D/&,%K"L)+% % # # ✓#
%%%%%%%%%%%%%%%%O%P)D)+.%"+%&7D()7)+'0'&"+%.)'0&(1%
21#$'(3!#/00123456!7280!9"#:!#;5<31=!>/?=3<1@38A!#>BC--BD.B*!!
!
8B%=+&'&0'&+:%"+(&+)%&.)+'&'2%D*"4&.)*%
I0DD&+:%@&'/%'/)%Q*07)@"*L%
!""#$%&'()*(+(,) 456('0.+(")
D(<."0$%0.1&)
E&FG($"1&) D(H10()
!"#$% !&''()%"*%+"%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% T70&(%U%7"E&()%D/"+)%
!"#5% 6"7)%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% I0&(&+:%0..*)11%
!"#8% 9&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% N"**"E"*0'&+:%&+-"*70'&"+%V*)(0').%'"%"+(&+)%E0+L&+:W%
!"#;% <)*2%/&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% RS#%
>"!#$()(*#+0#=2241%.3(#
#
!""#$%&'()*(+(,) -("'$./0.1&)!"#$% !&''()%"*%+"%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#5% 6"7)%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#8% 9&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#;% <)*2%/&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
)
21#$'(3!"#$%"&'!()**+,!(-*.!
#
>">#=,,1+%3?#/+#@9(./7/A#B1++07.C
!""#$%&'()*(+(,% 456('0.+(") 71&0$1,) 8(091:)1;)
/$1'("".&<)
!"#$% =.)+'&'2%&1%>+&?>)%@&'/&+%0%,"+')A'B%
6)(-C,(0&7).%"*%1)(-C011)*').% =+CD)*1"+%"*%*)7"')%
!"#5% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'%0+.%'/)%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2%
G*""-%"-%&.)+'&'2%'/*">:/%>1)%"-%&.)+'&'2%&+-"*70'&"+%-*"7%0+%0>'/"*&'0'&4)%1">*,)%
=+CD)*1"+%"*%*)7"')%
!"#8% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'H%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2H%&.)+'&'2%&1%4)*&-&).H%0+.%&.)+'&'2%&1%>1).%&+%"'/)*%,"+')A'1%
G*""-%"-%&.)+'&'2%'/*">:/%%!" >1)%"-%&.)+'&'2%&+-"*70'&"+%
-*"7%0+%0>'/"*&'0'&4)%1">*,)%#" &.)+'&'2%&+-"*70'&"+%
4)*&-&,0'&"+%
=+CD)*1"+%"*%*)7"')%
!"#;% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'H%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2H%&.)+'&'2%&1%4)*&-&).H%0+.%&.)+'&'2%&1%>1).%&+%"'/)*%,"+')A'%
G*""-%"-%&.)+'&'2%'/*">:/%!" >1)%"-%&.)+'&'2%&+-"*70'&"+%
-*"7%7>('&D()%0>'/"*&'0'&4)%1">*,)1%
#" &.)+'&'2%&+-"*70'&"+%4)*&-&,0'&"+%
$" )+'&'2%@&'+)11).%&+CD)*1"+%
=+CD)*1"+%"+(2%
21#$'(3!"#$%"&'!()**+,!(-*.!
![Page 6: Intra-ASEAN Secure Transactions Framework 310815 - ETDA · for secure e-Transactions Legal Framework for secure e-Transactions is almost ready. A little reminder: Legal is the supporting](https://reader034.vdocuments.site/reader034/viewer/2022050200/5f53754f59c965234f299f2e/html5/thumbnails/6.jpg)
2.2 Approach to Identity Proofing
Source: ISO/IEC 29115:2013
.
>"!#$()(*#+0#=2241%.3(#
#
!""#$%&'()*(+(,) -("'$./0.1&)!"#$% !&''()%"*%+"%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#5% 6"7)%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#8% 9&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#;% <)*2%/&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
)
21#$'(3!"#$%"&'!()**+,!(-*.!
#
>">#=,,1+%3?#/+#@9(./7/A#B1++07.C
!""#$%&'()*(+(,% 456('0.+(") 71&0$1,) 8(091:)1;)
/$1'("".&<)
!"#$% =.)+'&'2%&1%>+&?>)%@&'/&+%0%,"+')A'B%
6)(-C,(0&7).%"*%1)(-C011)*').% =+CD)*1"+%"*%*)7"')%
!"#5% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'%0+.%'/)%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2%
G*""-%"-%&.)+'&'2%'/*">:/%>1)%"-%&.)+'&'2%&+-"*70'&"+%-*"7%0+%0>'/"*&'0'&4)%1">*,)%
=+CD)*1"+%"*%*)7"')%
!"#8% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'H%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2H%&.)+'&'2%&1%4)*&-&).H%0+.%&.)+'&'2%&1%>1).%&+%"'/)*%,"+')A'1%
G*""-%"-%&.)+'&'2%'/*">:/%%!" >1)%"-%&.)+'&'2%&+-"*70'&"+%
-*"7%0+%0>'/"*&'0'&4)%1">*,)%#" &.)+'&'2%&+-"*70'&"+%
4)*&-&,0'&"+%
=+CD)*1"+%"*%*)7"')%
!"#;% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'H%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2H%&.)+'&'2%&1%4)*&-&).H%0+.%&.)+'&'2%&1%>1).%&+%"'/)*%,"+')A'%
G*""-%"-%&.)+'&'2%'/*">:/%!" >1)%"-%&.)+'&'2%&+-"*70'&"+%
-*"7%7>('&D()%0>'/"*&'0'&4)%1">*,)1%
#" &.)+'&'2%&+-"*70'&"+%4)*&-&,0'&"+%
$" )+'&'2%@&'+)11).%&+CD)*1"+%
=+CD)*1"+%"+(2%
21#$'(3!"#$%"&'!()**+,!(-*.!
>"D =4/?(./73%/7+.#E(3?%.72-#
$" =1>(&)=?/()!""#$%&'()*(+(,)
*1!@) *1!A) *1!B) *1!C)
I)7"*&J).%6),*)'%K"L)+% ✓F# ✓F# # #
6&+:()C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % ✓# # #
6&+:()C-0,'"*%N*2D'":*0D/&,%K"L)+% % ✓# # #
I>('&C-0,'"*%6"-'@0*)%N*2D'":*0D/&,%K"L)+% % # ✓# #
I>('&C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % # # ✓#
I>('&C-0,'"*%90*.@0*)%N*2D'":*0D/&,%K"L)+% % # # ✓#
%%%%%%%%%%%%%%%%O%P)D)+.%"+%&7D()7)+'0'&"+%.)'0&(1%
21#$'(3!#/00123456!7280!9"#:!#;5<31=!>/?=3<1@38A!#>BC--BD.B*!!
!
8B%=+&'&0'&+:%"+(&+)%&.)+'&'2%D*"4&.)*%
I0DD&+:%@&'/%'/)%Q*07)@"*L%
!""#$%&'()*(+(,) 456('0.+(")
D(<."0$%0.1&)
E&FG($"1&) D(H10()
!"#$% !&''()%"*%+"%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% T70&(%U%7"E&()%D/"+)%
!"#5% 6"7)%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% I0&(&+:%0..*)11%
!"#8% 9&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% N"**"E"*0'&+:%&+-"*70'&"+%V*)(0').%'"%"+(&+)%E0+L&+:W%
!"#;% <)*2%/&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% RS#%
![Page 7: Intra-ASEAN Secure Transactions Framework 310815 - ETDA · for secure e-Transactions Legal Framework for secure e-Transactions is almost ready. A little reminder: Legal is the supporting](https://reader034.vdocuments.site/reader034/viewer/2022050200/5f53754f59c965234f299f2e/html5/thumbnails/7.jpg)
Source: NIST Special Publication SP-800-63-1
2.3 Mechanisms
>"!#$()(*#+0#=2241%.3(#
#
!""#$%&'()*(+(,) -("'$./0.1&)!"#$% !&''()%"*%+"%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#5% 6"7)%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#8% 9&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#;% <)*2%/&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
)
21#$'(3!"#$%"&'!()**+,!(-*.!
#
>">#=,,1+%3?#/+#@9(./7/A#B1++07.C
!""#$%&'()*(+(,% 456('0.+(") 71&0$1,) 8(091:)1;)
/$1'("".&<)
!"#$% =.)+'&'2%&1%>+&?>)%@&'/&+%0%,"+')A'B%
6)(-C,(0&7).%"*%1)(-C011)*').% =+CD)*1"+%"*%*)7"')%
!"#5% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'%0+.%'/)%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2%
G*""-%"-%&.)+'&'2%'/*">:/%>1)%"-%&.)+'&'2%&+-"*70'&"+%-*"7%0+%0>'/"*&'0'&4)%1">*,)%
=+CD)*1"+%"*%*)7"')%
!"#8% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'H%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2H%&.)+'&'2%&1%4)*&-&).H%0+.%&.)+'&'2%&1%>1).%&+%"'/)*%,"+')A'1%
G*""-%"-%&.)+'&'2%'/*">:/%%!" >1)%"-%&.)+'&'2%&+-"*70'&"+%
-*"7%0+%0>'/"*&'0'&4)%1">*,)%#" &.)+'&'2%&+-"*70'&"+%
4)*&-&,0'&"+%
=+CD)*1"+%"*%*)7"')%
!"#;% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'H%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2H%&.)+'&'2%&1%4)*&-&).H%0+.%&.)+'&'2%&1%>1).%&+%"'/)*%,"+')A'%
G*""-%"-%&.)+'&'2%'/*">:/%!" >1)%"-%&.)+'&'2%&+-"*70'&"+%
-*"7%7>('&D()%0>'/"*&'0'&4)%1">*,)1%
#" &.)+'&'2%&+-"*70'&"+%4)*&-&,0'&"+%
$" )+'&'2%@&'+)11).%&+CD)*1"+%
=+CD)*1"+%"+(2%
21#$'(3!"#$%"&'!()**+,!(-*.!
>"D =4/?(./73%/7+.#E(3?%.72-#
$" =1>(&)=?/()!""#$%&'()*(+(,)
*1!@) *1!A) *1!B) *1!C)
I)7"*&J).%6),*)'%K"L)+% ✓F# ✓F# # #
6&+:()C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % ✓# # #
6&+:()C-0,'"*%N*2D'":*0D/&,%K"L)+% % ✓# # #
I>('&C-0,'"*%6"-'@0*)%N*2D'":*0D/&,%K"L)+% % # ✓# #
I>('&C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % # # ✓#
I>('&C-0,'"*%90*.@0*)%N*2D'":*0D/&,%K"L)+% % # # ✓#
%%%%%%%%%%%%%%%%O%P)D)+.%"+%&7D()7)+'0'&"+%.)'0&(1%
21#$'(3!#/00123456!7280!9"#:!#;5<31=!>/?=3<1@38A!#>BC--BD.B*!!
!
8B%=+&'&0'&+:%"+(&+)%&.)+'&'2%D*"4&.)*%
I0DD&+:%@&'/%'/)%Q*07)@"*L%
!""#$%&'()*(+(,) 456('0.+(")
D(<."0$%0.1&)
E&FG($"1&) D(H10()
!"#$% !&''()%"*%+"%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% T70&(%U%7"E&()%D/"+)%
!"#5% 6"7)%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% I0&(&+:%0..*)11%
!"#8% 9&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% N"**"E"*0'&+:%&+-"*70'&"+%V*)(0').%'"%"+(&+)%E0+L&+:W%
!"#;% <)*2%/&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% RS#%
![Page 8: Intra-ASEAN Secure Transactions Framework 310815 - ETDA · for secure e-Transactions Legal Framework for secure e-Transactions is almost ready. A little reminder: Legal is the supporting](https://reader034.vdocuments.site/reader034/viewer/2022050200/5f53754f59c965234f299f2e/html5/thumbnails/8.jpg)
National Contact Information System
3. Initiating online identity provider
User
Info
DPIn
Out
User can Register And Upgrade Level of Assurance by providing more information (Authoritative of Corroborative)
User can manage who (service provider) to share what information with
Mapping Levelof Assurance
Communication via email to separate security domain
Smart form willdistribute data torelated agency
Response iFormsending back to
requester’s Inbox
Info Out
DP In
ControlAccessibilityBased on LoA
GOV.A
GOV.B
GOV.C
www.
Continueousverification
>"D =4/?(./73%/7+.#E(3?%.72-#
$" =1>(&)=?/()!""#$%&'()*(+(,)
*1!@) *1!A) *1!B) *1!C)
I)7"*&J).%6),*)'%K"L)+% ✓F# ✓F# # #
6&+:()C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % ✓# # #
6&+:()C-0,'"*%N*2D'":*0D/&,%K"L)+% % ✓# # #
I>('&C-0,'"*%6"-'@0*)%N*2D'":*0D/&,%K"L)+% % # ✓# #
I>('&C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % # # ✓#
I>('&C-0,'"*%90*.@0*)%N*2D'":*0D/&,%K"L)+% % # # ✓#
%%%%%%%%%%%%%%%%O%P)D)+.%"+%&7D()7)+'0'&"+%.)'0&(1%
21#$'(3!#/00123456!7280!9"#:!#;5<31=!>/?=3<1@38A!#>BC--BD.B*!!
!
8B%=+&'&0'&+:%"+(&+)%&.)+'&'2%D*"4&.)*%
I0DD&+:%@&'/%'/)%Q*07)@"*L%
!""#$%&'()*(+(,) 456('0.+(")
D(<."0$%0.1&)
E&FG($"1&) D(H10()
!"#$% !&''()%"*%+"%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% T70&(%U%7"E&()%D/"+)%
!"#5% 6"7)%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% I0&(&+:%0..*)11%
!"#8% 9&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% N"**"E"*0'&+:%&+-"*70'&"+%V*)(0').%'"%"+(&+)%E0+L&+:W%
!"#;% <)*2%/&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% RS#%
>"D =4/?(./73%/7+.#E(3?%.72-#
$" =1>(&)=?/()!""#$%&'()*(+(,)
*1!@) *1!A) *1!B) *1!C)
I)7"*&J).%6),*)'%K"L)+% ✓F# ✓F# # #
6&+:()C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % ✓# # #
6&+:()C-0,'"*%N*2D'":*0D/&,%K"L)+% % ✓# # #
I>('&C-0,'"*%6"-'@0*)%N*2D'":*0D/&,%K"L)+% % # ✓# #
I>('&C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % # # ✓#
I>('&C-0,'"*%90*.@0*)%N*2D'":*0D/&,%K"L)+% % # # ✓#
%%%%%%%%%%%%%%%%O%P)D)+.%"+%&7D()7)+'0'&"+%.)'0&(1%
21#$'(3!#/00123456!7280!9"#:!#;5<31=!>/?=3<1@38A!#>BC--BD.B*!!
!
8B%=+&'&0'&+:%"+(&+)%&.)+'&'2%D*"4&.)*%
I0DD&+:%@&'/%'/)%Q*07)@"*L%
!""#$%&'()*(+(,) 456('0.+(")
D(<."0$%0.1&)
E&FG($"1&) D(H10()
!"#$% !&''()%"*%+"%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% T70&(%U%7"E&()%D/"+)%
!"#5% 6"7)%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% I0&(&+:%0..*)11%
!"#8% 9&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% N"**"E"*0'&+:%&+-"*70'&"+%V*)(0').%'"%"+(&+)%E0+L&+:W%
!"#;% <)*2%/&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% RS#%
!"#$%&#'()(*+,-(./#0+1#2(341(#(561%.2%3/7+.2#
#
!"#$%&'( )*+,-./%,"$-("$(0.*1%&"$,1(2&/$-/1%,"$-(
)*+,-./%,"$-("$(3,+,%/.(4,+$/%#&*(
)*+,-./%,"$-("$(!'5*&1&,6*(
)*+,-./%,"$-(7"&(!"$-#6*&(8&"%*1%,"$(
)*+,-./%,"$-(7"&(3/%/(8&"%*1%,"$(
9&#$*,(# # # # #
891%0/:#!/65":,/( #
891%0/:##
891%0/:# # # ;<=#
;$:"$*-,/(( # # # # #
)/"-( #891%0/:#
;<=# ;<=# # ;<=#
</./'-,/(# # # # #
<'/$6/&(# # # ;<=# ;<=#
8=,.,>>,$*-(( # # # # #
4,$+/>"&*(# # # # #
2=/,./$:(( # # # # #
891%0/:#?,*%$/6(
( # # # # #
#
# #
![Page 9: Intra-ASEAN Secure Transactions Framework 310815 - ETDA · for secure e-Transactions Legal Framework for secure e-Transactions is almost ready. A little reminder: Legal is the supporting](https://reader034.vdocuments.site/reader034/viewer/2022050200/5f53754f59c965234f299f2e/html5/thumbnails/9.jpg)
3. Initiating online identity providerMapping with the Framework
NCIS Key Feature: Perform online identity regular check
Objective
E
>"D =4/?(./73%/7+.#E(3?%.72-#
$" =1>(&)=?/()!""#$%&'()*(+(,)
*1!@) *1!A) *1!B) *1!C)
I)7"*&J).%6),*)'%K"L)+% ✓F# ✓F# # #
6&+:()C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % ✓# # #
6&+:()C-0,'"*%N*2D'":*0D/&,%K"L)+% % ✓# # #
I>('&C-0,'"*%6"-'@0*)%N*2D'":*0D/&,%K"L)+% % # ✓# #
I>('&C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % # # ✓#
I>('&C-0,'"*%90*.@0*)%N*2D'":*0D/&,%K"L)+% % # # ✓#
%%%%%%%%%%%%%%%%O%P)D)+.%"+%&7D()7)+'0'&"+%.)'0&(1%
21#$'(3!#/00123456!7280!9"#:!#;5<31=!>/?=3<1@38A!#>BC--BD.B*!!
!
8B%=+&'&0'&+:%"+(&+)%&.)+'&'2%D*"4&.)*%
I0DD&+:%@&'/%'/)%Q*07)@"*L%
!""#$%&'()*(+(,) 456('0.+(")
D(<."0$%0.1&)
E&FG($"1&) D(H10()
!"#$% !&''()%"*%+"%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% T70&(%U%7"E&()%D/"+)%
!"#5% 6"7)%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% I0&(&+:%0..*)11%
!"#8% 9&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% N"**"E"*0'&+:%&+-"*70'&"+%V*)(0').%'"%"+(&+)%E0+L&+:W%
!"#;% <)*2%/&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% RS#%
>"!#$()(*#+0#=2241%.3(#
#
!""#$%&'()*(+(,) -("'$./0.1&)!"#$% !&''()%"*%+"%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#5% 6"7)%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#8% 9&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#;% <)*2%/&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
)
21#$'(3!"#$%"&'!()**+,!(-*.!
#
>">#=,,1+%3?#/+#@9(./7/A#B1++07.C
!""#$%&'()*(+(,% 456('0.+(") 71&0$1,) 8(091:)1;)
/$1'("".&<)
!"#$% =.)+'&'2%&1%>+&?>)%@&'/&+%0%,"+')A'B%
6)(-C,(0&7).%"*%1)(-C011)*').% =+CD)*1"+%"*%*)7"')%
!"#5% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'%0+.%'/)%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2%
G*""-%"-%&.)+'&'2%'/*">:/%>1)%"-%&.)+'&'2%&+-"*70'&"+%-*"7%0+%0>'/"*&'0'&4)%1">*,)%
=+CD)*1"+%"*%*)7"')%
!"#8% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'H%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2H%&.)+'&'2%&1%4)*&-&).H%0+.%&.)+'&'2%&1%>1).%&+%"'/)*%,"+')A'1%
G*""-%"-%&.)+'&'2%'/*">:/%%!" >1)%"-%&.)+'&'2%&+-"*70'&"+%
-*"7%0+%0>'/"*&'0'&4)%1">*,)%#" &.)+'&'2%&+-"*70'&"+%
4)*&-&,0'&"+%
=+CD)*1"+%"*%*)7"')%
!"#;% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'H%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2H%&.)+'&'2%&1%4)*&-&).H%0+.%&.)+'&'2%&1%>1).%&+%"'/)*%,"+')A'%
G*""-%"-%&.)+'&'2%'/*">:/%!" >1)%"-%&.)+'&'2%&+-"*70'&"+%
-*"7%7>('&D()%0>'/"*&'0'&4)%1">*,)1%
#" &.)+'&'2%&+-"*70'&"+%4)*&-&,0'&"+%
$" )+'&'2%@&'+)11).%&+CD)*1"+%
=+CD)*1"+%"+(2%
21#$'(3!"#$%"&'!()**+,!(-*.!
![Page 10: Intra-ASEAN Secure Transactions Framework 310815 - ETDA · for secure e-Transactions Legal Framework for secure e-Transactions is almost ready. A little reminder: Legal is the supporting](https://reader034.vdocuments.site/reader034/viewer/2022050200/5f53754f59c965234f299f2e/html5/thumbnails/10.jpg)
Review Request and the corroborative document
e-Custom
Submit to NSW
AS-IS
Exporter
Government Agency1 e-Permit1 NSW
Pilot Project B2G e-Filing for exporter
staff
Request for business registration certificate
Ministry ofCommerce
Business registrationcertificate
>"D =4/?(./73%/7+.#E(3?%.72-#
$" =1>(&)=?/()!""#$%&'()*(+(,)
*1!@) *1!A) *1!B) *1!C)
I)7"*&J).%6),*)'%K"L)+% ✓F# ✓F# # #
6&+:()C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % ✓# # #
6&+:()C-0,'"*%N*2D'":*0D/&,%K"L)+% % ✓# # #
I>('&C-0,'"*%6"-'@0*)%N*2D'":*0D/&,%K"L)+% % # ✓# #
I>('&C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % # # ✓#
I>('&C-0,'"*%90*.@0*)%N*2D'":*0D/&,%K"L)+% % # # ✓#
%%%%%%%%%%%%%%%%O%P)D)+.%"+%&7D()7)+'0'&"+%.)'0&(1%
21#$'(3!#/00123456!7280!9"#:!#;5<31=!>/?=3<1@38A!#>BC--BD.B*!!
!
8B%=+&'&0'&+:%"+(&+)%&.)+'&'2%D*"4&.)*%
I0DD&+:%@&'/%'/)%Q*07)@"*L%
!""#$%&'()*(+(,) 456('0.+(")
D(<."0$%0.1&)
E&FG($"1&) D(H10()
!"#$% !&''()%"*%+"%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% T70&(%U%7"E&()%D/"+)%
!"#5% 6"7)%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% I0&(&+:%0..*)11%
!"#8% 9&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% N"**"E"*0'&+:%&+-"*70'&"+%V*)(0').%'"%"+(&+)%E0+L&+:W%
!"#;% <)*2%/&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% RS#%
Req.
Cert.
Cert.Request Form1
>"!#$()(*#+0#=2241%.3(#
#
!""#$%&'()*(+(,) -("'$./0.1&)!"#$% !&''()%"*%+"%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#5% 6"7)%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#8% 9&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%!"#;% <)*2%/&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
)
21#$'(3!"#$%"&'!()**+,!(-*.!
#
>">#=,,1+%3?#/+#@9(./7/A#B1++07.C
!""#$%&'()*(+(,% 456('0.+(") 71&0$1,) 8(091:)1;)
/$1'("".&<)
!"#$% =.)+'&'2%&1%>+&?>)%@&'/&+%0%,"+')A'B%
6)(-C,(0&7).%"*%1)(-C011)*').% =+CD)*1"+%"*%*)7"')%
!"#5% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'%0+.%'/)%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2%
G*""-%"-%&.)+'&'2%'/*">:/%>1)%"-%&.)+'&'2%&+-"*70'&"+%-*"7%0+%0>'/"*&'0'&4)%1">*,)%
=+CD)*1"+%"*%*)7"')%
!"#8% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'H%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2H%&.)+'&'2%&1%4)*&-&).H%0+.%&.)+'&'2%&1%>1).%&+%"'/)*%,"+')A'1%
G*""-%"-%&.)+'&'2%'/*">:/%%!" >1)%"-%&.)+'&'2%&+-"*70'&"+%
-*"7%0+%0>'/"*&'0'&4)%1">*,)%#" &.)+'&'2%&+-"*70'&"+%
4)*&-&,0'&"+%
=+CD)*1"+%"*%*)7"')%
!"#;% =.)+'&'2%&1%>+&?>)%@&'/&+%,"+')A'H%)+'&'2%'"%@/&,/%'/)%&.)+'&'2%D)*'0&+1%)A&1'1%"EF),'&4)(2H%&.)+'&'2%&1%4)*&-&).H%0+.%&.)+'&'2%&1%>1).%&+%"'/)*%,"+')A'%
G*""-%"-%&.)+'&'2%'/*">:/%!" >1)%"-%&.)+'&'2%&+-"*70'&"+%
-*"7%7>('&D()%0>'/"*&'0'&4)%1">*,)1%
#" &.)+'&'2%&+-"*70'&"+%4)*&-&,0'&"+%
$" )+'&'2%@&'+)11).%&+CD)*1"+%
=+CD)*1"+%"+(2%
21#$'(3!"#$%"&'!()**+,!(-*.!
![Page 11: Intra-ASEAN Secure Transactions Framework 310815 - ETDA · for secure e-Transactions Legal Framework for secure e-Transactions is almost ready. A little reminder: Legal is the supporting](https://reader034.vdocuments.site/reader034/viewer/2022050200/5f53754f59c965234f299f2e/html5/thumbnails/11.jpg)
Response form in dataschema format
- Signed by PKI certificate of authorized government staff(Secure Message)- Sharing Information over https (Secure Channel)
NCIS(Authen.)
TO-BE
Pilot Project B2G e-Filing for exporter
Request for business registration certificate
e-Custom
Submit to NSW
Ministry ofCommerceExporter
staff
Review Request and thecorroborative document
Government Agency1 e-Permit1 NSW
Business registrationcertificate
XML
APapplication
>"D =4/?(./73%/7+.#E(3?%.72-#
$" =1>(&)=?/()!""#$%&'()*(+(,)
*1!@) *1!A) *1!B) *1!C)
I)7"*&J).%6),*)'%K"L)+% ✓F# ✓F# # #
6&+:()C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % ✓# # #
6&+:()C-0,'"*%N*2D'":*0D/&,%K"L)+% % ✓# # #
I>('&C-0,'"*%6"-'@0*)%N*2D'":*0D/&,%K"L)+% % # ✓# #
I>('&C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % # # ✓#
I>('&C-0,'"*%90*.@0*)%N*2D'":*0D/&,%K"L)+% % # # ✓#
%%%%%%%%%%%%%%%%O%P)D)+.%"+%&7D()7)+'0'&"+%.)'0&(1%
21#$'(3!#/00123456!7280!9"#:!#;5<31=!>/?=3<1@38A!#>BC--BD.B*!!
!
8B%=+&'&0'&+:%"+(&+)%&.)+'&'2%D*"4&.)*%
I0DD&+:%@&'/%'/)%Q*07)@"*L%
!""#$%&'()*(+(,) 456('0.+(")
D(<."0$%0.1&)
E&FG($"1&) D(H10()
!"#$% !&''()%"*%+"%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% T70&(%U%7"E&()%D/"+)%
!"#5% 6"7)%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% I0&(&+:%0..*)11%
!"#8% 9&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% N"**"E"*0'&+:%&+-"*70'&"+%V*)(0').%'"%"+(&+)%E0+L&+:W%
!"#;% <)*2%/&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% RS#%
Req.
Cert.
Cert.Request Form1
![Page 12: Intra-ASEAN Secure Transactions Framework 310815 - ETDA · for secure e-Transactions Legal Framework for secure e-Transactions is almost ready. A little reminder: Legal is the supporting](https://reader034.vdocuments.site/reader034/viewer/2022050200/5f53754f59c965234f299f2e/html5/thumbnails/12.jpg)
● It’s not only we want to know he is Mr. John.● But we also want to know what Mr. John can do.
TO Authenticate We also care the ‘function’ of that identity
NCIS(Authen.)
Ministry ofCommerce
ProfessionalAssociation
FinancialInstitute
School
Exporter
Request for business registration certificate
APapplication
>"D =4/?(./73%/7+.#E(3?%.72-#
$" =1>(&)=?/()!""#$%&'()*(+(,)
*1!@) *1!A) *1!B) *1!C)
I)7"*&J).%6),*)'%K"L)+% ✓F# ✓F# # #
6&+:()C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % ✓# # #
6&+:()C-0,'"*%N*2D'":*0D/&,%K"L)+% % ✓# # #
I>('&C-0,'"*%6"-'@0*)%N*2D'":*0D/&,%K"L)+% % # ✓# #
I>('&C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % # # ✓#
I>('&C-0,'"*%90*.@0*)%N*2D'":*0D/&,%K"L)+% % # # ✓#
%%%%%%%%%%%%%%%%O%P)D)+.%"+%&7D()7)+'0'&"+%.)'0&(1%
21#$'(3!#/00123456!7280!9"#:!#;5<31=!>/?=3<1@38A!#>BC--BD.B*!!
!
8B%=+&'&0'&+:%"+(&+)%&.)+'&'2%D*"4&.)*%
I0DD&+:%@&'/%'/)%Q*07)@"*L%
!""#$%&'()*(+(,) 456('0.+(")
D(<."0$%0.1&)
E&FG($"1&) D(H10()
!"#$% !&''()%"*%+"%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% T70&(%U%7"E&()%D/"+)%
!"#5% 6"7)%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% I0&(&+:%0..*)11%
!"#8% 9&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% N"**"E"*0'&+:%&+-"*70'&"+%V*)(0').%'"%"+(&+)%E0+L&+:W%
!"#;% <)*2%/&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% RS#%
Req.
Cert.
Req.
Cert.
Req.
Cert.
Req.
Cert.
![Page 13: Intra-ASEAN Secure Transactions Framework 310815 - ETDA · for secure e-Transactions Legal Framework for secure e-Transactions is almost ready. A little reminder: Legal is the supporting](https://reader034.vdocuments.site/reader034/viewer/2022050200/5f53754f59c965234f299f2e/html5/thumbnails/13.jpg)
● Maintain the liability chain ● Keep integrity of data● Non-repudiation● Not only human to server but also server to server
How PKI can help complete the jigsaw
>"D =4/?(./73%/7+.#E(3?%.72-#
$" =1>(&)=?/()!""#$%&'()*(+(,)
*1!@) *1!A) *1!B) *1!C)
I)7"*&J).%6),*)'%K"L)+% ✓F# ✓F# # #
6&+:()C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % ✓# # #
6&+:()C-0,'"*%N*2D'":*0D/&,%K"L)+% % ✓# # #
I>('&C-0,'"*%6"-'@0*)%N*2D'":*0D/&,%K"L)+% % # ✓# #
I>('&C-0,'"*%M+)CK&7)%G011@"*.%K"L)+% % # # ✓#
I>('&C-0,'"*%90*.@0*)%N*2D'":*0D/&,%K"L)+% % # # ✓#
%%%%%%%%%%%%%%%%O%P)D)+.%"+%&7D()7)+'0'&"+%.)'0&(1%
21#$'(3!#/00123456!7280!9"#:!#;5<31=!>/?=3<1@38A!#>BC--BD.B*!!
!
8B%=+&'&0'&+:%"+(&+)%&.)+'&'2%D*"4&.)*%
I0DD&+:%@&'/%'/)%Q*07)@"*L%
!""#$%&'()*(+(,) 456('0.+(")
D(<."0$%0.1&)
E&FG($"1&) D(H10()
!"#$% !&''()%"*%+"%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% T70&(%U%7"E&()%D/"+)%
!"#5% 6"7)%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
RS#% I0&(&+:%0..*)11%
!"#8% 9&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% N"**"E"*0'&+:%&+-"*70'&"+%V*)(0').%'"%"+(&+)%E0+L&+:W%
!"#;% <)*2%/&:/%,"+-&.)+,)%&+%'/)%011)*').%&.)+'&'231%40(&.&'2%
N"**"E"*0'&+:%&+-"*70'&"+% RS#%
![Page 14: Intra-ASEAN Secure Transactions Framework 310815 - ETDA · for secure e-Transactions Legal Framework for secure e-Transactions is almost ready. A little reminder: Legal is the supporting](https://reader034.vdocuments.site/reader034/viewer/2022050200/5f53754f59c965234f299f2e/html5/thumbnails/14.jpg)
RecommendationsASEAN should adopt the risk-based approach to define the Level of Assurance required for each application.
ASEAN should define identity proofing and verification for each LoA based on ISO29115:2013.
Credential management should include the Corroborative Information and Authoritative Information.
●
●
●
![Page 15: Intra-ASEAN Secure Transactions Framework 310815 - ETDA · for secure e-Transactions Legal Framework for secure e-Transactions is almost ready. A little reminder: Legal is the supporting](https://reader034.vdocuments.site/reader034/viewer/2022050200/5f53754f59c965234f299f2e/html5/thumbnails/15.jpg)
Summary1. Guideline, framework, and legal consistency in secure transaction approaches across ASEAN member states2. Increase trust and promote secure and efficient electronic transactions 3. Initiate online identity provider service and authentication across cross-border systems
User
NCIS
LoA1
LoA2
LoA3
LoA4TRUST
![Page 16: Intra-ASEAN Secure Transactions Framework 310815 - ETDA · for secure e-Transactions Legal Framework for secure e-Transactions is almost ready. A little reminder: Legal is the supporting](https://reader034.vdocuments.site/reader034/viewer/2022050200/5f53754f59c965234f299f2e/html5/thumbnails/16.jpg)
THANKYOU
www.etda.or.th