DigSig
DigSig is an advanced piece of digital technology created to verify the authenticity and integrity of data.
Description
DigSig is an advanced digital technology created to verify the authenticity and integrity of data. It defines a data structure and adds a digital signature which is used to verify the information on different carriers like barcodes and RFID.
From a customer perspective, DigSig enables trust and makes the manipulation of data visible and easy to detect.
The idea behind this technology came from a request to protect diploma certificates against counterfeit. This Technology is now used in the area of vehicle identification – to protect license plates, windshield stickers, vehicle registration cards, and driver’s licenses from manipulation.
DigSig can be used in a variety of applications: personal identification, digital certificates, document protection and security printing, brand protection, access control, track-and-trace technology, and many more.
Why DigSig ?
DigSig technology can be used as a stand-alone product or it can be integrated into an existing system as an additional feature. It is not only well balanced in regards to efficiency and costs, but it also has numerous unique features which create additional value for the customer
Advantages
- Security based on advanced and efficient cryptography with asymmetric encryption
- DigSigs utilizes the existing SSL infrastructure to ensure the validity of the Domain Authority SSL certificate.
- Verification can be carried out offline
- The technology does not require a back-end system which enhances security and dramatically decreases costs
- Specially encoded data structure allows the use of a small size of the data carrier
- Conformity to the international standard specification: ISO/IEC 20248 and interoperations with other standards like GS1
- The system architecture is simple and easy to integrate
Elements of the system
Signer:
This is the main application that runs on a dedicated server. It takes data according to the pre-defined structure (DDD), carries out the coding and signing with a private key and gives the result (DigSig) back to the caller. A license file is required to create a DigSig. Signer should be kept in a secure environment so that the private key is secured.
Domain Authority with certificate server:
This is a main tool for creating and maintaining certificates that are necessary for verifying DigSigs. It contains the public key of Signer and information about the data structure (DDD) which are used for the verification process. Domain Authority is signed by the national root certificate itself. Certificates can be uploaded to the verifier in advance, making offline verification possible. Domain Authority should be kept in a secure environment.
Verifier:
This is a tool used to verify signed DigSig documents. The standard offline verifier is an Android application available from the Google Play Store and can be individualized. The iOS version will be available soon.
We have also launched a Web-Verifier to verify DigSigs in the URL mode with a standard barcode scanner.
DigSig as a Standard:
DigSig conform to an international standard specification: ISO/IEC 20248
The standard specifies a method whereby data stored within a barcode and/or RFID tag is structured and digitally signed. The purpose of the standard is to provide an open and interoperable method between services and data carriers in order to verify data originality and data integrity in an offline use case.
The ISO/IEC 20248 data structure is also called a “DigSig” which refers to a small (in bit count) digital signature.
Our experts are happy to provide you with more details about the DigSig technology.