IoT offers interesting use cases for digital signatures: Kaushik Srinivasan
Founded in 2008, eMudhra works at the intersection of digital transformation. It has built its proprietary intellectual property around public key infrastructure (PKI), which refers to the usage of digital signatures and certificates that are based on cryptographic technology and identities for authentication and security purposes.
A publicly-listed company, eMudhra is working towards a completely ‘paperless’ future. In an interview, the company’s Senior Vice President, Kaushik Srinivasan, discussed the company’s plans and products. Edited excerpts:
What is the prime focus of eMudhra?
We are the only certifying authority that has a web trust accreditation and we are recognised for all major browsers. This means that we can issue digital certificates that give users assurance that a certain website is genuine and authentic. Collectively, we have issued about 16 million digital certificates.
We are driving the adoption of digital signature standards. Taking the example of India, we built the entire e-signature layer on top of Aadhar as an identity; we were the first e-sign service provider in the country.
When we started in India, the idea was to build a digital trust backbone globally. So apart from India, today we are a certifying authority in UAE, Kenya, and Mauritius. Our global certification is also being used by certain local partners in West Africa, Latin America, etc.
What services are offered in India?
In India, for e-government, we have supported a lot of digital signature authentication use cases with the tax authority, revenue authority, law administration, and the Central Bank. We are also working with the defence forces from a cybersecurity standpoint. Banking is another area of focus for us and we are working with Indian and international banks to go fully paperless.
IT companies like Tata Consultancy Services (TCS) and Infosys are users of our platform for their enterprise-wide paperless transformation across legal and human resource departments.
What are market opportunities in terms of cyber security for eMudhra?
We see a great opportunity in terms of cybersecurity with the growing interest in Zero Trust, enterprises looking to remediate cyber threats, and the focus on data privacy.
Towards this, we have a few products. We issue cryptographic keys and certificates to secure enterprise IT infrastructures, users, and devices. We also offer a centralized view of all the certificates issued for easy management. Our company also offers an authentication platform. Here even if someone is issued a digital signature certificate, that user would still need to submit an authentication for validation at the backend.
What are the other use cases for digital signatures and certificates?
Interesting use cases that are emerging in the context of IoT devices, since they authenticate through passwords that are not entirely secure. For example, in a smart city implementation, most of the connected public services like traffic lights face security threats due to the absence of robust security systems.
So many smart cities are slowly looking at the usage of device certificates as a cryptographic identity to the device to authenticate whether a legitimate device is communicating with the network. Similarly, most electric vehicles are connected vehicles – they track your data, send maintenance data, and receive updates. So there again, cryptographic keys are becoming quite important.