Public Key Infrastructure (PKI) Agreement
Downloads
- PKI Agreement Terms and Conditions (PDF, 87KB)
- PKI explained (Reference Document, PDF, 177KB)
- BoS Customer PKI Smartcard Renewal form (PDF, 79KB)PDF, opens new tab
Agreement
The Digital Identification Service PKI Customer Agreement and Digital Identification Service PKI Reference Document form an integral part of the documentation required to access our services such as Bacstel-IP. Customers should be aware that by signing up for any PKI supported service they are also agreeing to be bound by the Digital Identification Service PKI Customer Agreement. The Customer Agreement and Reference Document can be viewed in full by clicking on the links above.
Background
The Bank wishes to provide its customers with the highest levels of security when transacting over the internet. To ensure the security and integrity of these services we provide a Digital Identification Service. Customers applying for the services that use PKI require to register for and be provided with Digital Identity Smartcards that will be used in conjunction with the service. These Smartcards hold a 'certificate' within the chip, which stores personal details uniquely identifying the cardholder, such as:
- Name
- Email address
- Employer
- Who it was issued by
- When it is valid from / to
The Digital Identification Service uses security technology to address each of the following principles:
- Confidentiality - transmissions sent must be protected in transit and only readable by the intended recipient.
- Authentication - it must be possible for the recipient to positively identify the sender of a transmission in real-time.
- Integrity - it must be verified that a transmission received is the same as the transmission originally sent.
- Non-repudiation - if the above have been ensured, once a transmission is received and processed, the sender cannot claim they did not originate and send the transmission.
Key Management - PKI
The use of PKI enables a secure exchange of digital signatures in open networks where many communication partners are involved.
Digital Identification Service PKI Reference Document
The document has three parts:
Identity Certificate Policy:
The Identity Certificate is only to be used by contracted parties of IdenTrust or IdenTrust Participants in accordance with the Identity Certificate Policy.
Bank IdenTrust Identity Certificates are only to be used for the purpose of providing the following IdenTrust services:
- user authenticity
- digital signing
- non-repudiation
Identity Certificates restrict services to those described above by defining Key usage fields within the Certificate (See Certificate Profile).
Utility Certificate Policy:
The Utility Certificate is only to be used by contracted parties of IdenTrust or IdenTrust Participants in accordance with the Utility Certificate Policy.
Bank IdenTrust Utility Certificates are only to be used for the purpose of providing the following IdenTrust services:
- Data Confidentiality and Integrity
- Secure Key distribution
- Key Agreement
- Digital Signatures
- Client Authentication
Utility Certificates restrict services to those described above by defining Key usage fields within the Certificate (See Certificate Profile).
Dispute Resolution Procedure:
In keeping with the high standard of security offered via the Digital Identification Service, all the relevant legal details are covered within the appropriate reference document.
Another element of a Digital Identification Service is that there are clearly defined procedures in the event of any dispute. These procedures are agreed by all parties involved in supplying and using the Digital Identification Service.
IdenTrust Certificate Practice Statement
The IdenTrust Certificate Practice Statement (CPS) is available to customers on request. Please direct your request to the relevant Service Helpdesk.
Bank of Scotland Business Banking Customers
Return to the Bank of Scotland Business Bankinggo to homepage website.
Bank of Scotland Commercial Customers
Return to the Bank of Scotland Commercialcommercial homepage website.