Embedded Files
Technology today, especially online applications over unsecure network like the Internet, demands more strengthened information security and user integrity. Cybersecurity issues, including the recent hacking incidents among government websites, identity theft, fraud, among others, threaten the security of information being exchanged as well as the integrity of the persons involved in the communication process.
As more and more people rely on the use of online applications over unsecure network like the Internet, the need to secure files and ensure their information integrity increases. This is where the PKI comes in. It addresses the issue of authenticity, confidentiality and integrity of information.
Public Key Infrastructure (PKI) allows users of public networks like the Internet to exchange private data securely. PKI is essentially a set of hardware, software, policies, personnel and procedures needed to create, manage, distribute, use, store and revoke digital certificates. The PKI is one of the core services being offered by the Department of Information and Communications Technology (DICT) that will foster trust in the government by ensuring secure and reliable online transactions.
WHAT IS A DIGITAL CERTIFICATE?
A very small file issued by a Certificate Authority as proof of an individual's (or machine's) electronic identity.
An electronic "passport" that allows a person, computer or organization to exchange information securely over the Internet.
Digital certificates will allow anyone to encrypt a document and/or digitally sign it anytime, anywhere to ensure continuity of services. It also provides additional security features to avoid forgery and tampering of health care documents.
ADVANTAGES:
Prevents fraud by authenticating the identity of an individual or entity.
Promotes privacy by preventing unauthorized access of common communications
Assures integrity of e-communications by securing them from being accessed while in transit.
Promotes non-repudiation of electronic transactions so that people will not be able to deny their involvement in a valid electronic transaction.
APPLICATION REQUIREMENTS:
- Accomplished Application Form
- TIN
- UMID or 2 acceptable Government Issued ID based on BSP Circular No. 608 s2008
- Passport-sized photo taken within the last 6 months
- Phone Number
- Work Email Address
- Birth Certificate (Passport in the absence of a Birth Certificate)
WHO CAN AVAIL:
- Government agencies and personnel
- Private individuals
APPROVAL OR REJECTION OF CERTIFICATE APPLICATION:
The PNPKI has the right to reject an application if requirements are not complied with.TIME TO PROCESS CERTIFICATE APPLICATION:
PNPKI CA begins processing certificate application within a reasonable time of receipt “within 5 working days”.CIRCUMSTANCES UNDER WHICH A PNPKI CA CERTIFICATE WILL BE REVOKED:
a) Key Compromiseb) PNPKI CA Compromisec) PNPKI CA is not compliant with its Certificate Policy/Certificate Practice Statementd) Stop of OperationLEGAL BASIS
LEGAL BASIS
The use and issuance of certificates under the Certificate Policy shall be covered by the applicable provisions of:
R.A. 8792 (the Electronic Commerce Act of 2000),
R.A. 8484 (Access Devices Regulation Act of 1998),
R.A. 7394 (Consumer Act of the Philippines),
R.A. 10173 (Data Privacy Act of 2012) and
E.O. 810, s2009 (Framework for National Certification Scheme for Digital Signatures).
A 10175 or The Cybercrime Prevention Act of 2012
Memorandum circular no. 2013-002
Department circular no. 2017 – 001
RA 8792Sec. 7. Legal Recognition of Electronic DocumentsElectronic documents shall have the legal effect, validity or enforceability as any other document or legal writing.For evidentiary purposes, an electronic document shall be the functional equivalent of a written document under existing laws.
Sec. 8. Legal Recognition of Electronic SignaturesElectronic signature on the electronic document shall be equivalent to the signature of a person on a written document.
EO 810Sec. 4. Application of Digital Signatures in E-Government ServicesAll government agencies and instrumentalities providing e-government services to its clients shall require the use of digital signatures in their respective e-government services...
RA 10175 or The Cybercrime Prevention Act of 2012
A.M. NO. 01-7-01- SC-RE: RULES ON ELECTRONIC EVIDENCERule 6. Section 1An electronic signature or a digital signature authenticated in the manner prescribed hereunder is admissible in evidence as the functional equivalent of the signature of a person on a written document.
Memorandum Circular: PNPKI Certification Practice Statement Version 1.0December 23, 2013 Memorandum Circular No. 2013-002Series of 2013SUBJECT: APPROVAL OF THE PHILIPPINE NATIONAL PUBLIC KEY INFRASTRUCTURE (PNPKI) CERTIFICATION AUTHORITY (CA) CERTIFICATION PRACTICE STATEMENT (CPS) VERSION 1.0
Department of Information and Communications Technology18 January 2017 DEPARTMENT CIRCULAR NO. 2017 – 001SECTION 1. BACKGROUND AND RATIONALE1.1 Executive Order (E.O.) No. 810, series 2009 institutionalized the certification scheme for digital signatures and directed the application of digital signatures in e-Government Services.
1.2 Section 3(a) of E.O. No. 810, s2009 designated the National Computer Center (NCC) to operate the Philippine Root CA (RootCA).
1.3 Section 15 of Republic Act No. 10844 abolished NCC and transferred its powers and functions, applicable funds and appropriations, records, equipment, property and personnel to the Department of Information and Communications Technology (DICT).
1.4 ICT Office Memorandum Circular No. 2013-001 approved the PNPKI Certificate Policy (CP) version 1.0 in operating the Philippine RootCA.
Sec. 8. Legal Recognition of Electronic SignaturesElectronic signature on the electronic document shall be equivalent to the signature of a person on a written document.
EO 810Sec. 4. Application of Digital Signatures in E-Government ServicesAll government agencies and instrumentalities providing e-government services to its clients shall require the use of digital signatures in their respective e-government services...
RA 10175 or The Cybercrime Prevention Act of 2012
A.M. NO. 01-7-01- SC-RE: RULES ON ELECTRONIC EVIDENCERule 6. Section 1An electronic signature or a digital signature authenticated in the manner prescribed hereunder is admissible in evidence as the functional equivalent of the signature of a person on a written document.
Memorandum Circular: PNPKI Certification Practice Statement Version 1.0December 23, 2013 Memorandum Circular No. 2013-002Series of 2013SUBJECT: APPROVAL OF THE PHILIPPINE NATIONAL PUBLIC KEY INFRASTRUCTURE (PNPKI) CERTIFICATION AUTHORITY (CA) CERTIFICATION PRACTICE STATEMENT (CPS) VERSION 1.0
Department of Information and Communications Technology18 January 2017 DEPARTMENT CIRCULAR NO. 2017 – 001SECTION 1. BACKGROUND AND RATIONALE1.1 Executive Order (E.O.) No. 810, series 2009 institutionalized the certification scheme for digital signatures and directed the application of digital signatures in e-Government Services.
1.2 Section 3(a) of E.O. No. 810, s2009 designated the National Computer Center (NCC) to operate the Philippine Root CA (RootCA).
1.3 Section 15 of Republic Act No. 10844 abolished NCC and transferred its powers and functions, applicable funds and appropriations, records, equipment, property and personnel to the Department of Information and Communications Technology (DICT).
1.4 ICT Office Memorandum Circular No. 2013-001 approved the PNPKI Certificate Policy (CP) version 1.0 in operating the Philippine RootCA.
Page updated
Report abuse