A Minute with...
... Peter Handzuš, Solution Architect, DXC Technology
How do you perceive the present-day case of temporary hold of eGovernment services using electronic signature? Who do you think failed?
“Cryptography and technology solution security is usually designed with regards to potential threats that can be predicted in certain timeframe. It is not realistics to assume that cryptography will guarantee security “for eternity” and will represent, in this particular case, unpredictable vulnerability of certified product uncovered by scientific team. In the world of cryptography, we can expect in future, also in respect to dynamic development of technologies, new challenges that will require flexible reaction. We are not in the position to comment on the adopted decision regarding potentially vulnerable certified electronic signature (KEP) on eID card. What we want to stress out is that login with eID card using security personal code (BOK) remains secure and identified vulnerability has no impact on this functionality.”
Why are several European countries including Slovakia behind in digitization compared to Estonia?
“The circumstances of establishment of Estonia as an independent state are certainly one of the determining factors. Estonia with 1, 3 million inhabitants gained independence after the fall of Soviet Union in 1991 and had to flexibly react to rapid geopolitical change and face the questions how to operate the state machinery, including diversification of economics. Since establishment of Estonia the government was composed of young people (average age only 33 years) with progressive thinking, technological insights and a vision of digitized state they started to implement much sooner than other countries. To evaluate digitization is a complex process consisting of measuring various areas using various criteria. An example of this measurement is DESI index measurement (using combination of 30 indicators) with Estonia at No. 9. Slovakia is at No. 20 but together with Slovenia we are the most rapidly advancing countries in EU. To illustrate situation of electronic identification cards we can help with the example of discussed security vulnerability of a certain case. This proved that Slovakia has implemented technologically more advanced solution of eID card. Identification and authentication with eID card continues to be secure and above mentioned vulnerability has no impact on this functionality. Contrary, Estonia has to address also vulnerability of the authentication build on same types of key pairs as vulnerable KEP.”
Introduction of eID cards was not without problems also in Estonia. What was the issue?
“During first 4 years of eID card in Estonia there were very few public administration electronic services that could be accessed with eID card. This resulted to high dissatisfaction and criticism of 20 million EUR project. Only when private company with capital participation of two banks and telecommunication operator became involved eID card started to be actively promoted and used for various purposes. Perception of eID card and its real value has diametrically changed. eID card became the primary tool for managing private agenda not only with state but also with providers of commercial services. Therefore, we are convinced that is is necessary to fully use the potential of eID card in Slovakia, it must be used in public as well as in private sector so it can benefit everyone: citizens, entrepreneurs and state.”
What will cover your presentation at ITAPA 2017?
“This year we will again present to ITAPA participants something new and interesting from identification and authentication. Presentation will talk about our perspective on parallels and differences vs Estonia during first 4 years since introduction of eID card and we will look at their “recipe” how to accept eID in commercial sector. We will summarize status and options how to use Slovak eID in commercial environment regarding EU legal framework, instructions and directions, including European Commission Action Plans and expected future use of national identification scheme. We will offer our vision how to move forward and unlock the real value of eID card owned by more than 55% of Slovaks older than 15 years. As usual, we want to bring the participants something more, something tangible. A part of our presentation and of our DXC booth in the foyer will be demonstration of Mobile eID – something new we prepared for autumn ITAPA 2017 in collaboration with partner company Plaut.”
Peter Handzuš will present at ITAPA 2017 International Congress November 15 in session eGovernment and the Development of Electronic Services in Slovakia.
Peter Handzuš (31) finished studies at University of Economics, Bratislava, Faculty of Economic Informatics in economic informatics. Even before he graduated, he started to work for Hewlett-Packard Slovakia, today DXC Technology in 2010. As a Solution Architect, he participated in successful implementation of project national evidence of motor vehicles and project of electronic identification card at National Personalisation Center of Ministry of Interior of Slovak Republic and worked also as a technical support for these systems. In 2013, he participated in CEE young talents and was nominated by global management as a Solution Architect to strategic management team for internal knowledge management of one of company’s division. Since 2015 he is a member of Slovak team of architects for development of innovative and progressive solutions in identification and authentication, especially mobile solutions and use of implemented eID card also in commercial sector. He is very interested in related topics such as secure client authentication (PSD2), personal data protection (GDPR) and trusted services (eIDAS). He holds ArchiMate 2 certificate and is actively working on Enterprise Architecture proposal.
“Cryptography and technology solution security is usually designed with regards to potential threats that can be predicted in certain timeframe. It is not realistics to assume that cryptography will guarantee security “for eternity” and will represent, in this particular case, unpredictable vulnerability of certified product uncovered by scientific team. In the world of cryptography, we can expect in future, also in respect to dynamic development of technologies, new challenges that will require flexible reaction. We are not in the position to comment on the adopted decision regarding potentially vulnerable certified electronic signature (KEP) on eID card. What we want to stress out is that login with eID card using security personal code (BOK) remains secure and identified vulnerability has no impact on this functionality.”
Why are several European countries including Slovakia behind in digitization compared to Estonia?
“The circumstances of establishment of Estonia as an independent state are certainly one of the determining factors. Estonia with 1, 3 million inhabitants gained independence after the fall of Soviet Union in 1991 and had to flexibly react to rapid geopolitical change and face the questions how to operate the state machinery, including diversification of economics. Since establishment of Estonia the government was composed of young people (average age only 33 years) with progressive thinking, technological insights and a vision of digitized state they started to implement much sooner than other countries. To evaluate digitization is a complex process consisting of measuring various areas using various criteria. An example of this measurement is DESI index measurement (using combination of 30 indicators) with Estonia at No. 9. Slovakia is at No. 20 but together with Slovenia we are the most rapidly advancing countries in EU. To illustrate situation of electronic identification cards we can help with the example of discussed security vulnerability of a certain case. This proved that Slovakia has implemented technologically more advanced solution of eID card. Identification and authentication with eID card continues to be secure and above mentioned vulnerability has no impact on this functionality. Contrary, Estonia has to address also vulnerability of the authentication build on same types of key pairs as vulnerable KEP.”
Introduction of eID cards was not without problems also in Estonia. What was the issue?
“During first 4 years of eID card in Estonia there were very few public administration electronic services that could be accessed with eID card. This resulted to high dissatisfaction and criticism of 20 million EUR project. Only when private company with capital participation of two banks and telecommunication operator became involved eID card started to be actively promoted and used for various purposes. Perception of eID card and its real value has diametrically changed. eID card became the primary tool for managing private agenda not only with state but also with providers of commercial services. Therefore, we are convinced that is is necessary to fully use the potential of eID card in Slovakia, it must be used in public as well as in private sector so it can benefit everyone: citizens, entrepreneurs and state.”
What will cover your presentation at ITAPA 2017?
“This year we will again present to ITAPA participants something new and interesting from identification and authentication. Presentation will talk about our perspective on parallels and differences vs Estonia during first 4 years since introduction of eID card and we will look at their “recipe” how to accept eID in commercial sector. We will summarize status and options how to use Slovak eID in commercial environment regarding EU legal framework, instructions and directions, including European Commission Action Plans and expected future use of national identification scheme. We will offer our vision how to move forward and unlock the real value of eID card owned by more than 55% of Slovaks older than 15 years. As usual, we want to bring the participants something more, something tangible. A part of our presentation and of our DXC booth in the foyer will be demonstration of Mobile eID – something new we prepared for autumn ITAPA 2017 in collaboration with partner company Plaut.”
Peter Handzuš will present at ITAPA 2017 International Congress November 15 in session eGovernment and the Development of Electronic Services in Slovakia.
Peter Handzuš (31) finished studies at University of Economics, Bratislava, Faculty of Economic Informatics in economic informatics. Even before he graduated, he started to work for Hewlett-Packard Slovakia, today DXC Technology in 2010. As a Solution Architect, he participated in successful implementation of project national evidence of motor vehicles and project of electronic identification card at National Personalisation Center of Ministry of Interior of Slovak Republic and worked also as a technical support for these systems. In 2013, he participated in CEE young talents and was nominated by global management as a Solution Architect to strategic management team for internal knowledge management of one of company’s division. Since 2015 he is a member of Slovak team of architects for development of innovative and progressive solutions in identification and authentication, especially mobile solutions and use of implemented eID card also in commercial sector. He is very interested in related topics such as secure client authentication (PSD2), personal data protection (GDPR) and trusted services (eIDAS). He holds ArchiMate 2 certificate and is actively working on Enterprise Architecture proposal.
Sign in to Autumn ITAPA 2024