Digital communication for the identification and authentication of users by certificates is a fundamental task of the MTG Corporate PKI.
Die MTG Corporate PKI issues, validates and deploys digital certificates for various use-cases in the public sector.
Social security institutions, parliaments and other public institutions can thus exchange and communicate data securely. Upon request, MTG will monitor and manage the operation of the PKI in the selected data centers.
The main purpose of using certificates from a PKI is to create trust in the identities of the users of the network. A Root CA represents the highest level of trust by validating and certifying the Sub CAs (certification authorities). Root CAs play an extremely important role in the context of legal regulations and directives and must therefore be operated reliably and in a highly secured infrastructure. For the new identity card and also for smart metering communication in Germany, Root CAs from MTG are being used.
Der neue Personalausweis (nPA) der Bundesrepublik Deutschland ist mit einer Online-Ausweisfunktion für den Einsatz im Internet und an Automaten oder Terminals ausgestattet.
The new identity card (eID) of the Federal Republic of Germany is equipped with an online ID function for use on the Internet and at machines or terminals. Companies that operate an online store or online services can take advantage of the eID in order to authenticate their customers. Thus, online business processes in the Internet can be made safer and easier than with the classic login through a username and password.
MTG offers an electronic identity server as a service to such companies. This creates a bridge between the ID card holder and an online store or online service provider (e.g. health insurance companies, energy suppliers, banks).
CVCA und CSCA
MTG CARA is ideally suited as a national PKI for passports, identity cards and electronic residence permits.
MTG CARA can be used worldwide as a Country Verifying Certification Authority (Association) and a Country Signing Certification Authority (CSCA) for machine readable travel documents (MRTD), passports and electronic residence permits.
MTG CARA supports the worldwide standardized PKI management protocols for the cross-border communication between CVCAs by the use of the SPOC (single point of contact).
MTG CARA is used by BSI (Federal Office for Information Security) as a CVCA and CSCA.
Evaluation Facility for IT security
Evaluation of conformity of IT products or systems in compliance with technical guidelines may only be performed by independent, private-sector bodies that have been approved by the BSI in accordance with DINISO/IEC17025.
The MTG Evaluation facility for IT security is one of them and performs these, for the so-called "technical security device for electronic recording systems" (BSI TR-03153 / BSI TR-03153-TS). MTG also evaluates protection profiles according to Common Criteria (e.g. Smart Meter Protection Profile BSI CC-PP-0073-2014) and collaborates on specifications for the creation of Technical Guidelines.