The WG1 undertakes the definition of needs and the general and functional specifications for a common card holder authentication module for Internet end users (NAME document). The NAME acronym stands for "Network Authentication Module for internet End users".

The working group 1 of the project will assess the requirements and needs of network and service providers so as to define general and functional specifications of a common cardholder authentiction module for Internet end-users. These specifications include the following elements :

SECURITY : key management, certification procedures...
SERVICES : payment (protocols,...),loyalty,e-trading,data-transfer
APPLICATIONS : type of business (BtB, BtoC, BtoA,...), content providers

NAME could be implemented on multi-function cards issued by network operators based on international standards (EMV/SET,WAP,UMTS,...), for secure access to interoperable services through open infrastructures and standardised secure readers.

This concept of a common authentication token for Internet will accelerate the development of e-commerce, since it will bring the required level of Trust and Confidence that is currently restraining the widespread use and development of new Internet applications and services.

An analysis of the various types of authentication and signatures required by the various business and application environments, and of the security levels of each type, in under way. This work will be completed during the comment phase to be included in the final document NAME specifications.

The Convenor of the WG1 is Mr Claude Megglé, from Cyber-COMM : mailto:claude.meggle@cyber-comm.com

This working group 2 will define the business requirements for Telecom operators for the use of authentication and electronic signature modules, taking into account wherever possible the needs of the banking sector. It addresses the following issues :

• Generic Security Requirements for e-services for the authentication of end users and for electronic signature
• General review of applications which need to use NAME, and/or NAME.ES modules (see working group 5), such as e-commerce, mobile banking, mobile commerce and others
• Interoperability of Services : common or interfaced PKIs
• Authentication and Electronic Signature architectures, actors (who will do it), networks
• Industry/Services infrastructure of the authentication and electronic signature modules : manufacturing / embedding, distribution services : Cost VS revenues (business model), solutions for disputes (assesment of responsability).

The objective is to ensure continuity of access o open networks and services using a common authentication and/or electronic signature smart card module for end user multi-channel access terminals (i.e. PDA, GSM, web-phone).

This activity includes the definition work for design specifications, the impact on each level of the system (card, card accepting device, server, and network), a market survey for authentication and electronic signature modules and business requirements and impact on service delivery platforms. WG2 will focus on Telecom business requirements for multi-functionnal and multi-application smart cards, on economic aspects of PKI (transaction costs, cost allocation, value-added breakdown, pricing mechanisms) and on the attitudes of various types of users toward smart card based solutions and applications.

The Convenor of the WG2 is Mrs Sara Carro Martinez, from TELEFONICA : scm@tid.es

WG 3 aim is to investigate what are the requirements for enabling common card-holder authentication and electronic signature modules to work with any type of Internet terminal to access open networks and services (e.g. PDA, GSM, webphone ).
It includes the definition work for mainly the concept specifications, and the impact on the system at each level: card, card accepting device, server, and network, to answer the following questions:
What does the notion of " roaming appliances " cover? Some examples could be: PDAs, GSMs, Internet terminal like network computer, etc..
· Which services can benefit from interoperability between smart card systems ? For example, some of the services that have been identified are: electronic signature, non-repudiation of payments, development tools, and so on.
· What is the target market for these services? The study will only cover business sectors for which authentication and identification are of a prime necessity. The study will give a segmentation of the market (by business sector and by geographic area) and determine the specificity of each segment as well as volume forecasts for the two to three years to come.

Working Group 3 will address the following issues:

· Technical specifications for the implementation of the authentication and electronic signature modules on various types of terminals
· Comparison with other types of solutions, and comparative economic impacts.
· Tracking, referencing and collating economic and investment analysis research concerning interoperability technologies.
· Constraints, success factors and alternative solutions to the use of NAME and NAME.ES modules by terminal manufacturers.

The leader of the WG3 is Alain Israël, from Thales e-Transactions (Eurosmart member): alain.israel@thales-e-transactions.com

The scope of working group 4 covers this objective.

It includes the identification of major standardisation groups involved in this area. Smart IS WG 4 provides a structured interface for a continuous dialogue with standardisations committee and public authorities (CEN, ETSI, etc.) and other European initiatives (e.g. FINREAD, ISIA) in order to identify critical issues and obstacles to the development of smart-cased based applications and to formulate recommendations to regulatory authorities.
This working group will cover international recognition issues and ensure the link with the US Federal PKI, ISO, W3C, the WAP forum and the EDI/XML group.

The WG4 is managed by Norbert Lipzsyc, form Smart IS marketing: irl@club-internet.fr

The Convenor of the WG 5 is claude.meggle@cyber-comm.com