Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


01:25 PM
Dark Reading
Dark Reading
Products and Releases

Citi Cross-Certifies With Trusted PKI Bridge

Bank can now deliver identity credentialing services to companies seeking to do business with the aerospace and defense industry

HERNDON, Va. and NEW YORK, June 18 /PRNewswire/ -- Citi today becomes the first bank to cross-certify with the CertiPath information-sharing bridge, giving the global bank the new ability to deliver identity credentialing services to companies seeking to do business with the aerospace and defense (A&D) industry. Citi's Global Transaction Services -- the unit that has worked with CertiPath -- offers integrated cash management, trade, and securities and fund services to multinational corporations, financial institutions and public sector organizations around the world.

CertiPath, the identity management and secure information sharing authority for A&D, was established to address one of the biggest challenges in business today: for partners and customers to electronically share critical information with a degree of trust, confidence and security. CertiPath's information-sharing bridge makes it possible for organizations to do business across the street and around the world electronically with credentials that are trusted - based on uniform requirements for medium- and high-assurance certification for identity issuance.

Citi's Managed Identity Services enables Citi clients to use digital identities and signature technologies to effectively and securely engage in digital commerce. Citi's offerings provide the requisite security and assurance framework to confidently transact business. As part of the solution, Citi issues digital identities that can be used in a number of ways including authenticating end users to applications, encrypting and locking down data, and replacing "wet ink" with digital signatures without compromising legal enforceability.

As a CertiPath Certified Credential Provider (3CP), Citi's Global Transaction Services unit has invested in extensive policy, procedure and infrastructure development to meet the rigorous standards for identity management required by the global A&D industry and the U.S. Federal Government. Citi currently provides digital identities to corporate clients for performing financial and pharmaceutical transactions through its Managed Identity Services business. With this new capability, Citi's clients will have the ability to conduct electronic business with the U.S.'s largest A&D organizations and U.S. Federal Agencies already on the CertiPath Bridge. These military-grade credentials will enable Citi clients to streamline business processes by moving transactions online and to conduct business with the Federal government electronically. It will also significantly reduce cost and risk by eliminating the need for Citi clients to create their own certified credentials.

"Issuing and maintaining digital credentials is a very technologically sophisticated process, and Citi is making it much easier for clients to do business in an increasingly complex business environment," said Gary E. Greenwald, Chief Innovation Officer for Citi's Global Transaction Services. "Cross certification with the CertiPath bridge allows us to supply the credentials needed to do business in this industry. It's a huge milestone for us as we expand one of our competencies."

Citi clients join CertiPath's growing community of organizations - including Boeing, EADS, Lockheed-Martin, Northrop Grumman and Raytheon - that rely on trusted digital identities to secure document and e-mail exchanges, authenticate to applications or encrypt files and as well, to make physical access to facilities significantly more secure.

Global Transaction Services, a division of Citi's Institutional Clients Group offers integrated cash management, trade, and securities and fund services to multinational corporations, financial institutions and public sector organizations around the world. With a network spanning over 100 countries, Citi's Global Transaction Services supports over 65,000 clients. As of the first quarter of 2009, it held on average $278 billionin liability balances under administration, and $10.3 trillion in assets under custody and trust.

"While the need for secure, trusted digital credentials is growing across all industries, the stakes are perhaps highest in A&D, where unauthorized access to military and operational information could be detrimental to national security and public safety," said Jeff Nigriny, president of CertiPath. "We are very pleased to have Citi join us. Its global reach will help us ensure that companies can do business in this environment - securely, confidently and economically."

About Citi

Citi, the leading global financial services company, has approximately 200 million customer accounts and does business in more than 140 countries. Through its two operating units, Citicorp and Citi Holdings, Citi provides consumers, corporations, governments and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, and wealth management. Additional information may be found at www.citigroup.com or www.citi.com.

About CertiPath

CertiPath provides the aerospace and defense industry's only public key infrastructure (PKI)-based communications bridge where information can be shared widely, securely, effectively and affordably between partners, suppliers and customers - regardless of the size and scope of the supply chain.

CertiPath's disruptive solution tears down the burdensome and costly company, employee and program-centric approaches to identity assurance. Today, organizations in the U.S., U.K. and Europe including Boeing, BAE Systems, EADS, Lockheed Martin, Northrop-Grumman, Raytheon and the U.S. Federal Bridge (FBCA) are members of this fast-growing community. For more information, visit CertiPath on the web at http://www.certipath.com.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
Unreasonable Security Best Practices vs. Good Risk Management
Jack Freund, Director, Risk Science at RiskLens,  11/13/2019
6 Small-Business Password Managers
Curtis Franklin Jr., Senior Editor at Dark Reading,  11/8/2019
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-11-15
Pimcore before 6.2.2 allow attackers to brute-force (guess) valid usernames by using the 'forgot password' functionality as it returns distinct messages for invalid password and non-existing users.
PUBLISHED: 2019-11-15
Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scenario of an incorrect recipient ID of a notification.
PUBLISHED: 2019-11-15
bundles/AdminBundle/Controller/Admin/EmailController.php in Pimcore before 6.3.0 allows script execution in the Email Log preview window because of the lack of a Content-Security-Policy header.
PUBLISHED: 2019-11-15
Pimcore before 6.2.2 lacks brute force protection for the 2FA token.
PUBLISHED: 2019-11-15
Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege escalation because an HTTP request may be interpreted in the authentication context of an unrelated previous request that arrived over the same connection.