Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

6/18/2009
01:25 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Citi Cross-Certifies With Trusted PKI Bridge

Bank can now deliver identity credentialing services to companies seeking to do business with the aerospace and defense industry

HERNDON, Va. and NEW YORK, June 18 /PRNewswire/ -- Citi today becomes the first bank to cross-certify with the CertiPath information-sharing bridge, giving the global bank the new ability to deliver identity credentialing services to companies seeking to do business with the aerospace and defense (A&D) industry. Citi's Global Transaction Services -- the unit that has worked with CertiPath -- offers integrated cash management, trade, and securities and fund services to multinational corporations, financial institutions and public sector organizations around the world.

CertiPath, the identity management and secure information sharing authority for A&D, was established to address one of the biggest challenges in business today: for partners and customers to electronically share critical information with a degree of trust, confidence and security. CertiPath's information-sharing bridge makes it possible for organizations to do business across the street and around the world electronically with credentials that are trusted - based on uniform requirements for medium- and high-assurance certification for identity issuance.

Citi's Managed Identity Services enables Citi clients to use digital identities and signature technologies to effectively and securely engage in digital commerce. Citi's offerings provide the requisite security and assurance framework to confidently transact business. As part of the solution, Citi issues digital identities that can be used in a number of ways including authenticating end users to applications, encrypting and locking down data, and replacing "wet ink" with digital signatures without compromising legal enforceability.

As a CertiPath Certified Credential Provider (3CP), Citi's Global Transaction Services unit has invested in extensive policy, procedure and infrastructure development to meet the rigorous standards for identity management required by the global A&D industry and the U.S. Federal Government. Citi currently provides digital identities to corporate clients for performing financial and pharmaceutical transactions through its Managed Identity Services business. With this new capability, Citi's clients will have the ability to conduct electronic business with the U.S.'s largest A&D organizations and U.S. Federal Agencies already on the CertiPath Bridge. These military-grade credentials will enable Citi clients to streamline business processes by moving transactions online and to conduct business with the Federal government electronically. It will also significantly reduce cost and risk by eliminating the need for Citi clients to create their own certified credentials.

"Issuing and maintaining digital credentials is a very technologically sophisticated process, and Citi is making it much easier for clients to do business in an increasingly complex business environment," said Gary E. Greenwald, Chief Innovation Officer for Citi's Global Transaction Services. "Cross certification with the CertiPath bridge allows us to supply the credentials needed to do business in this industry. It's a huge milestone for us as we expand one of our competencies."

Citi clients join CertiPath's growing community of organizations - including Boeing, EADS, Lockheed-Martin, Northrop Grumman and Raytheon - that rely on trusted digital identities to secure document and e-mail exchanges, authenticate to applications or encrypt files and as well, to make physical access to facilities significantly more secure.

Global Transaction Services, a division of Citi's Institutional Clients Group offers integrated cash management, trade, and securities and fund services to multinational corporations, financial institutions and public sector organizations around the world. With a network spanning over 100 countries, Citi's Global Transaction Services supports over 65,000 clients. As of the first quarter of 2009, it held on average $278 billionin liability balances under administration, and $10.3 trillion in assets under custody and trust.

"While the need for secure, trusted digital credentials is growing across all industries, the stakes are perhaps highest in A&D, where unauthorized access to military and operational information could be detrimental to national security and public safety," said Jeff Nigriny, president of CertiPath. "We are very pleased to have Citi join us. Its global reach will help us ensure that companies can do business in this environment - securely, confidently and economically."

About Citi

Citi, the leading global financial services company, has approximately 200 million customer accounts and does business in more than 140 countries. Through its two operating units, Citicorp and Citi Holdings, Citi provides consumers, corporations, governments and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, and wealth management. Additional information may be found at www.citigroup.com or www.citi.com.

About CertiPath

CertiPath provides the aerospace and defense industry's only public key infrastructure (PKI)-based communications bridge where information can be shared widely, securely, effectively and affordably between partners, suppliers and customers - regardless of the size and scope of the supply chain.

CertiPath's disruptive solution tears down the burdensome and costly company, employee and program-centric approaches to identity assurance. Today, organizations in the U.S., U.K. and Europe including Boeing, BAE Systems, EADS, Lockheed Martin, Northrop-Grumman, Raytheon and the U.S. Federal Bridge (FBCA) are members of this fast-growing community. For more information, visit CertiPath on the web at http://www.certipath.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/28/2020
Stay-at-Home Orders Coincide With Massive DNS Surge
Robert Lemos, Contributing Writer,  5/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11844
PUBLISHED: 2020-05-29
There is an Incorrect Authorization vulnerability in Micro Focus Service Management Automation (SMA) product affecting version 2018.05 to 2020.02. The vulnerability could be exploited to provide unauthorized access to the Container Deployment Foundation.
CVE-2020-6937
PUBLISHED: 2020-05-29
A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote attackers to submit data which can lead to resource exhaustion.
CVE-2020-7648
PUBLISHED: 2020-05-29
All versions of snyk-broker before 4.72.2 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users who have access to Snyk's internal network by appending the URL with a fragment identifier and a whitelisted path e.g. `#package.json`
CVE-2020-7650
PUBLISHED: 2020-05-29
All versions of snyk-broker after 4.72.0 including and before 4.73.1 are vulnerable to Arbitrary File Read. It allows arbitrary file reads to users with access to Snyk's internal network of any files ending in the following extensions: yaml, yml or json.
CVE-2020-7654
PUBLISHED: 2020-05-29
All versions of snyk-broker before 4.73.1 are vulnerable to Information Exposure. It logs private keys if logging level is set to DEBUG.