The government of Ghana has announced plans to deploy a Public Key Infrastructure (PKI) system aimed at comprehensively protecting transactions and interactions on the country’s digital space.
Ghanaian businesses are becoming ever more dependent on digital information and electronic transactions, and, as a result, facing stringent data privacy compliance challenges and data security regulations.
With enterprises increasingly under threat from cyberattacks and malicious insiders, the introduction of the PKI system is timely, since business entities continually access sensitive data and critical systems.
Over the years, there have been a few forms of authentication, which have been developed to safeguard critical and sensitive data.
The most basic method of encryption is a single password sign-on. While many businesses end up using these kinds of verifications, they are inadequate due to the relatively simple ways in which they can be defeated. Passwords are a great place to start, but they are rife with shortcomings that prevent them from protecting information all on their own.
Speaking at a ceremony on Wednesday in Accra to announce the move, Ghana’s Communication Minister, Mrs Ursula Owusu-Ekuful, said the PKI system “is an additional layer of authentication which secures our digital transactions. So, it is as if there is a key broken into two, the public key is given out but before anyone can read your document or open the document, they need the private key.
“So, if you are not the one who actually issued that document, it would be impossible for anyone to open it and to read it.”
That, she said “helps with digital financial transactions, it helps with the issuance of a digital certificate, it helps with electronic signatures of documents… authenticating electronic signatures of documents. Now it is easy to fake all kinds of things using the same technology, so, how do we ensure that the documents that you are, for example, filing in court are the real documents? You need this public key infrastructure to be able to authenticate that. It makes it difficult if not impossible to falsify electronic signatures, digital signatures and electronic certificates.”
She further continued, “So, it adds another layer of security to the electronic transactions that we engage in. Increasingly, most of our lives are going digital, most of the interactions that we are having, we are having them online, filling forms, applications, receiving information, paying for goods and services, receiving payments for goods and services—all of that is being done on electronic platforms.
“There has to be some trust built into the system because once people have an idea that it is a system that is opened to hacking and it is trustworthy, they would not use it [and] it defeats the purpose [for which] we were making all that investment. So, this is another layer of security that we were adding to all electronic transactions.”
The PKI system would be implemented by the Ministry of Communication through the E-transform Project and NITA.