E-commerce, selling and buying products and services online, has evolved rapidly over the past decade. At the same time, the entrepreneurs engaged in e-commerce have struggled with difficulties posed by the fact that they never meet their client face-to-face. Online user accounts, which only consist of basic information and require a username and password for access, are far from secure, as they cannot tie the account to the person who created it.
The emergence of digital identities issued to citizens by the authorized agencies of their governments allow both the service providers and the end users to enter into online transactions more confidently than ever.
Authentication service is a series of electronic activities that takes place between the CA – certification authority (ASXM), service provider, and the authentication certificate issued to the person who wants to use a service (or buy a product). The service provider must first replace or complement their current username-password-based logon system with the Asan İmza (Mobile ID) authentication. A verification code is generated for the website after the authentication service has been programmed into it. In order to authenticate oneself, the client has to first check that the verification code displayed on the website and his or her phone display match and then enter the PIN1-code in his or her phone. By entering the PIN1-code, the client also confirms his or her volition to access and make any transactions at the website of the e-service. The certification authority confirms the client’s identity by verifying the validity of the certificate. In order to do so, the request and response of the authentication must contain specific sets of parameters. The risk of identity theft and resulting fraud is decreased for both the service provider and the client and the latter further benefits from the convenience of using his or her digital identity to access online services without having to create and memorize a different user account for each.