Leslie Romeo Head of D D MESSAGEBOX - MADE IN GERMANY
1&1 - Member of United Internet AG History of D D Infrastructure Comparison of Standards: D = eIDAS?! 1&1 D GmbH Agenda June
Strong Team employees (2 700 in product management, development and system administration) Sales Power about 3.2 million contracts annually sign-ups for free services daily Operational Excellence 49 million accounts in 11 countries 7 Certified Data Centers servers in Europe and the US Powerful Network Infrastructure km optical fibre network 1&1: Internet-Services of United Internet AG Access Applications Network Devices Content Software 1&1 D GmbHJune
Locations servers million paying customers million free accounts Hosting of over 19 million domains servers million paying customers million free accounts Hosting of over 19 million domains 1&1 D GmbHJune
Snail Mail Communication (Letter) Digital Communication ( ) - non-binding - not suitable for commercial use + widely spread + fast and convenient Snail Mail Communication (Letter) + legally binding + (legally) recognized - declining - slow and inconvenient Signed Digital Communication + (only) partially (legally) binding - not widely spread - complicated and inconvenient - not mass suitable Communications Environment in Germany 1&1 D GmbHJune Digital Communication ( )
D should not make „ secure“ but instead adequately replace letters. It‘s not enough just to „transfer the letter to the internet“. „D should especially include all values of the current paper-based communication in combination with the advantages of the established digital communication.“ ►Reliable, legally binding, and traceable as well as simple, fast, flexible, transparent, and convenient. 6 D Vision 1&1 D GmbHJune
D History 2006 D Act and first DMDA D Act and first DMDA Start Economic and political conversations 4 DMDA (Public admin., Enterprise, SME, priv. cust.) Over 1 million priv. and business cust. eGovernment Act Operation Execution: Economy Governance: Regulatory Bodies Operation Execution: Economy Governance: Regulatory Bodies Development Execution: Economy Governance: Regulatory Bodies Development Execution: Economy Governance: Regulatory Bodies Project Government and Economy Project Government and Economy Organisational Governmental Initiative Organisational Governmental Initiative 1&1 D GmbHJune Timeline Governance
Open Standard in open network within a closed user group Communication between individuals, companies and public administration No crossing of and D Services Solution 1&1 D GmbHJune Legally binding digital communication Authenticity Confidentiality Integrity Protection Traceability
Scope of Functions Attributes 1&1 D GmbHJune Explicit Addressing: FName.LName Mailbox and Delivery Service Reliable, legally binding, and traceable delivery (delivery and send receipt) Explicit Addressing: FName.LName Mailbox and Delivery Service Reliable, legally binding, and traceable delivery (delivery and send receipt) Optional: Secure Document Store Encrypted Storage and Archive of digital documents. Identification Service Third Party Authentication, e.g. name, age, billing address and/or delivery address. Optional: Secure Document Store Encrypted Storage and Archive of digital documents. Identification Service Third Party Authentication, e.g. name, age, billing address and/or delivery address. Integrity Protection Integrity protection as standard (hashing of meta data and message content) Optional: Use of digital signatures. Traceability Qualified signed delivery and delivery receipt from the sender/recipient provider. Integrity Protection Integrity protection as standard (hashing of meta data and message content) Optional: Use of digital signatures. Traceability Qualified signed delivery and delivery receipt from the sender/recipient provider. Authenticity Safe intial registration and authentication as trusted source beyond a reasonable doubt. Different authentication levels - [Normal] Username/ Password - [High] Two-factor authentication (e.g. text, TAN) Secure Transmission Standard: Encrypted transmission between all communication participants Optional: End-to-End Encryption/ (qualified) digital signatures Authenticity Safe intial registration and authentication as trusted source beyond a reasonable doubt. Different authentication levels - [Normal] Username/ Password - [High] Two-factor authentication (e.g. text, TAN) Secure Transmission Standard: Encrypted transmission between all communication participants Optional: End-to-End Encryption/ (qualified) digital signatures
Service Provider Sender Service Provider Recipient Recipient Overview of Functions Interoperational protocol between service providers Protocol depending on sender client Web browser -Client Plugin Solutions OSCI-Client Gateway Verification/ adding of meta data Integritiy protection on message level Encryption on message level Delivery receipt Requirements of the transmission protocol between service providers Delivery receipt Encryption Verification of meta data and Integrity Protocol depending on recipient client Sender Optional: End-to-end encryption 1&1 D GmbHJune Web browser -Client Plugin-Solution OSCI-Client Gateway
Involvement of the economy at an early stage Overall cooperation between government and economy Very good cooperation within the economy during the implementation General Interest / Acceptance of Users, especially private customers What went well? *Study of internet users communication behavior [Convios Consulting] „Over 60% of users could imagine using D already today; 5% would even pay for the service“ 1&1 D GmbHJune Yes, even if it cost 2 Euro monthly Yes, as long as it is free unlikely No
Use cases are urgently required What should be improved? 1&1 D GmbHJune D als Erfolgsmodell D , der ungenutzte Dienst Hope towards Government Administration not fulfilled Around 60% * of indiviudals do not use D because public offices can‘t be reached and 40%* of the companies do not use D because it is not viewed as a standard. The Resulting Inactivity Around 70% * of the consumers did not use their D mailbox (incl. free flat rate). With companies the inactvity is over 90%* Risk: The perception of participants and press of D as a failed governmental IT project is steadily rising! Opportunities: Government Administration – the desired partner Over 80%* of individuals, as well as 58%* of the companies, want to use D for communication with their government administration. For almost 90%* this was the main reason of registration. * Result of an online survey of customers (individuals and companies) of 1&1, WEB.DE and GMX customers (details on backup slides)
Promote rapid dissemination across all target groups □ Visible offer by public sector □ Commitment of economy □ Mandatory usecases (if needed, free of cost) □ Visibility for end user (adresses on electronic ID card, registry of residents) □ Involvement of entities that will disseminate information Improve usage possibilities and create more incentives □ Reduce entry barriers (e.g. possibilities of identification) □ Subsidise usage Supportive activities to maximise the offer of use cases 1&1 D GmbHJune
Target: Digital Transformation of paper mail. Facts D (§§ 1ff. D G) Accredited D service provider Identification beyond a reasonable doubt of all Users as foundation of a D account (LOA 4) Continuous Integrity Protection Qualified signed received receipt, delivery receipt, and read receipt including time stamp. Requirements for qualified electronic registered delivery services (Art. 44 (1) eIDAS (…) qualified trust service provider(s) (…) a high level of confidence the identification of the sender; (…) the identification of the addressee before the delivery of the data; (…) preclude the possibility of the data being changed undetectably; the date and time of sending, receiving and any change of data are indicated by a qualified electronic time stamp. D =* eIDAS *Confirmed by BSI, BNetzA and BfDI D =* eIDAS *Confirmed by BSI, BNetzA and BfDI Target: Trusted Services have the same legally binding status as the paper process. D does not equal eIDAS? The facts: 1&1 D GmbHJune
1&1 IT infrastructure is certified according to the D standard (BSI and BfDI) and intents to be recognized as a qualified eIDAS trust service (process pending) by July, 1st. The infrastructure is based on widely used and recognized international standards in the E- Mail environment (SMTP, S/MIME, SSL, etc.) and it is globally adaptable. Technical specifications of the D standard have already been introduced in international standardisation bodies. possible next steps to offer and implement eIDAS compliant qualified trustservices: InteroperabilityScope Expansion / Scalability Certified Infrastructure in EU 1&1 D GmbHJune The 1&1 infrastructure can thus be implemented as already certified cost-saving white label solution („SAAS“/„managed“/“on premise“). Operating for EU memberstates as nationwide or distributed system.. Highly scalable (from 1-10 million users upwards). The 1&1 infrastructure can thus be implemented as already certified cost-saving white label solution („SAAS“/„managed“/“on premise“). Operating for EU memberstates as nationwide or distributed system.. Highly scalable (from 1-10 million users upwards). The SPOCS project, sponsored by the EU commission, has drawn up procedures for the interoperability of systems operating according to the D standard with systems of other member states. D based systems are an integrated part of the eSense project in regards to the cross- border legally binding communication with France, Austria, Slovenia and Greece. The SPOCS project, sponsored by the EU commission, has drawn up procedures for the interoperability of systems operating according to the D standard with systems of other member states. D based systems are an integrated part of the eSense project in regards to the cross- border legally binding communication with France, Austria, Slovenia and Greece.
???????????????????????????? Questions? 1&1 D GmbHJune
1&1 D GmbH Leslie RomeoErnst-Frey-Straße 10 Head of D Karlsruhe Germany Phone Thank you for your attention! 1&1 D GmbHJune
Back Up Slides 1&1 D GmbHJune
D erstellen Kurze, automatisierte und entschlüsselte Prüfung (Spam / Viren) im flüchtigen Speicher Übermittlung über verschlüsseltem Kanal Anzeige der D D Dienste- anbieter Sender D Dienste- anbieter Empfänger Empfänger Sender Zweistufige Anmeldung Zwei-Faktor- Authentifikation (Besitz/Wissen) Vertrauliche Transportkanäle Integritätsschutz durch DKIM-Signatur Pentests Striktes Rollen-Berechtigungskonzept durchgänginges 4-Augen-Prinzip Redudante Systeme DMDA-DMDA-Kommunikation über SSL-Tunnel Dokumentenverschlüsselung Schutz vor SPAM, VIren und Maleware Vertrauliche Transportkanäle Integritätsschutz durch DKIM-Signatur Zweistufige Anmeldung Zwei-Faktor- Authentifikation (Besitz/Wissen) Qualifizierte elektronische Signaturen Qualifiziert signierte Abhol-, Versand- und Eingangsbestätigung Algorithmen gemäß Vorgaben des BSI Kurze, automatisierte und entschlüsselte Prüfung (Spam / Viren) im flüchtigen Speicher Verschlüsselte Ablage im Postfach Umgebung vom BSI nach ISO auf Basis IT-Grundschutz und durch BfDI nach Datenschutz Kriterienkatalog zertifiziert und unter ständiger Kontrolle Absicherungsübersicht 1&1 D GmbHJune
MassenversenderUse CasesPost Banken Versicherungen Vereine Telekommunikationsunternehm en Öffentliche Verwaltung Versorger [...] RechnungenXX* MahnungenX- KontoauszügeX- VerträgeX- AGB- Änderungen X- BescheideX- InformationenXX Sensible DatenXX Klassisch versendete Dokumente sind: Status Quo Versandweg 1&1 D GmbHJune
Anzahl der Briefsendungen (< 50g) in Deutschland*ca. 19,6 Milliarden Stück - Versendet von privaten Unternehmen (~ 92 %)ca. 18,03 Milliarden Stück - Versendet von Privatpersonen (~ 8 %)ca. 1,57 Milliarden Stück Grds. für den elektronischen Versand geeignet (~ 75 %)ca. 14,7 Milliarden Stück Erzielter Umsatz für Briefsendungen*ca. 10,6 Milliarden € Anteiliger Umsatz bei substituierbarem Versand (~ 75 %)ca. 7,95 Milliarden € Basis eines Einsparungspotenzial sind, außer dem hier berücksichtigten Porto, auch die günstigeren, medienbruchfreien Prozess- und Bearbeitungskosten, ohne Medienbruch. * im Jahr 2007Quelle: Studie der WIK-Consult GmbH im Auftrag der BNetzA (2009): Nachfrage von Postdienstleistungen von Geschäftskunden Status Quo - Kosten 1&1 D GmbHJune
Auszug aus der MaFo von Juli 2014 an D Bestandskunden (GK: 483 Teilnehmer): Was glauben Sie woran es liegt, dass D noch nicht flächendeckend genutzt wird? Wie oder für was würden Sie D zukünftig einsetzen (Mehrfachnennung möglich)? Wie häufig haben Sie seit Vertragsabschluss den D Dienst nutzen können? 90,5% Gar nicht 4,6% weniger als einmal im Monat 2,3% einmal im Monat D MaFo Geschäftskunden 1&1 D GmbHJune
Auszug aus der MaFo von Juli 2014 an D Bestandskunden (PK Teilnehmer): Was glauben Sie woran es liegt, dass D noch nicht flächendeckend genutzt wird? Wie oder für was würden Sie D zukünftig einsetzen? (Mehrfachauswahl möglich) Wie häufig haben Sie seit Vertragsabschluss den D Dienst nutzen können? Mit welcher Ambition haben Sie sich ursprünglich für D entschieden? (Mehrfachauswahl möglich) weniger als einmal im Monat einmal im Monat Gar nicht D MaFo Privatkunden 1&1 D GmbHJune
ca. 80% des Markts national verteilt ca. 70% D Potential auf „einem Klick“ (akkr. DMDAs) Situation D (07/2014): 70% aller privaten Mailnutzer werden durch akkreditierte DMDAs direkt erreicht und haben D „auf einen Klick“ verfügbar. ca. 1 Mio. Endnutzer verbindlich unter Vertrag (50% identifiziert) ca Unternehmen mit D Domain unter Vertrag Erleichterung der Ende-zu-Ende Verschlüsselung durch die Integration von PGP in D per Ende 2014 Nationale Anbieter mit rechtssicherer Lösung: Nationale Anbieter: US-Provider : D gut gestartet, aber noch kein Durchbruch 1&1 D GmbHJune