1 Introduction

Public Key Infrastructures (PKI) have undoubtedly been the backbone of the Digital Transformation for decades already. Ever since X.509 digital certificates became widely used for distributing public keys for various applications, businesses have been increasingly relying on them for encrypting sensitive data at rest and in transit, signing and encrypting emails, securely authenticating users and devices and even creating legally enforceable electronic signatures.

Yet, for years, PKI has been declared dead more than once, with the most common reasons for that being its alleged complexity and high cost of implementation and management as well as the general inability of outdated technology to keep up with the modern times. This cannot be further from the truth, however! While old-school implementations are indeed incapable of scaling up to millions of entities such as mobile and IoT devices and some experts have been advocating the end of the centralized trust management in favor of decentralized identity models, the underlying technology and cryptography are still sound – the ongoing research efforts indicate that public key infrastructures can even be adapted even to withstand the dreaded quantum computer attacks.

Meanwhile, for large and small companies, digital certificates remain a key part of their security and identity management infrastructures. They are widely used for such operations as data and communication encryption, digital signatures and securing access to sensitive systems. In enterprise environments, smart cards and certificates are still the most widely used strong authentication alternative for the obsolete and insecure password authentication.

Thanks to the maturity and highly standardized nature of public key infrastructures (and a large number of legacy business applications tied into them), enterprise IT departments continue to rely on the proven technology, but they are feeling an increasing pressure from businesses to modernize the existing processes, support new device platforms, deliver better user experience and, last but not least, reduce the costs and administration efforts needed to manage and support the whole lifecycle of traditional hardware authentication devices.

Indeed Identity is a privately-held software vendor headquartered in Vilnius, Lithuania. Since 2011, the company has been offering solutions for multifactor authentication, privileged access management and public key infrastructure management based on a unified modular identity and access management platform that can be adapted to various use cases. With offices in Lithuania and Singapore, the company is currently serving over 200 enterprise customers primarily in the EMEA and APAC regions, as well as across the former CIS states. Although Indeed Identity does not yet have enough prominence outside of its home markets, the company is currently actively expanding its partner network, establishing a local presence in over 20 countries with the help of over 150 partners.

To address the challenges of managing smart cards and certificates across large and complex enterprise environments, Indeed Identity offers Indeed Certificate Manager – a software suite for centralized management of public key infrastructures that helps to automate all stages of certificate lifecycle, implements a broad range of self-service operations to reduce the load on administrators, and adds a number of innovative features that significantly improve the security and user experience of smart card operations for end users.