Glossary

Authentication Context Signature Protocol (ACSP) is a protocol used in Smart-ID that allows a Relying Party to request a user’s digital signature on the specific details, or "context" of an authentication event.

Version 2 of the ACSP protocol.

RP’s mobile application running on a user’s device. The app is used to interact with the RP’s e-service and in the background, the app is communicating to the RP’s backend or website.

Key pair that is used to digitally authenticate a person.

An entity that issues certificates for Smart-ID account owners.

Use cases that start from an RP in one device and continues with the Smart-ID app in a different device. These use cases are usually used with dynamic QR codes and notification flows.

A Pair of keys that are required for digital signature scheme. There are two kinds of key pairs (or shortly, keys) in the Smart-ID system, authentication key pair and signature key pair. The word pair refers to the private and public keys of each key pair used in an asymmetric cryptographic algorithm, here RSA.

A tablet computer or smartphone that runs a mobile device operating system (Apple iOS, Google Android).

A natural person who uses the Smart-ID system to authenticate herself to an RP and to issue digital signatures requested by RP.

An entity responsible for recording or verifying some or all of the information (particularly the identities of subjects) needed by a CA to issue certificates and CRLs and to perform other certificate management functions.

A request from an RP that requires some kind of operation in the Smart-ID backend system. It may or may not create a transaction.

An organization or service, for example a bank, that uses the Smart-ID service to authenticate its users and to get them to sign the documents.

Use cases that start from an RP in one device and continues with the Smart-ID app in the same device.

Key pair that is used to give digital signatures of a person.

A person has to register a Smart-ID account to use services provided by the Smart-ID system. Account binds a Smart-ID app instance (installed on a person’s mobile device) to a person’s identity in the Smart-ID system. In the course of account creation and registration, the identity of the account owner (person) is proofed by a Registration Authority (RA) and the relation between the identity and a key pair is certified by a Certificate Authority (CA). An account has a signature key pair and an authentication key pair.

A technical component of the Smart-ID system. A mobile app instance installed on a person’s mobile device that provides access to Smart-ID functionality for persons.

An organization that is legally responsible for the Smart-ID system.

A technical component of the Smart-ID system. Server-side counterpart of the Smart-ID app. Handles backend operations and provides API-s to Relying Party (RP).

A technical and organizational environment that enables digital authentication and issuing of digital signatures of persons in an electronic environment. The Smart-ID system provides services that allow persons (Smart-ID account owners) to authenticate themselves to RPs, to give digital signatures requested by RPs, and to manage their Smart-ID accounts.

Natural persons with registered Smart-ID accounts. Users authenticate to the RP’s e-service and create digital signatures with the browser or the RP’s app.

Verification codes are 4 numbers shown to the user for notification based (authentication and signature) flows to let the user bind together the session on the browser or RP app and the authentication request on the Smart-ID app.

Information system built by RP and uses Smart-ID service to authenticate users and to create digital signatures. The website is integrated with the Smart-ID RP API (this documentation).