Established by the French Government’s Ministry of Finance and Economics, the ACCORD project was commissioned to design and implement financial system modernisation. The charter of the ACCORD initiative team, composed of representatives from multiple government ministries, is to architect solutions that enable the French government to manage the finances of the country with the same level of accountability as private sector enterprises. The technology-based infrastructure selected was a smart card solution to confirm and authenticate users across 40 departments.

HID Global’s Identity Assurance software

The systems operated in parallel but could not leverage the benefits of a unified system

AIFE – Agence pour l’Informatique Financière de l’Etat – chose HID Global’s Identity Assurance software coupled with smart cards for the solution.

Ensuring users are ‘who they say they are’ over the course of several decades, individual French government departments had developed separate and distinct applications to manage activities such as budgeting, processing purchase orders, and other accounting activities. The systems operated in parallel but could not leverage the benefits of a unified system.

Enterprise Resource Planning system

With the inception of the ACCORD project, the government committed to streamlining finance management by moving to one system for centralised control of the country’s budgeting and finance operations – with a goal that by 2004, all government central entities will be using the standard Enterprise Resource Planning (ERP) system. The transition to an online application that consolidates financial reporting and transactions requires an organisation to determine how it will identify users with certainty prior to granting them access to the system and to valuable data.

The solution must be easy to use to ensure departmental acceptance of the new application and authentication process. It must also minimise the IT staff time required for day-to-day administration and helpdesk activities for a large population over 7,000 dispersed users. These multiple challenges presented an opportunity to leverage proven digital identification solutions from HID Global.

Smart card-based PKI identification solution

HID Global’s Security Client software solution and smart card readers are key elements for securing the finance system at all user points of entrySmart card-based solution using digital certificates with PKI, The French government-wide implementation securely links multiple departments, such as the Ministries of Education, Justice, Transportation and Housing, and Foreign Affairs, to the unified ERP application, enabling the exchange and ultimate consolidation of digital information.

In 2000, the Ministry of Finance began deploying HID Global’s smart card-based PKI solution. HID Global’s Security Client software solution and smart card readers are key elements for securing the finance system at all user points of entry – any of which could become a source of fraudulent or malicious activity in the absence of strong authentication and confirmation of digital identity. Today, employees regularly use the card with a microchip that holds their unique credentials in the form of an Entrust digital certificate.

HID Global’s Gold Entrust-Ready certification ensures a smooth deployment to large numbers of users, and the combined solution with Entrust TruePass delivers the following benefits:

  • Enhanced Security: HID Global’s multi-factor authentication reinforces the fundamental security and intent of a PKI by requiring something the user has (a smart card) and something the user knows (a PIN code) in order to use the private keys stored on the card. To further enhance security, the key pair is generated on the cryptographic smart card itself, so that the private key is never exposed to the insecure PC environment. The tight integration of HID Global’s client software with Entrust ensures certificate key updates are transparently and automatically made on the card.
  • Non-Repudiation: To support non-repudiation, it is essential that ERP system users provide undeniable proof that they are who they say they are. Keys used for that authentication can never be stored on the potentially vulnerable user workstation. Those sensitive keys must remain under the sole control of the user, and HID Global’s client software ensures private keys are generated on the card and remain in the rightful owner’s possession at all times.
  • User Simplicity: HID Gobal’s Security Client software provides a familiar ATM-like user interface that makes complex digital identity and PKI technologies transparent, so employees can focus on their work responsibilities and financial application activities to easily access the system. HID Global’s commitment to openness and industry standards ensures that the French Government’s initial investment in digital identity products and smart card client software infrastructure is capable of supporting multiple PKI vendors and other forms of identity credentials in the future.
Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version

In case you missed it

What is the biggest change in the security industry since 2010?
What is the biggest change in the security industry since 2010?

Ten years is a long time, but it seems to pass in an instant in the world of security. In terms of technology, 2010 is ages ago. Changes in the market have been transformative during that decade, and we called on our Expert Panel Roundtable to highlight some of those changes. We asked this week’s panelists: What was the biggest change in the security industry in the 2010-2019 decade?  

SIA composing code of conduct for U.K. private security, seeking comments
SIA composing code of conduct for U.K. private security, seeking comments

The Private Security Industry Act of 2001 gives the Security Industry Authority (SIA) the function of setting standards of conduct in the United Kingdom’s private security industry. Time is winding down to provide input during the SIA’s six-week consultation on a new draft code of conduct for SIA licence holders and applicants for SIA licences. The authority is inviting the industry, licence holders, and anyone with an interest in private security to have their say on the draft code of conduct by taking part in a survey. The consultation will end on 23 February.   “The ethos of the code of conduct is that it will improve standards and public safety by setting out the standards of conduct and behaviour we expect people to uphold if they are entrusted with protecting the public, premises and property,” says Ian Todd, Chief Executive, Security Industry Authority (SIA). Security's Code of Conduct A code of conduct sets out what standards of behaviour professionals have to meet in order to work in the profession In security as in many professions, a code of conduct sets out what standards of behaviour professionals have to meet in order to work in the profession. SIA is suggesting Six Commitments of behaviour that will apply to all licensed security operatives and to applicants. If the code of conduct is sanctioned by the U.K. Home Office, it would become mandatory and incorporated into SIA’s licensing criteria Get Licensed. A commitment to certain standards of behaviour is fundamental to what it means to be fit and proper, and to being part of a profession. The six commitments are: Act with honesty and integrity Be trustworthy Protect the people and property you are entrusted to protect Be professional at work Act with fairness and impartiality at work Be accountable for your decisions and actions “We will review the comments from the consultation once it concludes on 23 February, analyse the results and publish a report on our findings,” says Todd. “The SIA will then use the comments it has received to write a final version of the code of conduct. The introduction of a code of conduct will be subject to final approval by Home Office Ministers.” SIA’s current Standards of Behaviour provide guidance on professional behaviour but are not mandatory. The draft code of conduct builds on the Standards of Behaviour. Upholding SIA's Standards The SIA’s Partnership and Interventions team is the unit that enforces the Private Security Industry Act “The majority of licence holders uphold the standards of behaviour that the SIA, their employers and the public expect of them,” says Todd. “Their professionalism and dedication keep the public safe and tackle crime. However, there are incidents in which some licence holders do not behave in this way. This minority lower the standard of service the public receives, harm public safety, and bring themselves and the rest of the private security industry into disrepute.” The SIA’s Partnership and Interventions team is the unit that enforces the Private Security Industry Act. It is likely that they will be required to enforce the code of conduct should it become mandatory. The draft code of conduct is currently out for consultation and the proposal has been shared widely to licence holders, private security businesses, and enforcement partners encouraging them all to take part. “Once the consultation has concluded, we will analyse the findings from the feedback, produce a report and publish it on our website and share this widely via social media,” says Todd.

Satisfaction criteria differ for DIY vs. pro-install companies, says J.D. Power
Satisfaction criteria differ for DIY vs. pro-install companies, says J.D. Power

J.D. Power is a well-known name when it comes to measuring customer satisfaction, and they have been measuring satisfaction in the home security industry since 2016. Changes affecting the marketplace – both in terms of disruptors and technology – make this a unique time. For example, in 2019, J.D. Power expanded the Home Security Satisfaction Study to not only measure the traditional pro-install/pro-monitor companies, but to separately evaluate self-install/pro-monitor brands.  “At J.D. Power our rankings are meant to support an industry in two key ways,” says Christina Cooley, J.D. Power's Director, @Home Intelligence. “First, we provide consumers who are shopping for products and services with a ‘report card’ of who provides customers with high levels of customer satisfaction. Second, we provide companies with actionable insights to help them prioritise their initiatives to improve and maintain high levels of customers satisfaction that drive loyalty and growth.” Differentiating between companies The traditional Pro-Install/Pro-Monitor companies are challenged to differentiate from one another In home security, J.D. Power is in a unique position to report on the changes taking place in the evolving industry. The 2019 rankings show that the traditional Pro-Install/Pro-Monitor companies are challenged to differentiate from one another, as each have their individual strengths and opportunities, but overall the score range is relatively tight. On the do-it-yourself (DIY) side, there is more differentiation. A set of brands has been able to challenge the traditional industry by achieving extremely high customer satisfaction levels. Price is always an important factor that impacts customer satisfaction, whether for security or another market J.D. Power serves. The equation is simple, says Cooley: does the price paid equal the value the customer feels they have received from the product or service? “For Home Security, we didn’t specifically look at price until this year,” says Cooley. “With the changes that have occurred in the market, price can be a differentiator as we’ve seen with the emergence of DIY-installed systems. However, lower pricing does not have a direct relationship to quality of service.” The price factor For example, there are some higher-priced pro-installed brands that perform lower on customer satisfaction than lower-priced competitors. And DIY-installed systems as a whole are less expensive, and price is the customer satisfaction driver in which the DIY segment most outperforms the pro segment. Price is the customer satisfaction driver in which the DIY segment most outperforms the pro segment The equation is: performance minus Expectations equals Customer Satisfaction. “Obviously, price point will be a factor in the purchase decision and the expectations the customer has about the product and service,” says Cooley. “Any pro or DIY system has the opportunity to differentiate the customer experience regardless of price point.” There are clear differences in the pro vs. DIY experience, which is why J.D. Power evaluates the brands in separate rankings. However, Cooley says the drivers of satisfaction are consistent across both groups. The key to each group goes back to the equation above.  Evaluating the purchase process For the both pro and DIY companies, J.D. Power evaluates the purchase process the same. Though the customer may take a different path to purchase based on the offering they seek, the drivers are still the same: Usefulness of information provided Reasonableness of contract terms Professionalism of sales representative Ease of purchasing home security system. For installation, there are clear differences. DIY systems are evaluated based on: Ease of completing installation Quality of installation instructions provided Timeliness of receiving home security system. Pro systems are evaluated based on: Professionalism of technician Timeliness of completing installation Quality of work performed. Interestingly, purchase and installation are the customer satisfaction driver where both pro and DIY providers (as a whole) are most closely aligned on performance. Customer loyalty The price a customer is paying must align with the quality of the system they receive What drives a customer to purchase a home security system initially will often be very different than what will keep them as a loyal customer, Cooley notes. The price a customer is paying must align with the quality of the system they receive, and the service provided through the professional monitoring and customer service. “With the expansion of home security offerings, it’s more important than ever for home security companies to understand the motivations, intentions, and usage patterns across different customer segments to ensure that regardless of the decision to go pro or DIY-install, they are able to meet their customers’ needs and differentiate in the very competitive market. The J.D. Power Home Security Study provides these actionable insights.” The study is focused on the companies/brands that comprise the top two-thirds of market share in each segment, pro and DIY installed. A number of the brands included may work with local dealers or retailers for sales and install, but the customer is essentially evaluating those services as part of the system purchased. It is one and the same from the customer’s perspective, and the sales/install process can either delight or frustrate a customer from the beginning, which can then set the foundation for the entire experience moving forward. Reasons for shopping for a security system tend to differ between pro and DIY shoppers: Both sets are most focused on wanting a newer, more up-to-date system Between the two, pro customers are more often moving into a new home or wanting to take advantage of a discount or bundling opportunity with other products For DIY customers, they are shopping for a system to give them more peace of mind and to protect their property. Reasons for selecting the provider also vary: A pro company is often selected based on brand reputation or a special offer/promo A DIY company is primarily chosen based on price or a positive review. In terms of brand image, we see that customers see both pro and DIY providers similarly in terms of reliability. However, when it comes to being customer-driven, DIY providers receive higher image ratings compared to pro-installed companies.