SOURCE: Symantec


October 19, 2010 06:30 ET

Symantec's VeriSign PKI Chosen to Secure EU Procurement System

Pan-European Public Procurement Online (PEPPOL) to Rely on VeriSign PKI Platform for Secure Communications Between Government Buyers and Sellers Across Europe

LONDON--(Marketwire - October 19, 2010) -  Symantec's (NASDAQ: SYMC) VeriSign Authentication group today announced that the VeriSign Managed Public Key Infrastructure (MPKI) Platform will secure the digital communications between government purchasing agencies and their supplier across the European Union as part of the Pan-European Public Procurement Online project (PEPPOL).

PEPPOL is working to streamline the process of cross-border government procurement in the EU by interconnecting various isolated services using secure digital transactions and data exchange. Taken together, European governments represent the single largest buyer in the EU, accounting for approximately 1.5 trillion Euros annually, or 16 percent of GDP. But the current variety of procurement systems, covering accepting company attestations and catalogues, placing orders, and receiving invoices create challenges to European suppliers. The process of communicating between governments and their suppliers can be slow, expensive, vulnerable to errors, and so complicated that it shuts out many small and medium enterprises (SMEs) from selling to governments, especially those in other European states.

VeriSign MPKI plays a critical role in PEPPOL's effort to establish a common infrastructure for secure data exchange. With VeriSign MPKI, the PEPPOL Access Points (as used by EU governments agencies and their supplier communities) can leverage advanced security technologies when issuing identity certificates, business certificates, and device certificates for the electronic documents involved in all their procurement transactions. The trust enabled by these certificates will help the PEPPOL community in their objective to streamline operations, minimise the risk of fraud and waste, and disseminate information more easily and securely.

"The vision of the PEPPOL project is that any company and in particular SMEs in the EU can communicate electronically with any European governmental institution for the entire procurement process," said Tim McGrath, Deputy Technical Director at PEPPOL. "To achieve this, we must have an infrastructure that establishes trust -- one that integrates and accelerates the various procurement processes while ensuring integrity and reliability when exchanging data online. With its proven and scalable Managed PKI platform, VeriSign Authentication provides a key component of this platform."

PEPPOL is currently engaged in a 300-seat pilot deployment of the PKI-protected procurement system. Through a cost-effective, hosted solution that eliminates the need for investments in on-premise hardware, VeriSign Authentication serves as a trusted Certificate Authority, by which PEPPOL can manage, issue and revoke certificates. VeriSign Authentication also provides Online Certificate Status Protocol (OCSP) validation, with more than a billion OCSP checks a day. And through Professional Services, the VeriSign Authentication group developed a Certification Policy and Certification Practice Statement (CP/CPS) for PEPPOL.

"We're excited to bring the world's longest-running commercial PKI platform into service for PEPPOL and the entire European Union," said Christian Brindley, Regional Technical Manager in EMEA for Symantec's VeriSign Authentication group. "PEPPOL will transform the way EU governments acquire goods and services, saving time and money, while opening the process to countless more businesses. The VeriSign Authentication group is proud to have been chosen as the authority responsible for protecting this promising and vital economic engine."

Since 1995, VeriSign Authentication has issued and managed tens of millions of PKI certificates for thousands of customers throughout the world. The scalable and extensible VeriSign MPKI Platform builds on recent large-scale implementations to provide a robust, comprehensive solution for PKI deployments in use on a national and international scale. With VeriSign Authentication, governments can manage their own certificates, with end-to-end control over millions of end user digital certificates on a global scale. VeriSign Authentication also supports easy, rapid deployment of PKI applications and strong authentication using smart cards across major Web browsers and platforms -- an advantage for governments aiming to simplify high-volume delivery of PKI digital certificates and applications via the latest generation of smart cards.

About Symantec

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organisations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at

Copyright © 2010 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. VeriSign, VeriSign Trust and other related marks are the trademarks or registered trademarks of VeriSign, Inc. or its affiliates or subsidiaries in the U.S. and other countries and licensed to Symantec Corporation. Other names may be trademarks of their respective owners.

Contact Information