. Cryptography in ICT: Boosting Consumer Trust | BSI
Contact Us
Search Icon

Suggested region and language based on your location

    Your current region and language

    Consumers paying at transport gate with smart watch
    • Blog
      ICT

    Cryptography in ICT: Boosting Consumer Trust

    Delve into the significance of cryptography and its pivotal role in establishing and bolstering digital trust.

    In the growing digital economy, how can your consumers have confidence in the information and communications technology (ICT) they rely on every day? With much of our valuable data held by ICT systems, keeping that data secure is crucial.

    One way of keeping your consumers’ personal data safe and protected is through cryptography.

    What is cryptography?

    Cryptography can be defined as “the art of keeping information secure”. Information, such as text, can be transformed using an algorithm or mathematical operation into a cipher, which is a coded message.

    Each cipher has a key, which ‘unlocks’ the message. An example of a basic key could be replacing a letter with a different letter, or as complicated as an algorithm-generated string of numbers.

    The process is called encryption and it is an important security mechanism for keeping data safe.

    A well-known example of encryption was the work done by the codebreakers based at Bletchley Park in the UK during World War Two.

    A team of mathematicians and civil servants, including Alan Turing, cracked the Enigma code by inventing a codebreaking machine called the Turing-Welchman Bombe. The Bombe was an electro-mechanical machine that worked to discover the key of a cipher, which then helped codebreakers to decipher encrypted messages.

    Why is cryptography in ICT important?

    In modern ICT, cryptography and cryptographic modules are used as foundation stones for building trust in ICT infrastructure.

    Cryptography has four main objectives:

    1. Confidentiality. The information must not be understood by anyone it was not intended for.
    2. Integrity. The information cannot be altered, either in storage or transit.
    3. Non-repudiation. The creator or sender of the information can’t later deny their intentions.
    4. Authentication. The sender and receiver can confirm each other’s identity.

    Information that meets one or more of these objectives is referred to as cryptosystems. These four principles contribute towards establishing trust in the ICT sector for consumers, as people want to know their data is being held safely and used responsibly by organizations.

    How can you use cryptographic modules to build trust?

    Cryptographic modules, comprising hardware, software, or firmware, work together to support ICT security functions.

    These modules can then be used to store personal data, including personal identifying information (PII) such as names, phone numbers, addresses or other data like passwords or banking details. This kind of data is frequently targeted by identity thieves and can therefore be some of the riskiest data for organizations to hold.

    If your organization collects data on its users, it is obliged to follow the relevant data protection principles and regulations (e.g. the General Data Protection Regulation (GDPR) in the EU) to keep that data safe and minimized.

    Building consumer trust plays a vital part – because your consumers want to feel assured that your organization is doing everything it can to ensure data security.

    The impact of cryptography on our future digital society

    Cryptography is critical for our future digital society.

    The total amount of data created is set to reach more than 180 zettabytes by 2025, so making sure that data is stored as safely as possible benefits everyone.

    This increasingly digital transformation is known as the fourth industrial revolution and is centred around the automated collection and sharing of data. But it’s not just organizations collecting data, smart cities and the Internet of Things (IoT) all benefit from secure data to support the necessary future infrastructure.

    We’re helping to shape the future of cryptography

    The game-changing global standard Information Technology – Security Techniques – Security Requirements for Cryptographic Modules (ISO/IEC 19790) sets the gold standard.

    It precisely defines the security requirements for cryptographic modules within cutting-edge security systems, safeguarding data in the dynamic realm of ICT.