Legal Entity Identifiers Take Center Stage in New DigiCert Partnership
DigiCert and Ubisecure announce a new partnership to integrate LEIs and digital certificates to increase security
Your organization’s online identity is everything — especially if you’re an ecommerce business or someone who handles online financial transactions. Not only is identity important to your reputation, but it’s essential for building trust with browsers and operating systems as well. This is why our latest news is important for all types of businesses and organizations — it’s all about the integration and use of something called a “legal entity identifier.”
DigiCert, the world’s leading provider of SSL/TLS, IoT and PKI solutions, announced on Tuesday a new partnership with Ubisecure, a digital identity service provider. More on both of these companies momentarily, but the big takeaway here is that they’re partnering to explore the use and benefits of integrating LEIs in digital certificates via Ubisecure’s RapidLEI platform.
But before we can get into all of that — what exactly is an LEI and what does all of this have to do with your business?
Let’s hash it out.
What is a Legal Entity Identifier and Why You Should Care
A legal entity identifier, more commonly known as an LEI, is a way of uniquely identifying an individual (under specific conditions), government institution, business or other types of business who engage in financial transactions. It’s kind of like a tax ID or business ID in a sense — but with one key difference. Most business IDs are specific to the region or country the organization is located in. However, an LEI is unique globally, meaning that organizations can easily use it when doing business internationally. In a nutshell, this identifying information tells end users who is who or what is what, and helps to prevent a heaping mess of collisions and the confusion that come with them.
In a more technical sense, a legal entity identifier is a 20-character alpha-numeric code that’s used to identify global entities that engage in any type of financial transactions. The Global Legal Entity Identifier Foundation explains that the code is based on the International Organization for Standardization standard ISO 17442 and incorporates organization type and jurisdictional information. As an added bonus, it’s also endorsed by Group of Twenty (G20). At their core, LEIs offer standardized, consistent and reliable ways for organizations to assert their identities and ownership structures while also helping them to avoid the pitfalls of identity-based collisions.
LEIs were born out of the 2008 financial crisis that occurred more than a decade ago and are now recognized by 150 countries worldwide. In fact, the GLEIF reports that there are more than 1.5 million active legal entity identifiers around the world. The U.S. leads the way with more than 13% (204,445 LEIs) of all global LEIs. The second biggest user of LEIs include entities in the United Kingdom (9.5%, or 144,597) and Germany (8.3%, or 126,826).
What Are the Requirements for an LEI?
Public authorities around the world rely on the LEI to evaluate risk, improve the accuracy of financial data, take corrective steps and, if necessary, minimize market abuse. While the use of LEIs is optional in some countries or specific applications, it’s mandatory in others.
According to the GLEIF:
It is important to distinguish between being eligible for an LEI and being required to have one. As defined in ISO standard 17442, any legal entity that enters into a financial transaction is eligible for an LEI. Any legal requirement to have an LEI will come from national financial regulators.”
For example, the following countries or regions are just a few that have outlined some specific LEI requirements:
- Argentina
- Canada
- European Union
- Israel
- Mexico
- United Kingdom
- United States
The Benefits of Using LEI
The LEI data available through the GLEIF data serves as a type of global searchable directory or accessible database of organizations. The goal? To help mitigate financial fraud risks and increase market integrity by providing on-demand. That’s because LEI issuers must not only verify an LEI recipient’s information but they’re also required to update records whenever there’s a change. And you don’t have to worry about the data becoming out of date from neglect or lack of updates because LEI data only has 12-month validity.
But what types of organizational information can be seen in the directory? For fun, let’s look at Google LLC’s LEI reference data as an example. (Yes, we have a strange idea of what’s fun, but just go with it.) The data showcases a wide variety of info, including the following:
It also includes a wealth of other related information, including:
- Locational data, such as addresses associated with the organization
- LEI registration details
- Parent company information
- Children, or legal entities that are related to the LEI data (identified as “direct children” and “indirect children”)
If the organization that you’re looking at is a private business with no parent company, then in the parent section, it will sometimes state “NATURAL_PERSONS” as the listing.
What Does This DigiCert-Ubisecure LEI Partnership Mean for Your Organization?
The Ubisecure and DigiCert partnership means we see one of the first global Certificate Authorities join the Global LEI System. We are very excited that two technology leaders are working together to extend the availability of LEIs through new solutions. And we see this as an endorsement of how LEIs connect identity ecosystems to simplify legal entity identification in the digital age for the benefit of all stakeholders globally.”
— Stefan Wolf, CEO of GLEIF
And while this is great, what exactly does this distill down to mean for your organization? Simply put, a partnership between DigiCert and Ubisecure means that whether you’re a new or an existing DigiCert customer, you can have your cake and eat it, too. You’ll be able to take advantage of LEIs in the company’s future digital certificate offerings, which include:
- code signing,
- secure email, and
- certificate-based access controls.
Sounds like a win-win scenario any way you slice it — for companies and end users alike. This just means that you should keep an ear to the ground about new solutions from DigiCert that integrate LEI data.
DigiCert is excited to work with the Ubisecure team and GLEIF to explore how LEIs can have a positive impact for our customers and their end-users. DigiCert has a long history of commitment to confirming identity for digital interactions. Our work with LEIs represents another step to further enhance online trust for various connected ecosystems.”
— DigiCert CEO John Merrill
DigiCert, formerly known as Symantec, is committed to providing identity assurance solutions that solve the challenges surrounding identity validation, authentication, and encryption. As one of the original CAs, they’re committed to continually engaging in cutting-edge research and development.
Ubisecure is the industry’s fastest-growing legal entity identifier issuer in 2019. In addition to now working with CA customers and partners, they also help organizations in other industries assert identity, including compliance financial institutions and fintech.
For us here at The SSL Store, we’re all for asserting as much identity as possible to protect users and to promote integrity. As such, we’re excited to see one of our CA partners take this step forward to increase online identities through the use of LEIs.
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018
in Hashing Out Cyber SecurityHow to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome
in Everything EncryptionRe-Hashed: How to Fix SSL Connection Errors on Android Phones
in Everything EncryptionCloud Security: 5 Serious Emerging Cloud Computing Threats to Avoid
in ssl certificatesThis is what happens when your SSL certificate expires
in Everything EncryptionRe-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message
in Hashing Out Cyber SecurityReport it Right: AMCA got hacked – Not Quest and LabCorp
in Hashing Out Cyber SecurityRe-Hashed: How to clear HSTS settings in Chrome and Firefox
in Everything EncryptionRe-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms
in Everything EncryptionThe Difference Between Root Certificates and Intermediate Certificates
in Everything EncryptionThe difference between Encryption, Hashing and Salting
in Everything EncryptionRe-Hashed: How To Disable Firefox Insecure Password Warnings
in Hashing Out Cyber SecurityCipher Suites: Ciphers, Algorithms and Negotiating Security Settings
in Everything EncryptionThe Ultimate Hacker Movies List for December 2020
in Hashing Out Cyber Security Monthly DigestAnatomy of a Scam: Work from home for Amazon
in Hashing Out Cyber SecurityThe Top 9 Cyber Security Threats That Will Ruin Your Day
in Hashing Out Cyber SecurityHow strong is 256-bit Encryption?
in Everything EncryptionRe-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3
in Everything EncryptionHow to View SSL Certificate Details in Chrome 56
in Industry LowdownPayPal Phishing Certificates Far More Prevalent Than Previously Thought
in Industry Lowdown