skip to log on skip to main content
VoiceOver users please use the tab key when navigating expanded menus

ANZ PKI uses digital certificates stored on smart cards to enable customers to authenticate their identity when accessing ANZ's online banking systems.

It is intended that future PKI implementations will allow customers to:

  • transact with the Government using IdenTrust™ accredited digital certificates
  • trade electronically with other businesses across the world using IdenTrust™ based systems.

ANZ PKI stores digital certificates on smart cards.

ANZ PKI requires customers logging on to banking systems to authenticate their identity by swiping a smart card containing their unique digital certificate and entering their PIN.

ANZ PKI enables customers to appoint specific employees (ANZ PKI authorised officers) to be responsible for the maintenance and administration (including the issuance/revocation) of smart card based digital certificates for their organisation.

ANZ PKI smart cards provide a greater level of security compared to "soft certificates" that are stored on computer hard drives which can be vulnerable to hackers.

ANZ PKI smart cards can cater for customer mobility as they can access ANZ's online banking systems from any compatible computer with Internet access and a suitable smart card reader.

ANZ PKI enables customers to assume control over the management of their internal smart card deployment, as they are not reliant on ANZ.

ANZ PKI assists customers to maximise the reduced costs associated with utilising Internet based technology.

Smart cards

ANZ PKI uses smart cards to store private keys as well as digital certificates that contain public keys. A smart card is the size of a credit card and contains an embedded computer chip that stores information in electronic form and controls the use of that information.

Smart cards provide:

  • an efficient, flexible and portable medium for authenticating identities
  • tamper-resistant storage for protecting digital certificates, keys and other forms of personal information
  • portability of credentials between computers at work, at home or on the road
  • greater protection against theft or impersonation.

Smart card readers

A smart card reader is required to allow the reading of smart cards. These either connect to your PC through a serial or USB port or are built into the PC.

There are two ways to store a private key. In many applications, digital certificates and private keys are stored on the user's hard drive of their PC, which can leave them vulnerable to attack by hackers.

The second method involves placing or creating the private key on a physical token such as a smart card.

This option provides additional protection against theft or impersonation, as the user is able to carry the key with them - meaning it is stored away from the workstation they use to access online applications.

Smart card technology combines what customers have - the card, with what they know - their PIN.

The integrity and security of a customer's private key is of fundamental importance, as this is the means by which they authenticate their identity to access online applications.

If a customer's private key, digital certificate, smart card or pass phrase is lost, stolen or compromised in any way, it should be reported to the ANZ PKI authorised officer immediately.

ANZ PKI subscribers

Subscribers are ANZ customers who have signed up to ANZ PKI and as such have agreed to be bound by the provisions of the governing documents which include the relevant ANZ PKI certificate policy and ANZ PKI certification practice statement.

Subscribers request that a digital certificate be issued by the certification authority (ANZ) via the registration authority for online identification and non-repudiation purposes.

ANZ global administrators

ANZ global administrators are responsible for administering individual system settings associated with digital certificates to comply with subscriber, product, and certificate requirements.

ANZ PKI authorised officers

ANZ PKI authorised officers are employees, appointed by subscribers, who are responsible for the issuance and use of certificates that comply with the terms contained in the governing documents. Their role can involve the maintenance and administration of users, including the creation of smart card based digital certificates, on site for employees of the subscribing company.

IdenTrust, IdenTrust System and the IdenTrust logo are trademarks and service marks of IdenTrust, LLC.