Access to CS OTE

Security items for access to IS OTE and CDS

Due to security reasons the access to IS OTE and CDS is secured by HW or SW certificate. Each user is obliged to be equipped with defined security items. All communication must be digitally signed with using of the certificate. The most recent Business terms offers two ways how to obtain digital certificate:

1. Secured access to IS OTE with internal certification authority (hereinafter OTECA)
2. Secured access to IS OTE with certificate issued by accredited certification authority.

1. Secured access to IS OTE with internal certification authority (OTECA)

OTE Certification Authority is outsourced (LogicaCMG). The service is based on the purchase order for subjects that concluded the contract with OTE and applied for the access to the system.

Certified security items are following:

• SmartCard reader from company GemPlus with SW installation package (suitable for the most of the workstations).
• SmartCard GemSAFE from company GemPlus with loaded digital certificate.
• USB token iKey 2032 from company Rainbow Technologies with digital certificate (suitable for mobile devices including laptops).

Files: Document that describes Security items for an access to IS OTE, how to order and install all necessary items (DOC 78 KB) and Purchase order for security items (DOC 102 KB).

The procedure of renewal digital certificate after it expires

Due to security policies digital certificate has its expiration period (year or two). When the certificate expires it denies your access to the system. Following article will describe the procedure how to renew your certificate(s) in document Verification procedure of certificate expiration (PDF 173 KB).

Basic principles of certificate renewal before it expires

The subject, that owns the security items will be notified a month before the expiration of security certificate by company LogicaCMG with the information that expiration is about to happen and what to do next.

The expiration date on SmartCard or USB token can be found according to procedure in attached document. Verification procedure of certificate expiration.

• A user can use an automatic renewal process.doc (960 kB), whether it asks for certificate renewal before one expires and owns smart card with capacity higher than 8k. A procedure how to renew a certificate can be found in user manual.
• Whether a smart card does not fulfill the requirements stated above, the procedure of  renewal must be done according to following steps.
• The subject must fill the purchase order where all user identification numbers (UID) for renewal must be stated. The purchase order shall be handed over via mail to company LogicaCMG.
• The subject will get new certificate(s) that will have expired by two years via regullar mail.
• This service will be charged by LogicaCMG.
  

Documents of certificate renewal for download:

• Purchase order for items (DOC 96 KB),
• Acceptance Protokol (DOC 49 KB),
• Statement on the Returning of Securite Items (DOC 62 KB),
• Protocol on the Testing of the Connection to IS OTE (DOC, 46 KB).

2. Secured access to IS OTE with certificate issued by accredited certification authority

In synergy with the most recent OTE Business terms the Subject of settlement or market participant can obtain a certificate from public certification authority in Czech Republic -  První certifikační autorita, a.s. (hereinafter I.CA)

Please visit www.ica.cz  to find all necessary documents and applications. All terms, issues and pricelists are in competence of I.CA.  

To registrer the public part of the certificate in IS OTE an export must be done. The detailed procedure is described in attached document. Access to IS OTE and CDS with certificate from accredited certification authority (PDF 400 KB).

Information to I.CA’s certificates for „IS OTE“ access (DOC 261 KB).