A Certificate Authority is an entity that issues digital certificates. A digital certificate is similar to an electronic signature and it is used to validate information. Digital certificates are commonly used for electronic commerce. As an example, a SSL Certificate is a digital certificate issued by a Certificate Authority to a bank. That digital certificate can be used by the public to determine the identity of the entity operating a web site.
Certificate Authorities in Mauritius are regulated by the "Electronic Transactions (Certification Authorities) Regulations 2010". The regulations allow a public sector agency to act as a certification authority once it is licenced to do so.
A common Public Key Infrastructure is the X.509 Public Key Infrastructure (PKI) for the Internet. PKI uses Public Key Cryptography; there is a pair of keys, a secret (private) key and a public key, used for encryption and decryption. In simple terms, a key is a large random number.
In July 2013, the Government of Mauritius announced that it "is setting up a Certification Authority that will issue digital certificates which will secure electronic information stored on the chip inside each card as well as serve as a guarantee to ensure the reliability of that information". This was in line with the government's strategy to offer citizens a more efficient and secure system of identification and authentication for different government and non-government services. The infrastructure used to implement such a strategy is known as "Public Key Infrastructure". It provides for the administration of the digital certificates, i.e. the ability to issue, maintain and revoke digital certificates.
According to www.mnic.mu the data on each national identity card is electronically secured and can only be validated through the MNIS Certificate Authority (MNIS CA) which ensures the authenticity of the individual’s identity". There isn't any information about the MNIS Certificate Authority on the web site. The MNIS CA does not appear in the list of licenced Certificate Authorities in Mauritius.
One of the features of the national identity card, encoded as data on a chip, is a digital certificate. Based on publicly available information, the secured data on the chip is authenticated by the MNIS CA with a 10-year validity digital certificate. It is not clear whether these digital certificates have been issued and whether there is a certificate authority which is authorised to do that.
1 The National Identity Card (Miscellaneous Provisions) Bill Voted yesterday
2 Mauritius National ID Card - data safety
3 Mauritius National ID Card - features