The use of electronic signatures is more and more widespread. In order to guarantee the integrity of electronic evidence, we use time stamping, the perfect complement to know that we carry out transactions in a safe and reliable way. Why? Let’s see what it consists of and what a company needs to have it.

Time Stamping: the security of the electronic signature

The time stamping of an electronic document is a mechanism used to prove electronic evidence, indicating that a series of data have existed at a given time and have not been altered since the time the document was signed.

That is,

It is a method that guarantees the integrity of the electronic signature, that it has been carried out at a given time without being able to be modified and also recording the specific date and time of the moment of the signature.

Therefore, time stamping provides an extra value to the electronic signature due to the amount of non-alterable data and information produced at the time of its creation, guaranteeing its veracity.

When and why use it

There are numerous reasons that make the time stamp a great solution for companies. Among them, to guarantee the security of information, to improve management and access to it, and to react quickly to theft or malicious modification of information.

Its advantages are very clear on e-commerce. This method, by the amount of information and veracity that certifies, gives more confidence to users, giving answers to questions such as:

When was an invoice or order issued? Who was responsible for the signature and when? Can I file a claim for non-payment? How do I prove that an invoice has been paid and since when?

All these answers are provided by the time stamp, serving as evidence in case of litigation, ensuring confidence in the operations.

We can also apply it in the signing of service contracts and in proceedings with the Public Administration, avoiding penalties for failure to meet deadlines and being useful in case of litigation for non-payment.

time stamping

Who issues it? The TSA

As we have pointed out throughout the post, the time stamp shows the exact date and time at which an operation was carried out with a series of electronic data, with the legal consequences this has for the parties involved.

For this reason, it cannot be provided by one of the parties, as it could be manipulated and would not guarantee confidence in the data recorded. Therefore, a time stamp must be provided by a trusted third party, known as a Time Stamp Authority (TSA).

A Time Stamp Authority is a trusted certification service provider whose service is based on offering official time stamps with full legal guarantees.

They are totally impartial to the interests of the operation or transaction being carried out. In Europe, these third parties are legally defined as Time Stamp Service Providers, or Time Stamp Authority.

How to get a time stamp?

It is important to have a time stamp that guarantees the veracity of the electronic signature. And, as we have just seen, this time stamp must be issued by a TSA. But how can this be done? Follow three simple steps:

  1. When a person signs a document, they request a time stamp from the TSA.
  2. The TSA returns a time stamp containing the hash, date and time at which the document was stamped, including the electronic signature data.
  3. The TSA stores all issued stamps in case they are required in the future.

    This ensures the integrity of the electronic evidence collected during the electronic signature process.

    At Ivnosys we offer our time stamping service, the ideal complement to guarantee the security of digital documents. We ensure the full legal validity and no alteration and/or manipulation of the information, acting as a Qualified Trust Service Provider, complying with the maximum legal rank required by eIDAS and Third Party Trust Regulations.

    Due to the state of alarm we are in, teleworking has multiplied dramatically in the last week and with it, the digital signature.

    The problem has been and is that many small, medium and large Spanish companies were not prepared for it.

    The coronavirus is going to be a before and after. We must realize that many of the actions we can do daily, need a digital signature (or electronic signature).

    Why is the digital signature or electronic signature so important now?

    electronic signature - IvCertThe technology has completely impacted the transaction market. One of the key points to normalize the business situation is to continue signing documents with legal guarantees.

    Any document can be signed electronically, we no longer need to be in person to sign: contracts (insurance, work, services…), transactions, paperwork, etc. In addition, when we use the digital signature, a series of electronic data are collected that allow us to identify the signatory, ensure the integrity of the document and its non-repudiation.

     

    Digital signature, with legal guarantees?

    eIDASThis is so, in addition to collecting the signatures of the interested parties, a third party must certify the validity of these signatures. That is, a Qualified Trusted Electronic Service Provider. Governed by the eIDAS regulation, also known as Regulation (EU) No. 910/2014 of the European Parliament and Council of 23 July 2014, which establishes the guidelines for electronic identification,

    a common framework for trusted services, giving them the same legality as traditional paper-based signature processes.


    A digital signature tool for everything, but what?

    There are digital signature platforms that allow you to sign documents, send documents requesting your signature, and even receive them. In addition, electronic evidence is provided such as who has downloaded the document, if they have signed it, at what time, with what type of signature… but productivity lies in having everything in one tool. One that allows to work in the distance and to make in remote of form phase, adapting the costs and the services, tasks like:

     

    What is the dynamic signature?
    dynamic signature

    The dynamic signature makes it possible to offer recipients different types of signature, from which they choose which to use. To find out which types of signature to offer you, look at:

    By giving them this facility, you will collect their signatures in just a few minutes. By working remotely, it is a plus to offer flexibility and speed up the signing process. 

     

     

    But how many types of signature are there and which one is the right one?

    Depending on the technology available and the legal force required, there are various types of signature:

    types of signature

    There is a flexible pay-per-use contracting model, which can be adapted in order to respond to the required demands. You can choose which types of signature to get on your platform:

    SUPPORTING THE PAPERLESS CULTURE: PAPERLESS OFFICE

    paperless cultureTo all this, we add that Ivnosys solutions allow the administration of all corporate documentation in an agile, simple and intuitive way, thanks to the commitment to a “paperless” culture, or paperless office.

    Providing better automation, unification and easy access to information, cost and resource reduction, 100% guaranteed security and reliability and increased productivity.

    The paperless culture is no longer an option, but has become the norm both in companies and in public bodies, where more and more processes and procedures are carried out telematically.

     

    In conclusion, now more than ever is the time when circumstances force us to have this type of digital tools in order to continue managing and carrying out procedures from a distance, as with the digital signature. Let’s not allow it because we can’t leave home, but because we support the digitalization of processes, because of the change of mentality regarding the digital transformation, with all the benefits that this brings.

     

    Request your free demo


    DO YOU WANT TO KNOW HOW TO COMMUNICATE WITH PUBLIC BODIES TODAY?
    The new official measures for managing notifications.

     

    Companies are betting on the digitization of their processes. The purpose? To make each of their departments more efficient to achieve a paperless office. Discover what is the paperless culture and what benefits it has in the organizations.

    Paperless in the workplace

    Are we aware of the amount of paper we use every day? All the communications we make with both internal and external users require the signing of agreements, contracts, transactions, etc.

    It is common to accumulate on our desk all the signed documentation. In addition, we allocate a large amount of resources such as printing, filing and destruction of papers.

    So, how to achieve a paperless office? Why bet on a paperless culture?

    The advantages of paperless offices

    As we were saying, the paperless culture bets on the digitization of organizations. There are many reasons to bet on digital media, encouraging the reduction of paper use in our offices. Here are some of the advantages of the paperless culture:

    Qué es la cultura paperless

     

    How to save paper in the office?

    The idea of getting paperless offices sounds good, but how do you do it? Here are the first steps a company should take to become a paperless office:

    1.    Use of digital certificate

    When a company starts to work through electronic means, it needs to operate with a digital certificate that credits it on the network and allows it to work with total security and peace of mind. In addition, it is convenient to centralize the certificates so that they are controlled, avoiding possible identity thefts or cyber attacks.

    2.    Electronic signature

    The electronic signature allows us to close contracts in just a few minutes. This is thanks to the mobility it offers, being able to sign at any time, place and mobile device. In addition, the documents are stored and protected in the cloud.

    3.  Cloud storage

    By storing and managing documents in the cloud, we have all the information organized and controlled in a single point. In addition, it improves the internal communication of the organization and increases productivity.

    Your digital solutions with Ivnosys

    At Ivnosys we provide our customers with innovative solutions that help them to digitize their businesses in a controlled and secure way. Among the services offered, we have our digital certificate centralization platform, our electronic signature tool and the electronic notification manager. Thanks to these solutions, together with our document manager, companies can say goodbye to paper and become paperless offices.

    It is time to take advantage of the arrival of the paperless culture to adopt the digital tools that allow us to evolve towards paperless offices.

     

     

    The objective of any company is to use the digital certificate in a secure way, either to carry out procedures with the Public Administration, customers or suppliers: signing contracts, buying and selling operations, etc.

    The great challenge for companies is to implement tools that protect their electronic communications and allow them to work with peace of mind. Discover how to protect your digital certificates and work without being afraid for the security of your company.

    Do we use digital certificates securely?

    The use of the digital certificate is more than widespread in the business world, especially since the entry into force of Law 39/2015.  However, it is frequent to fall into mistakes that lead us to an inadequate use of digital certificates. Some examples are:

    How companies protect digital certificates?

    Previously we have mentioned to you some of the most important points to consider in order to protect the security of the digital certificate. Every precaution you take regarding the security of your company’s information is a minor one.

    Each company has the responsability of using its digital certificates safely. Data security is not a game.

    We recommend you to implement tools that will help you, not only to work in a safe and controlled way, but also to take the management of your company one step further in terms of digitization.

    The significance of centralizing your certificate

    In order to protect the digital identity of companies and avoid bad practices, the centralization of certificates allows to manage those certificates from a single platform. In addition, it avoids the risk of information theft and cyber attacks.

    IvSign, a platform of issuance and centralization of certificates that manages and controls its use in real time. In addition, it is a cloud tool that collects an audit of use, so we know at all times who, when and for what uses the digital certificate.

    Don’t you have your certificates centralized yet? Try IvSign for free and work with your certificates from any place and from any device.

     

    The digital certificate allows companies to operate in the online environment in a secure and reliable way and to verify their identity. This certificate must be issued by a trusted entity.

    Therefore, it is essential to have a Certification Authority of full confidence, recognized by the largest number of Administrations, organizations and institutions. What is a Certification Authority?

    Functions of the Certification Authority

    The digital certificate is like our ID, which accredits us to the various public bodies when carrying out any transaction.

    When we show our ID, no one questions its validity, since it has the trust of the issuing body (the Interior Ministry). Likewise, we need to trust the authority that issues our digital certificates, appearing here the figure of the Certification Authority.

    A Certification Authority is responsible for issuing and revoking digital certificates used in electronic transactions and signatures by companies and individuals..

    A Certification Authority (CA) is a trusted entity responsible for issuing and revoking digital certificates used in electronic transactions and signatures. This trust is achieved thanks to the figure of the CA, which acts as an intervening party in the relationship between companies or businesses and individuals. Thus, when any transaction is carried out between two parties, the CA grants trust to the documents managed and signed as it is not an interested party.

    Thanks to the cryptographic key infrastructure that a CA has, the identity of the signatory as well as the content of the transactions performed is trusted and guaranteed. Examples of a Certification Authority are Camerfirma or the FNMT.

    What is a Certification Authority

    Some of the functions of the Certification Authority are: to provide services such as publishing certificates, lists of revoked certificates, checking the validity of certificates, etc. In addition, the CA records the exact date and time a document has been electronically signed, known as a time stamp.

    Who issues certificates?

    Nowadays, all companies work with digital certificates, especially after the entry into force of the Law 39/2015, which requires electronic communication with the Public Administration. Thus, companies need to issue digital certificates so that their employees can work electronically.

    To facilitate the issuance process, companies can have a Presential Verification Point (PVP). A PVP allows them to obtain the digital certificate immediately. The function of the PVP is to review and check the documentation presented by the certificate applicant that legitimizes him to obtain the certificate. Thanks to this, the time of certificate’s emission is reduced and the daily tasks like the electronic signature of documents, are more agile.

    There are two options: to have an external company that take care of these tasks, or to become a PVP. In the case of Ivnosys, we offer our clients both alternatives.

    You can work in an agile and comfortable way with IvSign, the certificate centralization platform and issue your certificates in the shortest time possible.

    Do you need more information? Contact our proffesionals team and they will resolve your doubts as soon as possible.

    ENGLISH

    Most of the transactions between users are done electronically. At European level, each Member State has its own legislation regarding the electronic communications. For this reason, a commitment has been made to create a common framework that guarantees the legal security of transactions between countries: the eIDAS regulation.

    Thus, the eIDAS regulation aims to facilitate any electronic transaction between citizens, businesses and public administrations of any Member State. We tell you the benefits that this regulation has for companies.

    What is the eIDAS Regulation?

    The eIDAS Regulation, also known as Regulation (EU) No. 910/2014 of the European Parliament and of the Council of 23 July 2014, establishes the guidelines for electronic identification. Its main objective is to secure telematic relations between users.

    The eIDAS regulation establishes a common framework for trusted services, giving them the same legality as traditional paper-based signature processes.

    In this way, the eIDAS regulation establishes a common legal framework for trusted services and means of electronic identification that affects all EU member countries. The most remarkable thing is that it facilitates any type of electronic transaction between users within the European territory.  According to its article 1, the eIDAS regulation establishes:

    What is eIDAS regulation?

    In this way, the eIDAS regulation gives way to a digital single market with homogeneous standards that allow transactions to be digitised with no risk to the security of the parties involved. Below are some of the advantages of the eIDAS regulation:

    How does the European regulation affect to businesses?

    The operations carried out by companies in their digital environment are safer and more reliable since the entry into force of the eIDAS regulation. As a result, the use of electronic signatures in the business environment has been strengthened, allowing:

    Similarly, the eIDAS regulations distinguish the types of electronic signature that can be used by signatories according to the operation carried out (simple, advanced and qualified electronic signature).

    The qualified electronic signature meets the highest security standards and is equivalent to a handwritten signature on paper.

    Our electronic signature platform, IvCert, offers all types of electronic signatures recognised by the eIDAS regulations. Furthermore, it is the only tool that supports qualified electronic signatures, gathering all the electronic evidence and having full legal guarantees, comparable to the handwritten signature on paper.

    Request your free IvCert demo. Use the ideal type of electronic signature for each transaction and comply with eIDAS regulation.

    Technology has completely impacted the transaction market. Any document can be signed electronically: contracts, sales agreements, etc. However, appropriate precautions must be taken to use the electronic signature securely.

    The European Union, aware of the importance and proliferation of the use of electronic signature in the business world, has developed the eIDAS regulation. It governs the rules on electronic signatures and transactions..

    Choose the signature method that best suits each transaction and sign your documents with total security.

    There are different platforms that offer simple signature methods, in which you simply add a graphic mark similar to a handwritten signature on paper. However, this is a legally weak signature method.

    The security of the electronic signature

    Electronic signature is a set of electronic data that is associated with a digital document and that allows, among other things: to identify the signatory, to ensure the integrity of the document and to ensure non-repudiation.

    The electronic signature is the best way to guarantee the authenticity of the signatory in each telematic transaction.

    Many companies are betting on the digitization of processes, and this involves the implementation and use of electronic signatures in a secure way. Thus, there are tools on the market such as IvCert, a platform that offers the full range of types of electronic signatures, including qualified signatures through the use of certificates.

    Under the principles of integrity, non-repudiation, authenticity and confidentiality, the electronic signature becomes the best ally to carry out any telematic procedure with total security.

    Electronic signature platform

    According to the eIDAS regulations, the qualified signature has a legal validity comparable to a paper-based signature and cannot be repudiated by the signatory. This is why lot of companies rely on this type of signature when using electronic signatures securely: they reduce the legal risks of signed contracts to a minimum and work with complete security and peace of mind.

     

    IvCert is a cloud platform that allows the creation of signature circuits where the recipients are indicated, the document to be signed is attached and the type of signature required from each signatory is specified. The platform collects the status of sendings in real time, as well as electronic evidence. In addition, IvCert allows you to send directly from Outlook, speeding up this task as much as possible. Without any doubt, this is a way to use the electronic signature in a secure and uncomplicated way.

    Our product is supported by Ivnosys as a provider of state-of-the-art solutions in the field of digital identity and electronic signature. In addition, we are a Qualified Trust Service Provider and Certification Authority, complying with the security standards set by eIDAS regulation.

    Large companies have implemented the IvCert platform in their management systems.

    Request your free IvCert demo and sign electronically your documents without compromising the security of your company.

    Every day we work with digital certificates to communicate electronically with third parties (customers, suppliers, public administration, etc.). This communication includes the sending of documents, access to electronic sites, presentation of written documents, signing of contracts, etc. But, do we work with the appropriate security? Next, we tell you: What is the centralization of certificates? How it helps your company in its digitalization process?

    How to protect your digital certificates?

    The digital certificate is an element used massively in the work places that allows to work in the environment web accrediting our person or acting in the name of the company. However, without the adequate security measures, third parties can access to confidential information without our knowledge.

    The centralization of digital certificates means that all certificates are collected at a single point. In this way, we manage and control the use made by the different users of each digital certificate.

    Therefore, the objective of the centralization of certificates is to avoid the lack of control originated when multiple certificates are used in a company, running the risk of information theft and even identity theft.

    The centralization of certificates prevents the fraudulent use of our documentation and helps us to simplify our day-to-day work.

    In this way, the centralization of certificates allows us to host the digital certificates in the cloud. In addition, we can manage and sign documents securely, without the need to install external applications and without compromising our security.

    In addition, the bet of the companies for the digitization of processes makes necessary the use of the digital certificate, allowing us to work and communicate electronically with internal and external users of the company, even with the Public Administration.

    Advantages of centralising certificates

    It is important to have tools that protect the digital identity of our organization. In this way, thanks to platforms such as IvSign we can centralize the certificates in a secure and controlled way. Below, we detail you some of its advantages:

    Don’t you have your certificates centralized yet? Request your free IvSign demo and work in your company with total security.

    Daily, we use electronic signature in communications or transactions with third parties: privacy policy agreements, agreements with suppliers, employee contracts, purchase and sale contracts, etc.

    There are several types of electronic signature on the market and they are included in the eIDAS Regulation. Depending on the technology available and the legal strength of the document required by the user, one or another level of signature will be chosen.

    Types of electronic signature

    There are applications that offer different types of signature that vary according to the technology incorporated and the electronic evidence collected from them.  Discover below the different types of electronic signature and their characteristics:

    Simple signature

    The signatory accepts or rejects the information received by responding to the dialog box that appears on the screen. This type of signature is found, above all, at the time of accepting the conditions of use or the privacy policy.

    Advanced OTP (SMS) signature

    With this type of electronic signature the signatory receives a code by SMS that he must enter at the time of signing. This will validate the transaction. It is common when we make an online purchase, for example, or in a bank transaction from our bank’s app.

    Advanced biometric signature

    This signature requires the physical presence of the signatory, since he must sign on a specific tool (usually a tablet). Data such as the pressure, inclination and position of the pen with which the user signs is collected. It is common to use this type of electronic signature in the banking and insurance sector, where transactions are usually closed in person.

    Qualified signature

    It is based on the signature with a qualified digital certificate issued by a Certification Authority. The security of this signature is based on the two keys that a certificate has: public and private key. This type of electronic signature should be used in transactions that require full legal support, being able to defend the evidence collected in case of litigation.

    IvCert, electronic signature and certified sending platform, offers its customers all types of electronic signatures. At a national level, it is the only platform that has the qualified signature, a method that has the maximum legal validity recognised by the European eIDAS regulation.

    In addition, the product is developed by Ivnosys, Qualified Trust Service Provider and Trusted Third Party, guaranteeing security in the provision of its digital solutions.

    Request your free demo of IvCert and use the digital signature with total security. We will be glad to help you!