Escrito por: Marta Estudillo Fecha Thursday 14, October 2021 Categoría: Digital Certificate
The digital certificate is the electronic documentation that proves our identity on the Internet. This documentation, despite being generated by technological platforms, is not exempt from possible fraudulent use, loss or theft after a cyber-attack or security gap in any company.
Thus, in the same way that access to other platforms of a company is revoked to certain employees or users, the revoked digital certificate is also a reality. In this post we tell you what a revoked digital certificate is, the cases in which it is useful and tips to avoid revoking a digital certificate.
The digital certificate can be understood as an electronic ID that identifies us as professionals or as a company digitally and allows us to carry out numerous procedures on the Internet.
Through the digital certificate we can access to private and confidential information of the companies like fiscal, financial data, etc.
Thus, in case of theft or manipulation of passwords, if a person had in his hands the digital certificate that represents and digitally identifies a company, he could have access to sensitive information that would enable him to carry out operations on its behalf without those responsible being aware of it. To cover this and other needs, there are platforms such as IvSign that allow real-time control of the use that each employee makes of the company’s digital certificates.
Depending on the task we need to do (sign a contract, apply for a grant from a public body…), we will have to use one type of certificate or another in particular. It is also worth mentioning the existence of the qualified digital certificate, the most secure type of certificate that offers the maximum legal guarantees.
As we have explained, in the event of security gaps or possible fraudulent uses, it is possible to revoke a digital certificate. This is an action that can be requested by the certificate holder himself.
A revoked digital certificate is one whose validity has been cancelled before the expiration date stated in it as a result of the request of its owner. Its revocation may have been requested at any time and usually occurs when the holder has indications that his private keys are known by third parties who should not have access to it.
The revocation of the digital certificate must be requested to the issuing body that generated it, such as the Qualified Service Providers (PSC), the most widespread in Spain are the electronic DNI and the FNMT, but there are many other bodies such as Ivnosys.
Thanks to the transformation and digitalization of services, this procedure can be carried out telematically, using a secret revocation code that is provided to the holder of the digital certificate at the time of issuance.
Through the IvSign platform you can quickly check the status of your company’s certificates, differentiating between:
As we have seen, a revoked certificate cannot be reactivated in the future and, in case you need it again, you will have to request the issuance of a new one. In this way, by following a few simple steps that IvSign offers you, you can avoid the revocation of your certificates and the inconveniences that this situation generates:
However, it should be noted that certificate revocation is an option that can be useful when it is necessary. For example, in the case that a certificate will no longer be used or an employee who is listed as the certificate holder leaves the company, revocation of such certificates would be the best choice.