The electronic certificate is the protection of your digital identity

In recent years, diverse brakes related to usability have slowed down the widespread use of digital certificates. Having to go in person to the certificate issuing office, installing them on employees’ computers and the faults that are generated, updating them when there are changes in the number of employees, the loss of the equipment on which they are installed and the lack of control over their use have been the main barriers to using the digital certificate in companies.

Centralisation of certificates in the cloud

Once again, technology gives us the opportunity to improve and innovate in the company with the centralisation of certificates in the cloud. Digital platforms such as IvSign allow digital certificates to be issued in the cloud and, therefore, from anywhere, without having to go in person, with the time and cost savings that this means.

In addition, centralisation in the cloud provides an extra level of security that few companies offer. The fact that they are stored in the cloud means that, once a certificate has been issued, it is securely stored, providing complete peace of mind against possible loss, decentralisation, theft, computer attacks or data manipulation, as the certificates are not installed on our computers, but we can access them as and when we wish.

One of the advantages of digital certificates is that they cannot be transferred, i.e. the client can authorise their employees to use them, but they can never physically take them away or extract them because Ivnosys takes care of their deposit and custody. In this way, all operations are recorded. Jaime Castelló, CEO of Ivnosys

The same applies when an employee needs it to carry out a procedure with the Public Administration or sign a document. By simply authenticating in IvSign, the employee can use the certificate from the work computer or any other mobile device, offering maximum convenience and flexibility.

We must emphasise protecting our digital identity because it is what guarantees the other person, who is facing us, who we are. Jaime Castelló, CEO of Ivnosys

The legal guarantee of a Certification Authority

The validity of a qualified digital certificate depends on the Certification Authority that has issued it and which acts as a trusted third party. In this way, we can only trust a digital certificate if the issuing entity confirms its legitimacy and validity in the same way as we would with an ID card or passport: we trust these documents because they have been issued by a trusted entity (the government of a country) and we have proof that they are valid.

The operations carried out with the certificates centralised in IvSign are guarded by Ivnosys as a Certification Authority and Qualified Trust Service Provider, and the evidence collected is recorded in the system through a usage audit that includes the following data:

• Digital certificate used
• Date and time
• User
• IP from which it was accessed
• Type of operation performed
• URL visited or application used

Using the electronic certificate to obtain a qualified signature

Remote communications are growing exponentially. Nowadays, we cannot rely only on what we are “seeing” through the screen of a mobile phone or computer, because unlike physical presence, with technology, what we are “visualising through a screen” can be altered. This makes it necessary to opt for the most secure electronic signature with the greatest legal guarantee: the qualified signature.

The qualified signature is the guarantee of electronic transactions. At Ivnosys we also incorporate the document validation service required for the digital security of our procedures. Emilio Álvarez, COO of Ivnosys, highlights the importance of protecting and guaranteeing transactions with the use of the digital certificate.

The main function of any electronic signature platform must be to protect the digital certificate, as well as to carry out a control of the uses that are being made of the certificate. In this way, all operations are recorded so that the certificate holder knows at all times who has used it and for what purpose, with the support of the Qualified Trust Service Provider.