Digital Trust Service Provider
In the field of digital transactions when two or more parties that are involved in electronic commerce turn to a third party to carry out various tasks such as filing the declarations of will that make up the electronic contracts, consigning date and time of communications, or file digital statements between the parties. In this relationship environment, this third part is called “Digital Trust Service Provider”
Digital TimeStamp
Have a reliable date for your digital documents
The creation date that appears in a digital document does not represent a “reliable date” that can be used as a reference. It is possible to modify this date as well as the content of a digital document without leaving a trace.
While the use of digital signature allows to identify the author of a digital document, time stamp allows to attach a “reliable date” to a document in such a way that it is possible to know at what moment it was signed and if it has been altered later.
Timestamp guarantees
- The existence of a document regarding a certain date
- The integrity of that document (which has not been modified) since that date
Features
- Compatible with IETF RFC 3161
- Compatible with XAdES (XML Advanced Electronic Signatures)
- Compatible with CAdES (CMS Advanced Electronic Signatures)
- Compatible with Adobe Acrobat
- Compatible with Microsoft Office 2010/2013
- Support for SHA256, SHA384 and SHA512 applications
- Time stamps signed with SHA256 and 4096 RSA bit certificates
Timestamp Service
Time stamping is an important security mechanism for the long-term preservation of digital signatures and documents, the dating of documents to prove when they were received and the provision of digital notarization services.
CertiSur provides Timestamping services for organizations with the highest level of service (agreed in the corresponding SLA), being the right solution for those organizations that wish to incorporate time stamps in their applications.
Allows you to obtain timestamps for digital documents generated in your information circuits, increasing the level of security and reliability of the documents.
By incorporating a time stamp you achieve that your signed documents are valid for an extended period of time (LTV), ensuring that they are not vulnerable for the passage of time and are not repudiated by their signers.
CertiSur Timestamping Service
To Test CertiSur Timestamping Service, click below.
LTV (Long Time Validation) PDF Signer
The LTV signature server allows to ensure documents in PDF format that are resistant to the passage of time. Within these documents can be stored information to be used as evidence, ensuring that it has not been altered and that it existed at a certain time.
It is possible to easily control which application has permission to sign documents and safeguard the signer’s keys in an HSM device for its greater protection and guarantee. This product is ideal for the production of robust documents, authenticated by the organization (such as receipts, invoices and normative documents) and stamped by a trusted Timestamp Authority.
Technical Features
Visible or invisible signatures
The solution can generate visible or invisible signatures within the document depending on the configuration of the document. Both signatures are technically equivalent, not guaranteeing greater robustness one over the other, but a different perception by the receiver.
Multiple Signers
Each of the signatories has its own authorization mechanism. This makes it easier to use in heterogeneous environments where you do not want to use the same level of security for all types of signatures. This functionality also allows you to configure that the same signer can have different signature settings, some visible and others not, for example.
Centralized and secure control of keys
The signatures in an organization are one of the most sensitive elements from the point of view of security and should be protected from improper uses or vulnerabilities of the systems. The solution can be installed as an isolated node in your network, thus ensuring that the keys used will not be harmed by other applications that make use of it.
Time Stamps
To achieve that signatures in PDF documents are able to comply with LTV standard, the use of time stamps is necessary. While the use of digital signature allows to identify the author of a digital document, the time stamp allows a “reliable date” to be determined in a document in such a way that it is possible to know at what moment it was signed, and if it has been altered later.
Other Features
- The distribution is made through a Virtual Appliance (VMware OVF) that can be activated in a virtualization platform.
- The security configuration has segmented users in order to guarantee the highest level of division of roles and responsibilities.
- For visible signatures, it is possible to configure a customized signature image.
- Allows the use of time stamps when signing PDF documents such as those generated by CertiSur Timestamp Service. (RFC-3161) (RFC-3161)
- It is possible to use any type of digital certificate to sign PDF documents as long as it has been issued with the necessary basic attributes in its extensions.
- Supports the use of digital certificates stored in external cryptographic devices such as HSM.
- Supports SHA256 and SHA512 algorithms.
- Supports X.509 digital certificates with RSA 2048 and RSA 4096 bits.
Encryption key safekeeping
Confidentiality of biometric data
By subscribing electronic contracts or completing forms that require an individual’s signature, their biometric information must be encrypted to ensure that the evidence has value to the organization that makes use of it. In this way, it is avoided that it can be used in another context or with other documents in a fraudulent manner. The digital signature systems insert the individual’s biometric information into a document (often in PDF format). The capture is made through a wide variety of devices, which can vary from smart phones, tablets or others that are equipped with technology sensitive to the pressure of the stylus (stylus) for the signature.
Encryption key safekeeping
CertiSur encryption key custody service allows the custody of keys from digital signature or biometric signature platforms used in your Organization, in order to allow the recovery of the biometric data of the signature to be used as evidence by a third party or digital expert within the framework of an action before a possible repudiation of a biometric signature. The use of our custody service allows those responsible for these platforms to adopt the necessary security measures to safeguard biometric information in an appropriate and safe manner. In this way, this information is protected in a confidential and secure manner in the Organization that makes use of the platform, and therefore, it can be used as probative evidence of authenticity.
Recovery of encrypted data
The process of checking a digitized signature starts from the electronic document that includes the signature to be verified and requires the use of the guarded key to be able to decipher the biometric data. It is here that CertiSur intervenes as a Trusted Third Party for the keys used in the process. In order to guarantee the reliability of the service, CertiSur applies security procedures and practices similar to those used to identify the holders of their Issued Personal Digital Certificates. CertiSur guarantees in this way that a key in custody will only be used under the conditions described in the service contract and by appropriately trained and qualified personnel. The deciphered data is delivered to the person designated by the Organization for later use.