If the key certificate is for the director where to sign. Electronic signature key certificate

In recent years, more and more companies have been switching to electronic document management: it is fast, convenient and economical. To give a digital copy legal force, the responsible person must sign it using an electronic signature - it is equivalent to the traditional method of certifying a document. EDS can be simple or enhanced. The second option is also divided into an unqualified and qualified signature. They are distinguished by an electronic signature verification key certificate - it is recorded on a USB drive and can only be obtained from a certification center accredited by the Ministry of Telecom and Mass Communications (hereinafter also referred to as CA).

How does an enhanced electronic signature work?

Difficulties with electronic document management are associated with the need to protect data from unauthorized changes, as well as confirm the identity of authorized employees and officials. Therefore, a qualified electronic signature verification key certificate is an effective means of control that allows you to establish the identity of the originator of the document and ensure the safety of information. Information about its use is specified in Law No. 63-FZ, which regulates the procedure for obtaining and using an electronic signature.

An enhanced qualified signature has the following features:

• it is the result of cryptographic transformation of information using a special key;
• it is created using special tools; the qualified certificate contains a verification key;
• this key allows you to determine the authorship of the document, as well as determine whether changes have been made to it;
• the signature must comply with the requirements established by federal legislation and the FSB.

According to the legislation, the owner of an electronic signature verification key certificate is a person who has received such a certificate and has the right to put a qualified digital signature on documents. The certificate media must be carefully stored to prevent the signature from being used for illegal purposes.

Thus, the electronic signature verification key is a way to check whether a document signed with an electronic signature has legal force.

Sample of filling out the certificate

An EDS verification key certificate is a type of electronic ID. Therefore, a sample of filling out an electronic signature verification key certificate contains the following information:

• start and end dates of the validity period (usually the key is issued for a period of 1 year, after the expiration of this period it must be obtained again);
• FULL NAME. for an individual or individual entrepreneur, for a legal entity the full name and legal address must be specified;
• the verification key itself (receiving a certificate of the electronic signature verification key gives it legal force, since it allows you to confirm its authenticity);
• name of the EP product used;
• the name of the certification center that issued this certificate (the organization must undergo accreditation - verification of compliance with the requirements of the Ministry of Telecom and Mass Communications + FSB).

To obtain a certificate, representatives of legal entities and entrepreneurs must submit to the CA a TIN certificate, an extract from the state register, as well as a document confirming their authority. If the certificate is issued to a company representative, he must receive a power of attorney with the seal of the company and the signature of its director.

Certificate verification methods

To verify an electronic signature certificate, you can use several methods:

Installing special utilities on a computer and using them is quite difficult, so most Internet users prefer to turn to online verification services. It takes little time and allows you to get up-to-date information:

If you need to check an electronic digital signature certificate, for example, the Rosreestr portal will allow you to obtain the necessary information in minutes:

Individuals are given the opportunity to obtain a certificate in their personal account of the Federal Tax Service for conducting tax transactions. You must go to the “Profile” section to receive a non-qualified signature certificate valid for 1 year. It will allow you to resolve all issues with document flow via the Internet and save the taxpayer’s time. However, this rule does not apply to individual entrepreneurs and persons engaged in private practice.

Each document in an enterprise, in order to have legal force, must be signed by one of the managers. Thanks to modern technologies, document flow has moved into electronic mode. As a result, an electronic signature (ES) was developed for signing electronic documents. Closely related to the electronic signature is a certificate, which certifies that the signature belongs to a specific person, and a key, consisting of the signature itself and the electronic signature verification key.

What is a verification key certificate

Electronic signature verification key certificate (SKPEP) is an electronic document that is issued by a certification center (CA) and confirms that the signature key belongs to the owner of the certificate. It is issued by an accredited certification center for one year, after which it must be renewed.

The SKEPP includes the following information:

• unique number of the qualified certificate, start and end dates of its validity;
• FULL NAME. and SNILS of the certificate holder - for individuals; name, location, INN and OGRN of the document owner - for legal entities;
• electronic signature verification key;
• name of electronic signature tools and CA tools;
• name and location of the CA, number of the qualified certificate issued by the CA of the Ministry of Communications;
• restrictions on the use of the certificate, other information about the certificate holder.

For example, on the Sberbank website you can request a certificate online (for digital signatures issued by Sberbank).

In article 14 Federal Law of 04/06/2011 No. 63 04/06/2011 No. 63 describes the grounds for the creation and issuance of SKPEP, and also provides a list of grounds for termination and cases of cancellation of SKPEP.

Authentication

It is necessary to check documents using an electronic digital signature for authenticity for several reasons:

• determines the authenticity of the document;
• identifies the identity of the owner of the signature;
• the owner can make sure that the document is not sent accidentally.

You can check your digital signature by providing evidence confirming that the signature and certificate are current at the time of submitting the documents.

There are two ways to check an electronic signature:

1. Online digital signature verification, State services.
2. Digital signature control through cryptograms that are installed on the owner’s PC.

Using the first method is preferable because it is more universal. It only requires a computer with Internet access. But the advantages of the second one are the security of data transfer and ease of working with files.
This is what the electronic signature verification page looks like on the State Services website.

When checking the digital signature certificate, you can find out:

• Owner's name;
• name of the organization that issued the electronic signature;
• validity period of the document.

Performance monitoring

To start working on trading platforms, you need to check the functionality of the digital signature key: go to the website of the electronic trading platform, find the appropriate section (“Checking digital signature”) and use the standard verification mechanism. If necessary, troubleshoot and adjust the settings of the browser, crypto provider or token.

First you need to check the functionality of the electronic key carrier:

• insert the media (for example, ruToken) into the computer’s USB port;
• enter the address of the ETP website with a special service;
• click the “Check” button.

If no errors are found, you can start working.

An electronic digital signature is a set of special characters intended for:

• Ensuring control of the integrity of information and data transmitted in electronic documents
• Ensuring the protection of information from interception and unauthorized use
• Ability to identify the author and sender of a document

In order to start using the electronic signature key certificate for its intended purpose - as a legally significant requisite of an electronic document, you need to install the digital signature certificate on the computer or computers where you will work with electronic documents and directly with the electronic signature.

Public and private keys

It is necessary to clarify that any digital signature consists of two types of keys - a private key, it is also called a key container, it is due to it that the document is signed and encrypted, and a public key, or, more simply, a personal certificate.

A personal certificate is presented in the form of files with the extension .cer. Here you can view all the data about the owner of the electronic signature. Such a public key is necessary in order to verify the authenticity of documents. You can and should install an electronic digital signature certificate for a public key on all computers that will receive electronic correspondence.

The private key contains six files, each with a .key extension. If this folder is lost or damaged, the private key will not work and you will have to contact the CA to reissue the electronic signature certificate.

Digital signature storage

EDS keys, as a rule, are stored on special key media; previously, ordinary magnetic floppy disks were used for this purpose, but time has shown their unreliability and fragility, so today certified media such as RuToken are increasingly used. The Rutoken is protected by a special password, so that access to the information on it is provided only directly to the owner of the certificate, who knows this code.

Installation of digital signature certificate

In order to install an EDS certificate on your computer, the user needs to go to the Control Panel tab in the CryptoPro program, select the tab called Service, and then click View certificates in the container. In the window that appears, select the Browse button and select the certificate that needs to be added. Click Next, a pop-up Certificate tab appears in the Properties window, click Install Certificate.

Then the Certificate Import Wizard appears in front of the user, in it we select the Place value and select certificates and the storage for them; if everything was done correctly, a window should appear in front of the user informing that the certificate was successfully installed.

With the transition to digital document flow, many people, especially representatives of organizations, are concerned with the question - how to sign information transmitted via the Internet? To do this, each sender of digital documentation only needs to issue obtaining an electronic signature verification key certificate. This is done after contacting authorized centers or their representatives who have the right to issue. The issuance of a document by authorities with the necessary powers confirms that the certificate has a real owner who has the right to perform certain transactions.

It contains data about its owner, collected in a separate file, compiled when creating an electronic signature. A document issued by a CA or its representatives who have the right to issue is called qualified electronic signature verification key certificate. This certificate verifies the identity of the participant in the exchange of digital data. It lists:

• The day when digital signature certificate begins and ends its action.
• Identification information: Individuals provide SNILS and full name, legal entities - OGRN, name, INN and location.
• Code that checks the electronic signature.
• The name of a specific electronic signature or standard legal requirements that prescribe the rules for generating means of encrypting signed information.
• Name of the center or representative who issued electronic signature key certificate.
• Information without which the electronic signature certificate will not be verified.

Electronic signature verification key works, like the electronic signature itself, exactly one year from the date of issue. Then it needs to be reissued again at the centers or with representatives who have the right to issue the document. If signing key certificate contains outdated information (an individual has changed his first/last name, an organization has changed its name, or a manager), then it also becomes invalid and must be obtained again. The same procedure applies if the private key suddenly becomes compromised.

Let's continue defining the concepts. 63-FZ establishes that the owner of the electronic signature verification key certificate is an individual or legal entity that has issued the above-mentioned certificate in a special manner. And by signing the digitally transmitted data, the sender certifies its authenticity using the digital signature algorithm. The key itself is divided into two types: private (ES key) and public key of the digital signature certificate(electronic signature verification key).

Buy signature

Before applying for an electronic signature, each potential customer must understand how to use an electronic signature verification key certificate, and for what specific actions it is needed. So, as mentioned above, two keys are used to certify the transferred documentation: ZK (with which the data is signed) and OK (which allows you to decrypt the digital signature and see who it belongs to). ZK and OK are created at the same time as they are generated EDS key certificate, and certification centers they record all received data on a special external device (at first glance, it resembles a flash card). The information reliably limits access to unauthorized persons using a PIN code, which must be entered before signing an electronic document. Such protection ensures that signature certificate will not fall into the hands of intruders, and the important contents of documents will not be lost. But this, of course, is ensured only when the person in whose hands it is EDS key certificate, keeps all information confidential.

In order to train digital signature owners to properly handle secret data encryption tools, the head of the enterprise must organize mandatory detailed instruction. Individuals will be able to familiarize themselves with such concepts on their own by finding information on the Internet, or in an authorized center when they receive digital signature certificate.

Electronic signatures are divided into several types, used in specific situations. Therefore, before you decide, how to obtain an electronic signature verification key certificate, think about the purposes for which you need an electronic signature. If you need an analogue of a document simply signed by yourself, then you just need to issue a simple or unqualified enhanced digital signature. The document with the seal is replaced with a qualified enhanced signature.

Let's continue the topic. Qualified Key Certificate has special content that meets the requirements imposed by the FSB (order No. 795). It contains various additions to the Federal Law that prevent unauthorized use of stored data. In particular, there is an addition keyUsage, according to the rules of which qualified electronic signature verification key certificate may not be used if any of the keyUsage addition flags is not in the required position. Authorized centers store each issued document indefinitely. electronic signature public key certificate and allow access to this information to persons verifying the authenticity of the electronic signature of the sender of the documentation. But CAs are commercial enterprises and can close at any time, and documents signed with digital signature will become invalid, since it will be impossible to verify the certificate. Therefore, over time, it is planned to create a state information database in which all issued certificates will be stored indefinitely.

Having decided why you need an electronic signature in a particular case, think about where to obtain an electronic signature verification key certificate. If you live in large cities of Russia, there is no problem - you probably have an authorized center that deals with registration of electronic signatures, or its trusted representatives. Apply and they will produce and give you a special medium with a private key and a certificate with a public one.

The purpose of an electronic signature certificate is to establish the identity of the sender of the document. It contains a special set of characters. During verification, the encrypted data of the documentation signed with an electronic signature is compared with the code that is in the electronic signature certificate. They must match, which indicates that the signature belongs to a specific person.

An ES qualification certificate is drawn up and issued after the presentation of a passport and equivalent documents. On specialized equipment using special cryptography algorithms, OK and ZK and an electronic signature verification certificate are created. A citizen or representative of an organization receives a carrier with an electronic signature. It is very important to keep it in the strictest confidence and ensure that it cannot be used by unauthorized persons. This is done to prevent fraud and falsification of important information. After all, documents certified with an electronic digital signature have the same power as paper ones (certified by seals and signatures), except in cases where only the usual printed or handwritten form is needed.

Also, the person who owns the digital signature is issued a copy of the electronic signature certificate, the original of which is stored in the authorized center.

If you frequently receive documentation from strangers, you may need to verify the public key. There are special services for this, for example, IECP. Follow the link and in the special field select the electronic signature verification key certificate, which needs to be checked. Be sure to check that you are not a robot, otherwise the site will not allow you to view the data.

After receiving all the encryption tools from accredited centers or from their representatives, you need to install the digital signature on your computer and learn how to use it yourself (FL), or train your subordinates (LE). If you have certain skills, you can install the software yourself and upload the data that is needed for signing and verification.

Thanks to the above, you are now familiar with the basic concepts associated with obtaining and using a digital signature, and you also know where you can get modern means of protecting important information. No matter how accustomed we are to paper documentation, universal computerization has its own requirements, and in order to keep up with the times and make our work easier, we need to meet them.

An electronic digital signature certificate is an analogue of a handwritten signature of an authorized person and the seal of an organization, having similar legal force, issued in the form of an electronic storage medium. An electronic digital signature certificate is used to give legal force to electronic documents exchanged between legal entities.

Only third parties, which are called Certification Centers (hereinafter CA), have the right to issue and distribute EDS certificates for electronic trading; they, in essence, are intermediaries between electronic trading platforms, suppliers and government or commercial customers.

In what areas are digital signature certificates used:

1. Banking. To carry out settlement and cash services, identify recipients and senders of funds, control the conduct of financial activities.
2. Providing reports to state regulatory authorities. (FSS, Pension Fund, Federal Tax Service, VOMS, FMS, etc.)
3. Electronic document management.
4. Conducting public procurement in electronic form.
5. Transactions involving individuals.

An electronic digital signature consists of three parts:

1. EDS public key. Contains information about the last name, first name and patronymic of the owner, the name of the organization he represents and the open part of the code for data encryption.

2. EDS private key. Contains encrypted information intended to protect the confidentiality of the transaction being performed; it consists of a complex code that can only be identified by a special decryptor on the part of the organization for which the document being signed with digital signature is intended.

3. Signing key certificate. Information about the validity period of the EDS key, the name of the Certification Authority that generated it and other information.

In case of loss of digital signature data, to clarify the expiration date of the signature key certificate, you can contact your certification center or find out the necessary information using the unified register of digital signature certificates.