Digital transformation is becoming more important due to advance technologies that allow a scenario where companies can optimize their processes and improve the user experience by digitizing many of their processes. The centralized signature, or signature in the cloud, is a clear example of this. We’ll tell you.
The centralized signature or electronic signature in the cloud, was born to satisfy the needs of usability that had been demanded since it has begun to work in environments where it is necessary mobility and technological neutrality to give the opportunity to be able to be operative while we move, being able to operate with the same efficiency from the mobile, tablet or pc.
As we have already mentioned in previous articles, the signature of any document or authentication from mobile devices until now could be considered complicated for the average user, since it required a reader or the installation of the certificate on the mobile device. All this is overcome with the centralized signature.
There are different types of digital signature, but the one that is more rigorous in the European framework and therefore is more secure is the qualified firm. It is the signature with digital certificate, which must be issued by a qualified Provider of trusted services. The regulation takes a very important step, opening the legal door to the so-called “remote signature”:
- “Due to its multiple economic advantages, the creation of remote electronic signatures should be developed in an environment of electronic signature creation managed by a trusted service provider on behalf of the signatory.” (Considering 52, eIDAS)
- (About the different procedures for verification of specific attributes of the individual or legal entity): “at a distance, using means of electronic identification, for which the presence of the natural person or of an authorized representative of the legal person has been guaranteed prior to the issuance of the qualified certificate, and complying with the requirements set out in Article 8 with respect to “substantial” or “high” levels of security (Art. 24-b, eIDAS)
It is about this type of signature that has developed the centralized signature or signature in the cloud.
The signature in the cloud or centralized signature: a step beyond the qualified firm
The centralized signature as discussed previously is nothing more than a qualified signature, but always available in the cloud, so you can use it without the need for a card reader or having to install any certificates on your mobile devices.
Thus, the signature in the cloud or centralized signature, has as main characteristic that its digital certificate is lodged in an HSM server (cryptographic device based in a hardware that generates, stores and protects cryptographic keys) to which the user accesses when it requires signing a document digitally. In order to keep the chain qualified, it is necessary that it be authentically in a robust way.
A robust authentication is one that requires at least two identification procedures that can be, something that is known, something the user has or is: something that only the user knows (for example, a key), something that the user has (for example, card or device with NFC technology, key card, token sms, token otp …) or something that distinguishes biometrically the user (signature, voice or facial recognition, fingerprint, iris, etc.).
When a user requires to electronically sign what he has to do is to authenticate himself, without having to install any certificate or software in the device from which the process is done, because the certificate is hosted on a secure server.
Digital transformation, DSM and the centralized signature
The European regulations concerning the promotion of the Digital Single Market together with the new eIDAS regulation support the use of the centralized signature for the achievement of a single digital market throughout the European space.
The first step has been to standardize the certificates and signatures, so that any certificate issued in a country of the European Union must have validity throughout the Europe Union. The change of legislation is still in the process of transition, however little by little we are seeing how the DSM and EIDAS are becoming a reality that even Brexit cannot stop.
There is still a lot to do, but with the centralized signature many technological barriers of usability are broken, since the digital certificates are hosted on a server and the user has several ways to authenticate, all that is required is a secure connection to Internet.
Business Advantages of the Signature in the Cloud
It adapts to the new commercial reality
The signature in the cloud along with the eIDAS allows the adaptation of the digital commerce to the commercial reality of the users. We make constant transactions with countries of the community and, thanks to the validity of the certificates and the centralized signature, everything becomes much easier. In that sense, incorporating this technology into the business model is to adapt to the new reality of the European Common Market.
Agility, safety, comfort, portability
The fact that the certificates are not hosted on any computer but in the cloud brings security to the procedure. This flexibility also adds a plus to the convenience of users, because they know that whenever they wish and in any space with access to the network can use their centralized signature.
It’s easy to use
As a tool, the centralized signature is easy to use: after a previous registration, the physical identity is linked to the digital one, which allows the issuance of the own digital certificate that is in the secure cloud server (HSM). Once this is done, the user can use his signature whenever he/she wishes.
Reduced use of paper, reduced printing or storage costs
By integrating the signature in the cloud as a commercial tool, the use of folios and impressions becomes minimal; therefore, the costs are reduced not only of the materials, but also of the human resource that is in charge of managing these operations. Also, it is an advance in environment protection.
Express consent, compliance or commitment
As we discussed at the beginning of the article, the centralized signature has the same legal value as a handwritten signature. Like a handwritten signature, it serves to express consent, conformity or commitment and this means that it is legally binding.
Impersonation is not possible
Thanks to the robust authentication system and the possibility of verifying the origin of each document, the impersonation is practically impossible. Moreover, no content can undergo modifications without being registered.
It is a battle won against the bureaucracy
Relying on a long chain of physical and human procedures only nourish bureaucracy and enlargers the margins of error. With cloud signing routines are simpler, faster and more confidential. And not least: this system records the activity of users at each stage, so it is not possible to avoid responsibilities.
With all these reasons we cannot stop suggesting electronic signature in the cloud as the best ally for your business. This is the tool that allows all citizens of the European Community (who meet the requirements) to interact with any administrative entity or private institution.
If you want to know more about centralized signature, we invite you to try for yourself how our powerful fortress signature solution works. You can see a demo by clicking here: Portal Fortress.
We’ll be back next week!