Digital certificates have become very useful to prove our identity when dealing with certain operations. The advantage of being able to use them from home or anywhere else, together with their high level of security has made them very attractive to citizens. Many citizens will wonder how to get them. Let’s solve this issue together with other important aspects related to digital certificates.
What is a digital certificate?
A digital certificate is an electronic document that contains a dataset to be able to identify a person via the Internet.
To fully understand what digital certificates are, let’s look at the definition offered by the already well-known eIDAS Regulation of the European Union, which defines digital certificates as:
‘’a set of data unambiguously representing the signatory to whom the certificate is issued including at least the name of the signatory or a pseudonym, which shall be identified as such’’
Therefore, an electronic certificate is an electronic document that serves to uniquely identify a person. Without leaving the eIDAS Regulation, we can also find the different types of available digital certificates:
- Certificate-based signatures: aimed to identify and to electronically sign documents by individuals. They ensure the identity of the signatory and the integrity of the signed electronic message. They can be qualified or non-qualified depending on meeting the requirements set out in eIDAS.
- Seal certificate: for electronic sealing by legal entities. They can also be qualified or non-qualified.
- Web authentication certificate: used to link an internet domain with the owner of the certificate. Designed to link the website (Internet domain) with the natural or legal person who owns the certificate.
Digital certificate usage
People think that digital certificates are only used to complete Administrative procedures, e.g., Treasury procedures, Social Security procedures, employment services, payments of local and regional taxes, etc. These online operations have skyrocketed, thanks to the development of the e-Administration.
Though their uses are very much recent, digital certificates can also be used for eSigning private documents, such as commercial contracts or any other type of agreement. They are useful for the electronic signature to be considered qualified (if it’s a qualified certificate) or advanced (in case it’s not).
How to apply for a digital certificate
To obtain a qualified digital certificate we must contact a Qualified Trust Service Provider. eIDAS defines these trusted services as:
- The creation, verification, and validation of electronic signatures, electronic seals or electronic time stamps, electronic registered delivery services and certificates related to those services.
- The creation, verification and validation of certificates for website authentication; or
- The preservation of electronic signatures, seals or certificates related to those services;
Several Trust Service Providers can be found in the European Commission trusted list, where Viafirma is listed as Qualified Trust Service Provider for Timestamping services.
What requirements must be met to receive a digital certificate? It’s simple. Any Spanish or foreign citizen who has an official identification document can obtain a digital certificate through a Service Provider, like the Royal Mint, which is the most known authority in Spain. This ID document, which has to be in force, can be:
- Spanish ID Card
- NIE number
- Driving licence
- Spanish passport
Apart from Royal Mint, there are other Service Providers, such as Firmaprofesional.
How to check if a digital certificate is valid
Digital certificates must be validated, whether because their expiration date has passed or for other purposes. The different status of a digital certificate can be:
- Revoked: the validity of the certificate has been cancelled before the expiry date. Very frequent when the security of the certificate has been exposed.
- Suspended: the certificate will not be valid for a period of time.
To verify the validity status of a digital certificate, in case you have chosen the FNMT, check their website or go to the certificate revocation list (CLR) or use the OCSP (Online Certificate Status Protocol) verification process.
Digital certificate signature
We have previously referred to the fact that digital certificates are useful for identifying and electronically signing public and private documents. In addition, we have also stated that by using a qualified certificate, we will obtain a qualified electronic signature, and if not, it would be considered advanced. For instance, by configuring our signature policy, we can require the use of digital certificates for signing our documents.
Another alternative is our centralized or cloud signature solution (also qualified or advanced), which stores and manages digital certificates thanks to the cloud technology. Viafirma allows users to sign with certificates from any device, anytime and anywhere.
Also, our Viafirma cloud solution will protect our certificates via two-factor authentication for accessing and managing certificates. This includes the establishment of usage policies for certificates (i.e., restricting their use to certain websites, time slots, specific applications, etc).
Our experience shows that digital certificates are indeed very handy, versatile and secure, and can be used to complete all kinds of online operations, both public and private. Therefore, Viafirma has developed solutions to take the most out of digital certificates.