One of the greatest benefits of the digital age is the availability of being able to perform many different government processes online in a shorter amount of time versus having to depend upon the postal service or taking time out of a busy day to go stand in a line at a government office.
As defined by Regulation (EU) No 910/2014 (eIDAS), which took effect on 1 July 2016, an electronic signature creation device is software or hardware that has been configured to generate an electronic signature. However, for such a device to be considered a secure signature creation device (SSCD), it must meet the specifications that are stipulated in Annex II of eIDAS
This article sheds light on the two approaches to achieve non-repudiation of an electronic message: non-repudiation of emission and non-repudiation of origin.
AdES stands for Advanced Electronic Signature, which embraces a family of eIDAS-compliant standards for digital signatures including PAdES, CAdES and XAdES.
The potential for fraud is always a risk that cannot be ignored when it comes to conducting transactions. In person, an individual could present forged or altered documents that attest to an identity that does not belong to him or her.
Under the eIDAS Regulation (EU) No 910/2014, a qualified certificate for electronic signature refers to “a certificate for electronic signatures, that is issued by a qualified trust service provider”
On 1 July 2016, the eIDAS Regulation officially replaces EU 1999/93 Directive for providing governance over electronic identification and trust services for electronic transactions in the internal market across the European Union.
Under Regulation (EU) No 910/2014 (eIDAS), a Trust Service Provider (TSP) is defined as “a natural or a legal person who provides one or more trust services either as a qualified or as a non-qualified trust service provider."
When an electronic signature is created, it must be associated to the data that it is being used to secure. This is accomplished by creating a data set that will combine the signature with the signed data or by storing the detached signature in a separate resource and then using an external means to associate it back to the data.
