Hello! In this article we will talk about electronic digital signature.

Today you will learn:

1. What is digital signature and in what areas can it be used?
2. About the legal force of a signature in this format;
3. About the advantages that its presence provides.

For some time now, digital signature has been a tool that simplifies the movement of documentation. Moreover, this happens not only within the company, but also outside it. Let's look at how to become its owner today.

EDS - what is it in simple words

Everyone knows that any document is signed by a person who has such authority. This is done in order to give the document legal force. Thanks to modern technologies, all document flow is moving into electronic form. Moreover, it turned out to be extremely convenient!

What is digital signature in simple terms?

EDS – This is an analogy to a regular signature, which is used to give legal force to documentation located on electronic media.

It is usually stored on a flash drive.

Advantages:

1. Simplify and speed up the process of data exchange (when collaborating with foreign companies);
2. Reducing costs associated with document flow;
3. Increased security level for information of a commercial nature.

Terms related to digital signature

Closely related to this concept are two others: key And electronic signature certificate.The certificate confirms that the digital signature belongs to a specific person. It can be enhanced or normal. An enhanced certificate is issued either by a certification authority or by the FSB.

The key is the characters in the sequence. They are usually used in pairs. The first is the signature itself, the other confirms that it is genuine. To sign each newly created document, a new key is generated.

The information that is received at the CA is not an electronic digital signature, it is a means to create it.

A little history

The first electronic devices began to be used in Russia in 1994. And the law regulating their use was adopted in 2002. It was extremely vague and ambiguously interpreted the terminology. The issue of obtaining a signature was also practically not covered.

Since 2011, government agencies have switched to electronic document management. And all officials received an electronic signature.

In 2012, this process acquired a global scale and thanks to this, we can now become the owners of universal modern signatures.

How to get an electronic digital signature

Let's consider a situation in which a person has assessed all the advantages of this tool and decided to obtain an electronic signature. So, the question arose: what needs to be done for this? Let's talk about this in more detail.

To obtain an electronic digital signature, you need to go through several important steps:

• Decide on the type of signature;
• Select a certification authority;
• Fill out an application;
• Pay the invoice;
• Collect the necessary documentation package;
• Receive an electronic signature.

Now we will discuss each step in detail.

Step 1. Choose the type of signature that suits you best.

Over the last period of time, the number of those who want to receive an enhanced electronic signature has increased. This is explained by the fact that it can not only confirm the identity of the person who sent the document, but is also protected to the maximum. According to a number of experts, simple digital signatures will soon cease to exist completely.

Let us present in the form of a table the areas in which different types of signatures are used.

No.	Where is it used?	Simple view	Unskilled	Skilled
1	Maintaining internal document flow	found in small companies	Yes	Yes
2	Maintaining external document flow	rarely anymore	Yes	Yes
3	In the Arbitration Court	Yes	Yes	Yes
4	When accessing the State Services website	Yes	No	Yes
5	In regulatory authorities	No	No	Yes
6	When conducting electronic trading	No	No	Yes

Step 2. Select a certification center.

If you need to obtain an electronic signature to submit reports, choose a qualified one, but if you just need to manage paperwork, then choose a simple one.

Let us clarify that the CA is a legal entity whose purpose is to generate and issue an electronic signature.

In addition, the CA carries out the following activities:

• Confirms that the signature is authentic;
• If necessary, blocks the digital signature;
• Serves as a mediator if a conflict situation suddenly arises;
• Provides technical support;
• Provides necessary software to clients.

There are about 100 CAs in the Russian Federation. It is better to choose the one that suits your location and capabilities. You can first check to see if there are any in your city. This is easy to do: just look at the information on the official website.

Step 3. Fill out the application.

To do this, we either visit the center’s office or fill it out online. The remote method allows you to avoid a personal visit to the CA, that is, save some time.

As soon as the submission of the application is completed, a CA specialist contacts the client to clarify the data specified in it. You can ask him questions and get advice.

Step 4. Pay.

You will have to pay for the service in advance. As soon as the application is accepted, all details are agreed upon, the client is issued an invoice. The cost may vary, as it depends on the region where the client lives, on the company itself and on what kind of digital signature you want to receive.

Moreover, the price range is quite large - from 1,500 to 8,000 rubles.

Documents for digital signature

When collecting documents, an important nuance is the following: an electronic signature is needed for an individual, an electronic signature for a legal entity or for an individual entrepreneur. Therefore, we will characterize the documentation separately.

To obtain a signature, individuals must collect the following set of documentation:

• Completed application form;
• Passport with photocopy;
• SNILS;
• A receipt confirming payment of the invoice.

If the recipient has an authorized representative, he or she can handle the submission of documents. The only thing is that you need a power of attorney to perform such actions.

Legal entities need to prepare:

• Completed application;
• OGRN certificate;
• TIN certificate;
• (not expired);
• Passport with a copy of the person who will use the digital signature;
• Payment receipt;
• SNILS of the person who will use the digital signature;
• If the director will use the signature, you must provide an order on the basis of which he holds this position;
• Other employees need powers of attorney so that they can use digital signatures.

IPs are provided by:

• Completed application;
• OGRNIP certificate;
• TIN certificate;
• An extract from the register of entrepreneurs, which is no more than 6 months old (a copy is possible);
• A receipt confirming payment.

If the application was submitted remotely, the necessary documents are sent to the CA by mail, if in person, then along with the application.

Electronic signature for individuals

For individuals there are 2 types of signatures: qualified and unqualified. The obtaining procedure, when compared with legal entities, is much simpler.

Private individuals usually use electronic signatures to sign certain papers.

Nowadays systems such as:

• Unified portal of public services;
• ESIA network for obtaining various information.

For the unified identification and authentication system, a simple type of electronic signature is sufficient, but for the government services portal, a qualified one is used.

To obtain an electronic signature, a citizen also applies to the CA with all documents and an application. You also need to have a flash drive with you on which the private part of the key, known only to the owner, will be written.

The procedure looks like this:

• Contact the CA for a certificate and to receive an EDS key;
• Find a password;
• Filling out forms to obtain keys;
• Submission of all documents;
• Obtaining a certificate for keys.

Electronic signature for legal entities

The obtaining algorithm is practically no different from obtaining a signature by an individual. In the same way, a CA is selected, all the necessary documents are collected, and the invoice is paid. The only thing you must not forget is that the extract from the Unified State Register of Legal Entities must be received on time, since the process of preparing it takes about 5 days.

Hash function: why is it needed?

Hash function is a unique number that is obtained from a document by transforming it using an algorithm.

It is highly sensitive to various types of document distortions; if at least one character in the original document changes, most of the hash value characters will be distorted.

The hash function is designed in such a way that it is impossible to restore the original document using its value, and it is also impossible to find 2 different electronic documents that have the same hash value.

To generate an electronic digital signature, the sender calculates the hash function of the document and encrypts it using a secret key.

In simple terms, it is designed to simplify the exchange of data between users. This is a key data protection tool.

The signed file goes through a hashing procedure. And the recipient will be able to verify the authenticity of the document.

Legal force of digital signature

An electronic digital signature has equal legal force with a regular signature on a paper version of a document, if it was applied without violations. If deviations are identified, the document is not valid. The state regulates the process of using digital signatures by Federal legislation.

Validity period of the digital signature

The digital signature is valid for 12 months from the day it was received. As soon as this period ends, it is extended or another one is received.

Let's sum it up. The use of digital signatures brings the greatest benefits to large companies and enterprises. Thanks to it, document flow becomes cheaper and broad horizons for business open up.

It is also beneficial for ordinary citizens to have it. No need to stand in lines, order state. services are available without leaving your home. EDS is a modern, convenient and profitable tool.

Electronic digital signature is the basis of electronic document management using modern information technologies. It is an integral part of the work of such projects as “Bank-Client” (automated banking systems for remote access), payment systems based on smart cards, electronic Internet payment systems, etc.

What is a digital electronic signature system?

The main purpose of an electronic digital signature, which is a special mathematical scheme, is to confirm the authenticity of electronic documents or messages. A secure digital signature guarantees the recipient that the document was created by the sender and was not modified during transmission.

Electronic digital signatures are actively used in financial transactions, for software distribution, as well as in other projects that require confirmation of the authenticity of an electronic message.

It is worth distinguishing between the concepts of “digital signature” and “electronic signature”. The first term is more general as it refers to any electronic data. However, not all electronic signatures are digital.

Digital signatures use asymmetric cryptography. They are designed to protect electronic messages transmitted over an insecure channel. A digital signature, created according to the rules, guarantees that the message was sent by the originator. In fact, a digital signature and seal is a full-fledged substitute for physical seals and manual signatures. The difference is that digital ones are harder to counterfeit.

One of the areas of application of an electronic digital signature is confirmation of the authenticity of messages and documents transmitted by e-mail using a cryptographic protocol. The digital signature is based on the principle of non-repudiation, according to which the person who signed the document cannot prove that he did not sign the sent message.

The role of digital signatures in e-commerce and document flow

The popularity of EP is growing steadily. Company managers want to reduce the workload of their employees and reduce the volume of paperwork. After all, with the help of digital signatures, other employees will be able to sign documents much faster, which will reduce downtime and ensure increased efficiency of business processes in the organization.

The Federal Law “On Electronic Digital Signature” defines digital signature as equivalent in legal force to a handwritten signature and a physical seal on a traditional paper document. This allows organizations in various industries and areas of activity to actively use it in electronic document management.

But the scope of application of EDS is not limited to this. It is also used to confirm the authorship, integrity, authenticity and relevance of any electronic communications and allows you to check whether any changes were made to the transmitted document by unauthorized people.

The acceleration of all processes in life and business forces company owners to optimize organizational processes and implement various automation systems. E-commerce is one such tool. To participate in the auction you need an electronic digital signature, which allows you to:

• guarantee the authenticity of electronic documents uploaded by participants;
• organizers sign competitions, auctions and applications;
• sign bids at auctions;
• use electronic documents as well as paper ones;
• ensure the authenticity and integrity of electronic documents and prevent their forgery;
• avoid the occurrence of controversial situations due to incorrect sending of documents and submission of applications.

The use of digital technologies in e-commerce may lead to fundamental changes in the practice of business negotiations in the near future. First of all, through the use of digital communication channels and reducing communication costs. Thus, an electronic digital signature provides small and medium-sized business owners with access to international e-commerce markets.

In the recent past, fax was used to exchange messages or documents. Securities were also sent by mail or courier service. Now you can send all the necessary documentation that has the appropriate legal force in the shortest possible time and without intermediaries. After all, an electronic digital signature in document management completely replaces a handwritten one and confirms its authenticity, ensuring that the document has not been amended by unauthorized users.

The economic feasibility of switching to the exchange of electronic documents is obvious: in this form it is easier to store and transmit them. To do this, you just need to issue an electronic digital signature at one of the special certification centers.

Another advantage of electronic document management is the high degree of protection of transmitted data. For digital signature, a special crypto provider with a qualified certificate is used. Its maximum protection is provided by special hardware and software complexes (I-Token keys or smart cards), which contain secure storage for using PIN codes when working with a qualified certificate. If several unsuccessful attempts are made to enter the PIN code, the certificate is blocked and stops working.

Features of using an electronic digital signature

Before using digital signature to endorse documents, you must consider the following:

1. The authenticity of the signature can be verified based on publicly available data. In this case, it is created from a fixed message and a private key of an electronic digital signature.
2. It is impossible to forge or guess a signature without a private key.

The use of digital signature is appropriate and relevant not only in organizing document flow of legal entities (to certify the authenticity, authorship, identity and status of documents), but also individuals. For example, it can be used to confirm informed consent or approval by one of the signatories of the contract.

An electronic digital signature is used to authenticate the source of a letter. This is because even if the document has all the necessary information, it is difficult to guarantee the authenticity of the sender. The electronic digital signature key is assigned to a specific user. This mechanism guarantees that the letter was sent by the owner of the digital signature. This is especially true for financial and banking organizations.

Another area of ​​application of digital signature is confirmation that the letter was delivered safe and sound and that no changes were made to it by attackers during the transmission process. Encryption using a digital signature key does not provide 100% protection against changes to the original message by unauthorized users. But when decrypting the letter, the addressee will receive information if the integrity of the letter is compromised. This is due to the fact that any actions with a message signed with an electronic digital signature lead to its deactivation. In order to sign a changed document again, you need to have access to it. Therefore, the likelihood of such a development is extremely low.

Also, an electronic digital signature is one of the effective tools to confirm the origin of a document or message. That is, an electronic digital signature for legal entities is a guarantee of non-repudiation or the impossibility of denying the fact that an organization has signed an electronic document. This principle of digital signature operation is also applicable to individuals.

It is worth keeping in mind that the authenticity and reliability of a letter signed with an electronic digital signature is only possible if the secret key is not revoked before use. In this case, public keys are canceled simultaneously with secret ones. Upon prior request, the electronic signature is checked for the likelihood of revocation.

Any cryptosystems based on the use of a public or private key directly depend on the degree of secrecy of this data. The user can store the electronic digital signature key on his work computer, protecting it with a password. But this option has its drawbacks:

• documents can only be signed on the computer of the digital signature owner;
• the safety of digital signature data directly depends on the security of the user’s working computer.

It is much more secure to store the private key on smart cards, since most of them have a high degree of protection against changes by unauthorized users.

To activate a smart card, the user enters a special PIN code. This two-factor authentication scheme provides additional protection for the electronic digital signature. In case of theft or loss of a smart card, in order to activate it and use the digital signature, you will also need to enter a PIN code, which reduces the degree of security of this scheme. It is encouraging that the digital signature keys located on smart cards exist in a single copy and cannot be copied. Therefore, the owner of an electronic digital signature, upon discovering a loss, can quickly block their action. Keys stored on the user's computer are much easier to copy, and the fact of information leakage is more difficult to detect. Therefore, it is very important to apply additional protection for electronic digital signatures.

What algorithms are used in the electronic digital signature?

The digital signature scheme simultaneously includes three electronic digital signature algorithms:

1. A key generation algorithm that selects a secret key uniformly and randomly from a set of possible private options. At the same time, secret and public keys are generated, which come in pairs.
2. A signature algorithm that, based on a private key, signs an electronic message.
3. A verification algorithm for an electronic digital signature, which, based on the public key, signature and message, determines the authenticity and decides on the possibility or impossibility of sending an email.

RSA digital signature algorithm.

One of the very first and most widespread digital signature systems works based on the RSA algorithm. It all starts with calculating the public and private key. The sender of the email must calculate two large prime numbers P and Q, and then calculate the product and find the value of the function:

N = P * Q; φ (N) = (P-1)(Q-1).

Then you need to determine the value of E from the conditions:

E £ φ (N), GCD (E, φ (N)) = 1

and D value:

D< N, E*D º 1 (mod j (N)).

The numbers E and N represent the public key. The author sends these indicators to the recipients of the email to authenticate the electronic digital signature. Parameter D is the secret key with which the author signs the message. The operation of the algorithm is shown schematically in the figure:

Disadvantages of using the RSA algorithm to generate an electronic digital signature:

1. Calculating the values ​​of parameters N, E and D is a labor-intensive process, since it requires checking a large number of additional conditions. Moreover, if at least one of them is not fulfilled, there is a risk of forgery of an electronic digital signature.
2. High resistance to falsification of digital signatures created using the RSA algorithm is ensured by significant computational costs (20-30% more than other algorithms).

ElGamal Signature Algorithm (EGSA).

The main idea of ​​this algorithm is the impossibility of forging an electronic digital signature. To achieve such a goal, it is necessary to solve a more complex computational problem, and not just factorize a large integer. In addition, the developer El-Gamal was able to eliminate the shortcomings of the RSA algorithm and prevent the risks of digital signature falsification without determining the secret key.

To generate a public and private key, you need to choose two simple integers P and G, provided that G< P. Отправитель и адресат электронного документа, подписанного ЭЦП, применяют одинаковые большие несекретные числа P (~10 308 = ~2 1024) и G (~10 154 = ~1 512). Первый из них берёт случайное целое число X, 1 < X £ (P - 1), и вычисляет: Y = G X mod P.

Parameter Y is the public key used to authenticate the sender's electronic digital signature. Parameter X is the secret key used by it to sign electronic documents. To sign a message M, the sender must hash it using the hash function h into an integer m: m = h(M), 1< m < (P - 1), и сгенерировал случайное целое число К, 1 < K < (P - 1), при этом К и (P - 1) должны быть взаимно простыми. На следующем этапе он рассчитывает значение параметра a по формуле: a = G K mod P. На основе расширенного алгоритма Евклида с помощью секретного ключа Х определяет целое число b: m = X * a + K * b (mod (P - 1)). Пара чисел (a, b) формируют электронную цифровую подпись S: S = (a, b).

The values ​​of the parameters M, a and b are transmitted to the recipient, and the values ​​of the numbers X and K are not disclosed. The message recipient then calculates the value of m using the formula: m = h(M). Next, the value of the number A = Y a a b mod (P) is calculated. If A = G m mod (P), M's message is considered genuine.

A rigorous mathematical proof can be given that the last equality will be true when the signature S under the message M is calculated using exactly the secret key X from which the public key Y was obtained.

It is worth keeping in mind that to create each electronic digital signature, you need a new value of the number K, which is determined randomly.

The EGSA algorithm is a classic example of how a message is delivered in clear form along with an authenticator (a, b). The difference between the ElGamal algorithm and the RSA algorithm:

1. With a similar degree of resistance, the EGSA algorithm works on integers that are 25% shorter than similar numbers in the RSA algorithm. This reduces the computation time by an average of 2 times.
2. It is easy to calculate the modulus P, you just need to make sure that the number is prime and the number (P - 1) has a large prime factor.
3. The EGSA algorithm does not allow you to put an electronic digital signature on new messages without knowing the secret key.
4. A signature created using the EGSA algorithm is 1.5 times larger than a signature generated using the RSA scheme.

DSA digital signature algorithm.

The DSA (Digital Signature Algorithm) algorithm is an improved version of the EGSA and K. Schnorr digital signature algorithms. The sender and recipient of the email calculate large integers G and P - prime numbers, L bits each (512 £ L £ 1024), q - a prime number 160 bits long (number divisor (P - 1)). The numbers P, G, q are open and can be shared by users. The sender selects a random integer X - the secret key of the electronic digital signature, while 1< X < q. Далее он рассчитывает значение параметра Y (открытого ключа) по формуле: Y = G X mod P. Для подписи сообщения М отправитель хэширует его в целое хэш-значение m: m = h(M), 1 < m < q, затем выбирает случайное целое число К, при условии, что 1 < K < q, и вычисляет значение параметра r по формуле: r = (G K mod P) mod q. Далее он находит число s по формуле: s = ((m + r * X)/ K) mod q.

A pair of numbers S = (r, s) form an electronic digital signature. The recipient checks whether the conditions are met: 0< r < q, 0 < s < q. Если хотя бы одно из них не выполнено, то подлинность ЭЦП не подтверждается. Если же выполнены все условия, то адресат рассчитывает значение w по формуле: w = (l/s) mod q, хэш-значения m = h(M) и числа u 1 = (m * w) mod q, u 2 = (r * w) mod q. Далее он с помощью открытого ключа Y вычисляет v по формуле: v = ((G u 1 * Y u 2) mod P) mod q. Подпись S считается подлинной при условии, что выполняется равенство v = r.

A mathematical proof can be given that the last equality will be true when the signature S under the message M is calculated using exactly the private key X from which the public key Y was obtained.

Advantages of the DSA algorithm compared to the EGSA algorithm:

1. The length of an electronic digital signature created using the DSA algorithm is significantly shorter than that of a signature generated using the EGSA algorithm. However, the level of durability is the same.
2. The DSA signature computation time is less than that of the EGSA algorithm.

The disadvantages of the DSA algorithm include the need to carry out complex division operations modulo q to verify the authenticity of an electronic digital signature. In practice, the DSA algorithm can be accelerated by performing preliminary calculations. It is worth noting that the value of r is independent of message M and its hash value m.

What types of electronic digital signatures are endowed with legal force?

The Federal Law “On Electronic Signatures” No. 63-FZ distinguishes two types of electronic signatures: simple and enhanced. Strengthened signatures can be qualified or unqualified.

Simple digital signature.

To create such a signature, passwords, codes and other means are used. A simple electronic digital signature is a tool for confirming the authenticity of electronic data by the sender. It is considered valid if the following conditions are met:

• the electronic document is signed with an electronic signature;
• the electronic signature key was created in accordance with the requirements of the information system with the help of which electronic messages were certified and sent by the sender.

In regulatory and legal documents, as well as contracts, participants must define the basic rules for the use of a simple electronic digital signature:

• mechanism for identifying the author of a signature in an electronic document;
• mandatory compliance with confidentiality requirements when using electronic signatures by responsible persons;
• compliance with the requirements of Federal Law No. 63-FZ regarding the use of a simple electronic digital signature;
• impossibility of applying digital signature to secret government documents.

Reinforced unqualified electronic signature.

To create such a signature, a cryptographic program is used that operates on the basis of an electronic digital signature key. A strengthened unqualified signature allows you to determine the originator of the document who signed it and the presence of changes in the letter after it was signed. The use of an unqualified electronic signature allows you not to use an electronic digital signature key certificate (subject to compliance with the requirements of the law, other regulatory documents and agreements between the sender and the addressee).

Enhanced qualified digital signature.

The peculiarity of this type of electronic digital signature is the presence of a special verification key contained in a qualified certificate. The generation and verification of an enhanced qualified digital signature occurs using special electronic signature tools that meet the requirements of Federal Law No. 63-FZ.

Paper documents with a handwritten signature and electronic documents with an enhanced qualified signature have the same legal force (except for cases that recognize exclusively a handwritten signature, as provided for in law). The law also allows for the establishment in regulations and agreements between the sender and recipient of additional requirements for electronic documents signed with an enhanced qualified signature.

Let's compare the considered types of electronic digital signature by analogy with familiar physical means of personal identification:

A simple electronic signature is similar to a badge - any stranger can use it, so responsibility for the safety of the data lies with the owner of the signature.

An unqualified electronic signature is similar to a pass in a company, and there is a certain level of trust between the parties to the transaction.

A qualified electronic signature as a passport is the most important tool for identification and provides the opportunity to use all services.

In accordance with Art. 7 of the Federal Law “On Electronic Signatures”, digital signatures created according to foreign standards in the Russian Federation refer to the type of electronic signatures whose characteristics they correspond to. The issuance of a key certificate in a foreign country cannot be a reason for non-recognition of the legal force of the document on which such a signature appears.

How and where to get an electronic digital signature

Step 1. Selecting an electronic signature.

First you need to understand why you need an electronic digital signature. For example, you need a key to work on a government services website. Or you plan to submit reports to extra-budgetary funds, tax authorities, the federal financial monitoring service or other state and municipal bodies. You will also need an electronic digital signature to participate in electronic auctions or work on electronic trading platforms.

Step 2. Selecting a certification authority.

The list of certification centers where you can obtain an electronic digital signature is on the website www.minsvyaz.ru (the official Internet resource of the Ministry of Telecom and Mass Communications). On the main page of the site in the “Important” section there is an active link “Accreditation of certification centers”, after clicking on it a window opens offering to download a file with a current list of accredited certification centers. As of February 6, 2018, the list included 469 organizations.

Steps 3 and 4. Fill out the application and pay for the service.

After choosing a certification center that is conveniently located, you need to fill out and submit an application for issuing an electronic digital signature. If it is not possible to fill out an application on the website, you can write it manually and submit it to employees at the certification center. In the application you must indicate the full name of the recipient of the digital signature, email address and contact phone number. Next, pay for the service.

Step 5. Submitting documents to the certification center.

Simultaneously with submitting an application for the creation of an electronic digital signature key certificate, you must submit a certain package of documents.

List of documents for obtaining an electronic digital signature by legal entities

• certificate of state registration of a legal entity (OGRN);
• certificate of registration with the tax authority (TIN);
• extract from the Unified State Register of Legal Entities (original or notarized copy). The requirements for the statute of limitations for an extract differ from one certification center to another, but usually it is no more than 6 months from the date of its receipt;
• insurance certificate of state pension insurance (SNILS) of the future owner of the electronic digital signature.

If the owner of the digital signature is the head of a legal entity, then it is also required to attach a document confirming his appointment to the position, certified by the signature and seal of the company.

If the authority to own the digital signature is planned to be transferred not to the manager, but to an employee of the company (authorized representative), then it is necessary to attach to the package of documents a power of attorney to transfer the relevant functions to this employee, certified by the signature and seal of the company. If this employee will submit all the necessary documents and personally receive an electronic signature, then you also need to provide copies of the pages of his passport.

List of documents for individual entrepreneurs (IP)

• application for issuance of an electronic digital signature;
• certificate of state registration of individual entrepreneurs;
• certificate of registration with the tax authority (TIN);
• extract from the Unified State Register of Individual Entrepreneurs (original or notarized copy). The requirements for the statute of limitations for an extract from different certification centers may not be the same, but usually this is no more than 6 months from the date of its receipt;
• copies of passport pages of the future owner of the electronic digital signature: with photo and registration information;
• insurance certificate of state pension insurance (SNILS).

If it is planned that the electronic digital signature for an individual entrepreneur will be received by an authorized representative of the future owner of the digital signature, then a notarized power of attorney for the specified representative must also be submitted to the certification center.

In a situation where the future owner of an electronic digital signature wants to delegate all responsibilities for obtaining it to his authorized representative, then along with the main package of documents, the passport of this citizen must be provided.

Step 6. Obtaining an electronic signature.

To obtain an electronic digital signature, you must provide the originals of all documents to the selected certification center. After verifying the information, they are returned to the owner of the electronic signature.

The price of the service for creating an electronic digital signature may vary depending on the following factors:

• type and scope of application of electronic signature;
• features of pricing in the certification center;
• location of the certification center.

The final cost of the service consists of several components:

• registration and issue of an electronic digital signature key certificate;
• granting rights to work with specialized software;
• provision of programs for working with electronic digital signatures;
• transfer of the electronic digital signature carrier protection key;
• technical support when working with electronic digital signatures.

For example, the total cost of an electronic signature for electronic trading is 5-7 thousand rubles.

The period for issuing an electronic digital signature can range from an hour to one week. It all depends on the speed of filing documents and payment for services. In most certification centers, digital signatures are produced in 2-3 business days. Please keep in mind that tax authorities issue extracts from the Unified State Register of Legal Entities or Unified State Register of Individual Entrepreneurs within 5 working days. Therefore, it is worth getting them in advance.

The validity period of the electronic digital signature is 1 year. Therefore, it needs to be reissued annually. This can be done at any certification center (not necessarily the one where you received it).

How to implement reliable electronic digital signature protection

One of the pressing problems in the practical application of modern cryptography is ensuring the protection of electronic digital signature information, primarily the electronic signature key. The high level of strength of cryptographic algorithms, including those developed in our country, forces attackers to steal an electronic digital signature file with keys, since this is the only possible hacking method. Simply selecting a key takes too much time and requires significant computing resources.

In accordance with GOST R 34.10-2001, the secret key of an electronic digital signature represents 256 bits of information. Attackers steal this data from user files, extract it from RAM or the system registry. A real hacker industry has formed in the shadow market for the production of software for stealing private EDS keys: various Trojans, rootkits, viruses, exploits. In order to steal a key, you don’t have to be a professional; you just need to gain access to the FLASH media on which it is stored.

The creators of electronic digital signature tools are trying to provide the necessary protection of secret keys. There are different methods for encrypting a digital signature key stored in a file. The user comes up with a password, which, based on a special algorithm, turns into a real cryptographic encryption key. With its help, the key container is encrypted. The downside is that this kind of protection can be hacked quite quickly by simply brute-forcing passwords. A bonus for attackers is an unlimited number of attempts and the only criterion for correctness (matching the private and public keys).

Stealing a secret key for an electronic digital signature from the system registry is as easy as stealing from a key container in a file, because the registry itself is also in the file.

There is another difficulty in ensuring the security of storing the digital signature key. In the Windows operating system, a certain “binding” of the key container occurs. For example, when connecting for the first time, a FLASH media with digital signature is defined as “Removable disk G”, and during subsequent work as “Removable disk K”. As a result, the crypto provider will not find key containers along the new path.

In addition, if the private digital signature key is located in the system registry, it may be difficult to transfer it to another computer.

Thus, ensuring the secure storage of the digital signature key is associated with many difficulties. But what consequences can occur as a result of theft of a key container? Let's look at the potential options for this hypothetical situation:

1. Attackers can steal money from an account through the remote banking system (RBS). It is almost impossible to prove the illegal actions of hackers, because all banking transactions contain your electronic digital signature.
2. The RBS security system prevented unauthorized transfers of funds by blocking access to the bank account. The money is safe, but important deals may have fallen through due to late payment.
3. Your competitors stole the digital signature key and signed a fake commercial proposal or competitive bid. As a result, you will spend time and effort to clarify the situation, and your company will be excluded from electronic trading for dishonesty.
4. The attackers signed a false report using a stolen digital signature key, and your organization was fined.

Thus, the theft of an electronic digital signature key threatens you with loss of financial and time resources, deterioration of business reputation, disruption of important transactions, blocking of bank accounts and other potential and very real losses. Even if you prove that electronic data has been stolen, there is a high probability that the bank will refuse to return the stolen money.

Hackers may not risk it and instead of stealing the key container, simply delete it. This will lead to lost benefits for the owner of the digital signature (lost income, disruption of transactions) and unforeseen expenses (lost time, payment for services for re-issuing the digital signature).

Compliance with information security rules when using and storing electronic digital signatures is the key to uninterrupted operation of all participants in electronic document flow (banks, trading platforms, digital signature owners, reporting operators, etc.).

It is worth keeping in mind that the owner of the electronic signature should not give his secret key to other company employees. After all, only he is responsible for all documents signed by colleagues. If there is such a need, an electronic digital signature should be made separately for each employee who has the right to sign documents.

We have already talked about the insecurity of storing the key container in a file. To eliminate the shortcomings of such an encryption system, they came up with alienable media with their own encrypted file system in which the key container is located. Such a system has its own control microprocessor, which limits the number of hacking attempts.

For example, smart cards and USB tokens are popular in domestic practice. To activate the EDS secret key, the user enters an individual PIN code. After several incorrect input attempts, access is blocked, which limits the possibilities for attackers to hack.

USB tokens are popular in Russia due to a number of characteristics: reliability, ease of use and low cost. Thus, after the Rutoken-2001 project entered the market, several million USB tokens of this company were sold. In some areas (for example, when filing tax reports and in electronic trading), Rutokens are considered the standard for the safe storage of key containers.

An improved variation of USB token technology works on cryptographic algorithms immediately “on board” the media. The secret key is not loaded into the computer's RAM, which eliminates the possibility of it being stolen by malware directly from the computer's memory. This technology is actively used in various financial organizations, in particular, in remote banking systems of organizations, where potential losses from theft of the secret key of an electronic digital signature are especially high.

How to verify the authenticity of an electronic digital signature

Electronic digital signature verification is carried out using open online services and specialized programs. The verification results make it possible to find out who signed the electronic document, authenticate the signature, and identify unauthorized changes in the message.

Many modern information systems automatically verify the authenticity of an electronic digital signature. Thus, on the Rosreestr website (rosreestr.ru) you can easily determine the authenticity of the digital signature on a document received in response to a user request. To do this, you need to upload the resulting file with the *.sig extension to a special site service and click on the button.

Similar verification tools can be found in other information systems, for example, on electronic trading platforms. Certification centers also provide users with services to verify the authenticity of digital signatures. In addition, those interested can carry out this procedure independently using specialized programs.

During the verification of an electronic document, the electronic digital signature on it, the EDS key received from the sender, and the EDS certificate are compared. If the recipient of the email is not registered with any of the existing certification centers, he can verify the authenticity of the digital signature independently:

1. In open online services such as ContourCrypto and others.
2. Install the CryptoPro CSP program on your personal or work computer and download the certificate database from public directories of certification authorities into it.
3. On the website www.gosuslugi.ru/pgu/eds you can check the electronic digital signature issued only by CAs that have passed state accreditation.
4. The most difficult way is if you have professional knowledge and skills, then calculate hash functions based on the encryption algorithm.

Let's take a closer look at the first three methods, since they are more accessible to users without computer education.

Check on CryptoPro CSP.

On the developer's official website you can download a demo version of the program and use it for free for two weeks, and then buy the full version. CryptoPro CSP allows you not only to check digital signatures in electronic documents, but also to sign your own files created in MS Word. After installing the program, you can select the desired action from the drop-down menu.

In the future, CryptoPro CSP will independently verify signatures in all open documents certified by digital signature. If the result is successful, the user will see a pop-up window

If during the check the program warns that the certificate of the received electronic document cannot be traced to the root directory, then the user should move it to the storage

Verification of electronic digital signature on the Public Services Portal.

On the website gosuslugi.ru you can easily check both your own qualified electronic signature and its certificate received from the sender in an electronic document. The site’s online service works both with files with the *.sig extension and with text documents that have an electronic signature built into their body.

If the certificate and electronic signature have passed verification, the message “Valid” appears. If not, the service reveals the reason: “Certificate revoked” or “Could not be verified.”

Using this service, you can easily check the EPI. In both cases, verification takes place only in relation to qualified signatures, since their key certificates are in the open registries of certification authorities. The likelihood that a document will have an invalid electronic digital signature is extremely low, since certification authorities monitor the validity periods of their certificates.

Reasons for incorrect operation of electronic digital signatures and how to eliminate them

Most users on electronic trading platforms experience difficulties due to incorrect operation of the electronic digital signature. Such problems can arise at the most inopportune moment, for example, during trading, which will lead to undesirable results:

• the application for participation in the competition will not be submitted on time;
• the participant will lose the electronic auction;
• a contract for the provision of services to government agencies will not be signed.

Typical difficulties when working with electronic digital signatures:

1. The procurement participant certificate is not visible on the electronic trading platform.
2. There is no technical possibility to sign an electronic document.
3. When trying to log into the electronic platform, the user receives an error message.

In practice, there are other problems, but we will look at ways to solve the most popular ones.

The signing key certificate is not visible on the site when trying to log in to the system.

This may be due to the simultaneous action of several factors:

• the digital signature key certificate is configured incorrectly;
• Internet browser does not work correctly;
• there is no CA root certificate.

How to solve a problem?

First, check that the installation of the open part of the certificate on the computer through the CryptoPro program was completed correctly. Also make sure that your operating system supports the version of the software installed on your computer. Next, in your browser settings, add the trading platform email addresses to the trusted category, enabling all ActiveX controls. And at the end, install the root certificate of the CA that issued the digital signature into trusted root certification authorities.

The electronic signature gives an error when signing documents.

This problem may occur for the following reasons:

• your version of CryptoPro has expired license;
• you inserted media with a different certificate.

How to fix it?

Obtain a new license from the CA, open the CryptoPro program on your computer and enter the license data.

If the issue is with the digital signature carrier, then check all closed containers in the USB connectors and that the required certificate is loaded correctly.

The system displays an error when logging into the electronic platform.

The roots of this problem may lie in the previously discussed reasons. Typically, difficulties arise due to incorrect installation of the Capicom library. To fix the problem, check whether this library is installed on your computer and whether the two system files with the .dll extension are copied to one of the Windows folders when using a 64-bit system.

Preliminary study of the instructions for installing and configuring an electronic digital signature will help you avoid the described problem situations. If you still have difficulties when working with digital signature, you can contact the professionals of our company.

Digital signature for individualsappeared relatively recently and is not yet as popular as in the business sector. What is an electronic signature for individuals, what opportunities does it provide, where to go to obtain it - all this will be discussed in this article.

Electronic digital signature - what is it?

The procedure for using digital signatures when signing documents is regulated by the Law “On Electronic Signatures” No. 63-FZ of 04/06/2011. An electronic signature is an analogue of an individual’s signature, which has the following properties:

• is unique;
• protected from copying;
• indicates the person who signed the document.

From a technical point of view, an electronic digital signature is formed by encrypting the information contained in a document and is a unique sequence of characters. It is either located in the body of the signed file or attached to it. That is, the external expression of an electronic signature has nothing in common with a handwritten signature. Despite the fact that the purpose of both types of signatures is the same - to certify the authenticity of the document.

The law names 3 types of electronic signature:

1. simple - serves to confirm that the document comes from a certain person;
2. reinforced unqualified - not only indicates the person who put it down, but also confirms that after it was put down, no changes were made to the document;
3. enhanced qualified - has the characteristics of an unqualified digital signature, but is issued only in specialized centers accredited by the Ministry of Telecom and Mass Communications.

It is a qualified signature, according to the law, that gives the document full legal force (that is, it fully replaces a handwritten signature, as well as the seal of the organization). It is required, for example, when submitting electronic reports to the Federal Tax Service, Pension Fund and other government agencies. Other types of digital signatures can be used in business relations if the agreement between the parties provides for their use.

Why do individuals need an EDS?

Today, electronic digital signatures are increasingly used in the work of legal entities. Its use is especially relevant for organizations that have a large number of divisions or enter into transactions with counterparties located at a considerable distance from them. However, with the transition of many types of activities to the virtual space, citizens often need to obtain an electronic digital signature.

Don't know your rights?

We list the main areas in which digital signatures are useful for individuals:

1. Receiving government services via the Internet. Possession of an electronic digital signature will allow you to fully use the services of the state portal. services (for example, tracking traffic police sanctions, filling out an application for obtaining a passport, sending a declaration to the Federal Tax Service, etc.).
2. Submitting an application for admission to a university. Every year, more and more educational institutions introduce the practice of accepting applications from out-of-town applicants certified with an electronic signature.
3. You can electronically submit an application to the tax authority, as well as documents for opening a legal entity. persons or individual entrepreneurs.
4. The use of digital signature allows you to formally draw up documents (for example, a work contract) for individuals working from home and receiving orders via the Internet.
5. When using an electronic signature, it will be possible to participate in electronic auctions (the property of enterprises declared bankrupt is often sold at them).
6. It is possible to submit an application for a patent for an invention electronically.

How and where to get an electronic digital signature?

In order to obtain an electronic digital signature, you need to contact an institution called a certification center. The list of accredited centers and their addresses can be found on the website of the Ministry of Telecom and Mass Communications. These institutions are located in almost all major cities.

Although, speaking technically correctly, the center issues not the signature itself, but the software for creating it. Using these means, the owner has the opportunity to sign each electronic document with a unique digital signature (See . How to install digital signature on a computer and sign a document (Word, pdf)?).

To use a signature, 2 keys are issued: private (secret) and public. They represent encoded information of a certain volume. The private key is used to sign the document, and the public key is used to verify the signature (the owner provides this key to the recipients of the emails). The rights of the owner of the public key are confirmed by a certificate issued by a certification authority.

When applying for an electronic signature, a citizen will need a package of documents, the specific list of which may vary depending on the certification center. The following documents are most often required:

• application for issuance of digital signature;
• certificate of assignment of TIN;
• passport;
• pension certificate (SNILS);
• document confirming payment for the center's services.

In most centers, an application can be submitted via the Internet. As a rule, the process of producing an electronic signature takes no more than a few days.

How to obtain an electronic signature from a certification center? Where to buy an electronic digital signature? What does the electronic signature law regulate?

The weather is miserable: rain and snow, piercing wind. Moreover, this process is in the Arbitration Court, for which additional documents are urgently required. If only I could send them there without leaving home... Is something similar familiar to you?

Nowadays, electronic signatures are used by both legal entities and individuals. It is recognized by courts, regulatory authorities and government agencies.

The publication material will allow you to get a clear idea of ​​the process of registration and use of digital signatures.

1. What is an electronic digital signature

Let's start with the basic concept of the article.

Electronic digital signature(EDS) - an analogue of a personal signature, provides the ability to endorse electronic documentation. Serves as a guarantor of its integrity and authenticity.

An electronic signature (ES) allows you to:

• authenticate the source of the message;
• control the consistency of the shipment;
• make it impossible to refuse the fact that a message has been endorsed.

The electronic signature scheme includes two processes: a signature generation algorithm and a verification algorithm.

To better visualize this process, I depicted it schematically.

The question often arises about the legality of such approval. There is a large amount of judicial practice on this matter confirming the legality of digital signatures.

Example

The decision of the Volga-Vyatka Court in one of the cases considered in 2010 is indicative.

Company "A" filed a claim against its partner, company "B" for the return of funds for goods delivered but not paid for. During the transaction, electronic documents certified by digital signature were used.

The defendant explained the lack of payment by saying that the documents presented, certified in this way, are invalid, and therefore cannot serve as a basis for making payments.

The court did not accept the defendant’s explanation, since an additional agreement had previously been signed between the former partners, allowing the use of documentation endorsed by electronic signature within the framework of these contractual relations.

And, therefore, all documents are drawn up properly and have a visa from an authorized person. The court satisfied the claim in full.

Regulation of electronic signatures is carried out within the framework of Federal Law No. 63 “On Electronic Signatures”.

It regulates its use:

• in civil transactions;
• provision of public services;
• provision of municipal services;
• performing government functions, etc.

There are some requirements for EP.

The main ones are:

• ease of authentication;
• high difficulty of its forgery.

2. What types of digital signature are there - TOP 3 main types

Varieties of digital signatures are prescribed by law. Article 5 of Federal Law 63 mentions: simple and reinforced. Reinforced, in turn, can be unqualified (UNEP) and qualified (UKEP).

Let's get to know them better!

Type 1. Simple electronic signature

So, a simple electronic “autograph”, formed using special codes (passwords), indicates that the messages being sent have been endorsed.

He is not vested with any other powers.

Type 2. Enhanced unqualified electronic signature

This option is formed in the process of cryptographic transformation of information using an electronic signature key.

Such approval makes it possible not only to identify the author, but also to identify unauthorized adjustments to the sent message.

Type 3. Enhanced qualified electronic signature

This is the most protected species.

It has all the features of UNEP and some additional qualities:

• the verification key is contained in the qualified certificate;
• is created and verified by UKEP using tools approved by the FSB.

3. Where is an electronic signature used - an overview of the main options

Depending on the type, electronic signatures are used in various fields.

Possible areas of application of electronic signature:

Let's look at each use case in more detail.

Option 1. Internal and external document flow

ES is especially in demand in internal and external document flow. Company documentation endorsed in this way is considered approved and becomes protected from adjustments.

With electronic document flow between counterparties, documents signed with an electronic signature receive legal status. Both contracts and primary accounting documents (invoices, etc.) can be certified.

Option 2. Arbitration court

Often, when considering cases in the Arbitration Court, additional evidence may be required, which is permitted to be submitted electronically.

Certification of such documents by electronic signature is required by law. Then they have legal force and are equivalent to written evidence on paper.

Today, the arbitration courts of the Russian Federation accept for consideration the following documents certified with digital signature:

• statements;
• petitions;
• reviews.

Option 3. Document flow with individuals

Individuals still rarely sign any documents with a digital signature, although every year this practice is becoming more and more popular, especially among people working remotely.

An electronic digital signature allows them to exchange acts of acceptance and delivery of their services in electronic form. With the help of an electronic signature, individual inventors have the right to submit a patent application on the Rospatent website. Its owners can write an application for state registration of an individual entrepreneur or legal entity directly on the website of the tax department.

Option 4. Public services

The government services portal makes life much easier for Russians. If you want to get full access to the portal services without any problems, issue an electronic signature.

With its help, you can interact with the traffic police, submit applications for a passport, the registry office, etc.

Option 5. Regulatory authorities

Electronic reporting certified using a qualified electronic signature has legal force and is recognized by regulatory agencies.

With its help, reports are submitted not only to the tax office, but also to the Pension Fund of Russia, Social Insurance Fund, Rosstat, etc.

Option 6. Electronic trading

Electronic trading is specialized sites, places where suppliers and buyers meet, transactions for the purchase/sale of services, works and goods are concluded.

To participate in them, you must purchase an electronic signature. Documents signed in this way confirm the reality of the proposals and become legal.

4. How to get an electronic signature - 6 simple steps

You have heard that digital signature allows its owners to perform various legally significant actions without leaving their office or home.

Are you eager to get such a signature and join the ranks of its lucky owners, but don’t know how to do it correctly?

You have come to the right address! In my mini-instructions, I will tell you how to get an EP quickly and correctly.

Step 1. Decide on the type of electronic signature

Before ordering an electronic signature certificate, I recommend answering the question again: “Why do I need it?”

If you plan to use it only for internal electronic document management of your company, then a simple or unqualified digital signature for a legal entity is suitable for you.

If you use a signature in external electronic exchange, then you already need a qualified electronic signature.

Step 2. Select a certification authority

Certification center (CA) is a legal entity, one of the statutory activities of which is the formation and issuance of digital signatures.

Choose a CA that is as close as possible to your location. Also pay attention to the cost of services and the production time of the electronic signature.

You may be interested in the “On-site clearance” service, then choose a center that offers this service.

Step 3. Fill out and send the application

The type of signature has been determined, the certification center has been selected, and it’s time for the application.

You can submit it in two ways:

• make a personal visit to the office;
• fill out the form on the center's website.

It contains only the most necessary information: full name, contact information (phone, email).

Having received the application, the CA manager will contact you and clarify all the data necessary for issuing the digital signature, and advise on prices and conditions.

Step 4. Pay the bill

After processing the application by the center’s specialists, you will receive an invoice for payment. As you know, services are usually paid according to the principle “Money in the evening, chairs in the morning”, that is, on the terms of 100% prepayment.

The cost of an electronic signature is on average 5-7 thousand rubles, the minimum price is 1.5 thousand rubles.

It includes:

• generating a signature key certificate;
• required software;
• technical support.

You can pay the bill either by bank transfer or in cash.

Step 5. Provide documents

The list of documents depends on the applicant’s status: legal entity, individual entrepreneur, individual.

The table shows the required documents taking into account the applicant’s status:

№	Applicant status	Required documents
1	Entity	Copies: certificate of registration with the Federal Tax Service, confirmation of the authority of the head of the legal entity, the applicant’s passport, SNILS of the certificate owner, power of attorney confirming the authority of the certificate owner, power of attorney to receive the certificate (if not the owner) Original: application for certificate production
2	IP	Copies: certificate of state registration of an individual as an individual entrepreneur, passport, SNILS Originals: application for the production of a certificate, a notarized power of attorney confirming the authority of the owner of the certificate acting on behalf of the individual entrepreneur (if the owner of the Certificate is not an individual entrepreneur), a notarized power of attorney to receive the certificate (if the certificate is received by a representative of the individual entrepreneur)
3	Individual	Copies: SNILS, passport Original: statement

Step 6. Obtaining digital signature

You can get a signature at collection points, of which there are now many. You will find their addresses on the website of the selected center.

An electronic signature is usually produced within 2-3 days. Some CAs provide a service for urgent registration and issuance (within an hour). Having visited the point at the appointed time, providing original documents (for control verification), you will receive your digital signature.

Remember! An electronic signature is valid for a year, after which it requires renewal or reissue.

5. Where to get an electronic signature - review of the TOP-3 certification centers

As usual, I present to you a selection of companies that provide digital signature services.

Today I bring to your attention 3 specialized centers.

The company offers its clients the issuance of various electronic key certificates.

State portals, electronic auctions, tenders, government procurement will become available to owners of digital signatures issued by highly qualified Alfa-Service specialists. The company is ready to urgently produce any digital signature and then the procedure for obtaining it will take no more than 10 minutes.

Flexible prices and constant promotions as part of the company's loyalty program make digital signature accessible to everyone.

TC "Takskom" has been operating in the field of electronic document management since 2000. During its existence, the company has established constant cooperation with various organizations, enterprises and government agencies.

Our partners and clients are:

• various ministries and departments (Ministry of Foreign Affairs, Ministry of Economic Development, Federal Tax Service, etc.);
• famous brands (Nokia, Svyaznoy, HeadHunter, etc.):
• credit organizations (Sberbank, Alfa-Bank, etc.);
• Russian Post, etc.

Clients are attracted by the reliability and impeccable reputation of the company and the undeniable advantages that Taxcom has.

Benefits of work:

• there is accreditation;
• a wide selection of electronic documents for different purposes (request for quotation, construction tenders, etc.);
• experienced specialists;
• a new generation of secure information media.

The Center for Paperless Technologies was founded in 2016 by spinning off the paperless technologies direction from Garant-Park LLC into a separate company.

The center provides a wide range of services in 2 main areas:

• paperless technologies in document management;
• electronic trading.

The company offers its clients an increase in sales thanks to the Center’s online service for selecting auctions according to the parameters they set.

It allows:

• find a suitable tender or procurement;
• monitor trading in the Russian Federation and abroad;
• win more auctions.

6. How to store an electronic digital signature - 3 proven methods

In the modern world, the problem of protecting various information, including electronic signatures, is becoming increasingly urgent.

To preserve it, owners use various methods. I will briefly tell you about the most common ones.

Method 1: Local storage

A very common storage method is local. In this case, the electronic autograph is placed on a computer, for example, in a registry.

Disadvantages of the local method:

• no key mobility;
• there is no way to constantly control the key by its owner.

Method 2: Cloud storage

This method involves storing the key on a remote secure service.

To use it, you must go through strict multi-step authentication, which greatly increases the security of this storage.

Method 3. Storage on tokens

And finally, the third method is tokens.

A token is a device capable of generating a key pair and digital signature. The main purpose of this device is to store electronic keys.

By entrusting your electronic digital signature to a token, you can reliably protect it from intruders.

To use it, you must enter a PIN code. It's almost impossible to find it. In addition, 3 unsuccessful attempts and the token will be blocked.

Advantages of storing digital signature on a token:

• highly reliable storage method;
• PIN code access;
• The PIN code is not transmitted over the network, which means it cannot be intercepted;
• long term of use (5-20 years);
• does not require wiring, power supply, or special readers.

You will learn some additional information by watching the video.

7. Conclusion

Summarize! In times of complete computerization, an electronic signature is necessary for both organizations and individuals. It saves time and expands possibilities!

An electronic digital signature (EDS) gives its owners access from any convenient place where there is Internet access to a wide range of government services, electronic trading, auctions, electronic reporting, etc.

Questions for readers

What aspects of this topic do you think need to be covered in more detail or even a separate article for this?

Keep up with the times, don't give up modern technologies!

We would be grateful for your feedback and comments on the topic of the article! If the material was useful, let your friends and colleagues know about it on social networks - like it!

This is a detail of an electronic document obtained as a result of cryptographic transformation of information using a private signature key. An electronic digital signature (EDS) allows you to confirm that the EDS belongs to its owner, as well as to record the state of information or data (the presence or absence of information distortions) in an electronic document from the moment of its signing.

In fact, an electronic signature is an analogue of the owner’s handwritten signature. Therefore, it can be used when signing electronic documents of any level.

Each owner of an electronic signature must have a certificate. In fact, this document confirms that the public key of the electronic signature belongs to the owner of the certificate. Such paper is issued by certification centers or their authorized representatives.

How and where to obtain an EDS certificate?

To obtain an electronic signature certificate, you just need to register on the certification authority’s website. Next, indicate the legal status of the organization for which you need to purchase an electronic signature, the region and point of issue of the certificate, and enter information about your organization. After completing the registration, the user will be provided with a digital act, agreement, invoice and a list of required documents. All that remains is to go to the specified digital signature issuing point, pay the bill, provide the required set of documents and get a signature.

You can register on any website of the certification authority; there are many of them on the Internet.

What are the advantages of using an electronic signature?

If we talk about individuals, then in this case it is convenient because it allows remote interaction with government, educational, medical and other information systems via the Internet.

EDS opens up more opportunities for legal entities. They can participate in electronic auctions, organize legally significant electronic document flow and submit electronic reports to regulatory authorities.

Moreover, according to certification centers, having a qualified electronic signature can solve everyday problems without visiting government agencies and without presenting a passport. It is enough to register on the gosuslugi.ru portal, where the user will have access to a wide range of services: from replacing a passport to filing a tax return, paying traffic police fines and much more.

Types of digital signatures and their differences

According to Federal Law No. 63-FZ “On Electronic Signatures,” there are several types of digital signatures:

• Simple electronic signature. Such a signature, through the use of codes, passwords and other means, confirms the fact that the electronic signature was created by its owner.
• Enhanced unqualified signature. It is obtained as a result of cryptographic transformation of information using a private signature key. A strengthened unqualified electronic signature allows you to identify the person who signed the electronic document, as well as detect the fact of making changes to the document after its electronic signing.
• Strengthened qualified signature. In many ways it duplicates the previous type of signature, but its advantage is that cryptographic protection certified by the Federal Security Service of the Russian Federation is used to create and verify it.

Moreover, qualified signature certificates are issued by strictly accredited certification centers.

If we compare the advantages of the last and two previous signatures, the advantage is definitely in favor of the latter. According to the aforementioned Federal Law No. 63 “On Electronic Signatures,” an electronic document signed with a simple or enhanced unqualified electronic signature is recognized as equivalent to a document on paper, but only under one condition: if the participants in electronic interaction have entered into an appropriate agreement among themselves.

An enhanced qualified signature on an electronic document is a 100% guarantee of a handwritten signature and seal on a paper document. So, regulatory authorities like the Federal Tax Service, the Pension Fund of the Russian Federation, the Social Insurance Fund recognize the legal force of an electronic document signed with an enhanced qualified signature.