The qualified digital certificate, in a nutshell
Legislative regulations and typologies
EU Regulation no. 910/2014 (eIDAS) on electronic identification and trust services for electronic transactions in the internal market sets three types of qualified digital certificates:
• for electronic signature - a certificate issued by a qualified trust service provider for the electronic attestation linking the electronic signature validation data to a natural person and confirming at least the name or pseudonym of that person;
• for the electronic seal - a certificate issued by a qualified trust service provider for the electronic attestation linking the electronic seal validation data with a legal person and confirming the name of that person;
• for authenticating a website - a certificate issued by a qualified trust service provider for the attestation that makes it possible to authenticate an internet site and connects the website and the natural or legal person to whom the certificate has been issued.
Qualified Trust Service Provider (QTSP)
Qualified certificates can therefore be issued by a Qualified Trust Service Provider (QTSP) - the full list of EU Member States can be consulted here.
Among them is certSIGN, the company successfully completing the compliance audit in relation to the requirements of the eIDAS Regulation and found in the European Trusted List with a number of services compliant with European legislation:
• qualified digital certificate for electronic signature;
• qualified digital certificate for electronic seal;
• qualified SSL EV digital certificate for website authentication.
• qualified electronic time stamps;
Qualified digital certificates and electronic signature
Why are Qualified Certificates So Important? For example, in the case of qualified electronic signatures (based on a qualified certificate), a very important aspect is the legal role. According to art. 25 of the eIDAS Regulation, a qualified electronic signature has the equivalent legal effect of a handwritten signature. In addition, a qualified electronic signature based on a qualified digital certificate issued by a Member State is recognized as a qualified electronic signature in all other Member States.
The qualified digital certificates are used:
• mandatory, in relation to the state institutions: ANAF (submission of tax returns online, submission of monthly declarations for fiscal apparatus with electronic journal), SICAP / SEAP (participation in electronic auctions through the Electronic Procurement System), MySMIS (access to projects funded by European funds), CNAS (transmission of reports, access to electronic health records), Ministry of Health (transmission of daily reports on drug stocks and economic operations);
• optionally in relation to the state institution: ONRC (online establishment of a company online), AFIR (obtaining funds for agriculture), courts (submission of electronic documents to courts - requests, appeals, hearing notes, complaints, appeals ), ONJN (submission of daily statements on economic operations by gambling organizers);
• optionally, by companies: in relation to business partners (signing contracts, signing electronic invoices) and optimizing internal processes such as Human Resources (signing employment contracts, recruitment offerings).