Digital signature: what it is and how it works


What is a digital signature and why it is important to have it

Digital signature is a method of authenticating and verifying the integrity of electronic documents. It is the digital equivalent of a handwritten signature and is used to ensure the authenticity and integrity of data transmitted and stored electronically. This is an IT procedure, which guarantees a very high level of security. More precisely, the digital signature is a type of electronic signature that is based on a mechanism of cryptographic keys, one public and one private.

Thanks to the digital signature, it is possible to confer legal validity to the most diverse digital documents: signing of contracts, declarations, public and private administrative documents, requests for contributions, Chamber of Commerce declarations and certificates, but also in invoices and self-certifications.

The digital signature guarantees the authentication of the sender, the non-repudiation of the message and its integrity. This expression refers to a condition that prevents the author of a message or statement from denying their authorship. It also ensures the integrity of the message sent: an intact message is an unaltered message during the «journey» that starts from the sender and reaches the recipient.

The digital signature is an element that must be present in all electronic invoices sent to the Public Administration. The situation changes for electronic invoices between private individuals or companies, which however do not necessarily require a digital signature. Even in this case, the digital signature procedure is still highly recommended by professionals. Electronic invoices are sensitive documents and it is important to have a tool available that demonstrates their authenticity and integrity.

A particularly relevant legal aspect of the digital signature is its validity over time. The mechanism provides that each certificate has a limited period of validity, which can be suspended or revoked. This is a big difference compared to a handwritten signature, which instead has an unchanged legal value over time. It is no coincidence that it is necessary to renew the digital signature, just as it is recommended to place all the documents containing it over time.

This mathematical method, in fact, must be purchased and renewed over time and to do so it is possible to use various suppliers, such as: Aruba, Infocert, Poste Italiane and others that allow you to obtain a free digital signature. Depending on the supplier and the service chosen, it may be necessary to equip yourself with different devices. There are solutions that operate directly on a PC, or, alternatively, the use of a USB port or a digital signature smartcard reader may be required.

Purchase a digital signature

There are several options available to a user interested in acquiring a digital signature: offers and kits that vary based on the price and type of device supplied, but also based on the number of sales mechanisms available. The purchase price of the digital signature generally varies from 20/30 euros to 60/80 euros + VAT, if you also choose to purchase a token, a USB stick or a smart card.
There are also circumstances that allow you to obtain a free digital signature. For example, some professional associations issue digital signatures to their members at no cost. Similarly, the digital signature issued by the Chamber of Commerce when registering a company can also be free.

In any case, the main difference is between smart cards and USB tokens. In both cases these are devices that allow you to «put your digital signature in contact» with a computer.
The digital signature certificate is placed inside a particular device not too different from a SIM card. To communicate the information present in the SIM with a PC you need to have a smart card or a USB token. Consequently, in the first case it will be necessary to have a smart card reader available, in the second case a simple USB port will suffice.

Another aspect to keep in mind is the presence of subscription and authentication certificates. The signature certificate is the one that allows you to sign documents with legal value.
The authentication certificate (CNS), on the other hand, allows you to ascertain the correspondence between the name of any certified entity and the public key of its digital signature. Furthermore, it allows access to certain Public Administration portals and is only available to those who have a digital signature on the device.

There is also a third option, designed for those with special needs. A solution that combines the advantages of remote signature mobility with the CNS authentication certificate. This is the so-called wireless key: a USB token which is also equipped with Bluetooth technology.

How to activate and renew your digital signature

Once you have purchased your favorite digital signature kit, you move on to the next phase: verifying your identity. This verification can occur in different ways:

  • Online verification: carried out via webcam or via dedicated mobile apps, available for both Android and iOS operating systems;
  • Personal recognition: an appointment is organized with the user;
  • Remote identity verification: in this case the Electronic Identity Card, the Health Card or the National Services Card are used. To verify your identity remotely, however, you may need to have a smart card reader for digital signature or a contactless NFC reader.

Once the verification phase is completed, the digital signature is ready to be activated. Simply connect to the supplier’s website and provide the requested data. The information to be entered may vary depending on the supplier: generally it is necessary to send the details of one or more identity documents and the tax code. In addition, the serial code of the smart card may be requested, or perhaps a secret code communicated via SMS.

Digital signature renewal procedures may also vary from operator to operator. Suppliers tend to warn the user well in advance and send all the instructions to follow in the case.

latest posts published

Lokky, the Italian data driven insurtech for professionals and SMEs

Lokky, the Italian data driven insurtech for professionals and SMEs

EconomyUp interviews Paolo Tanfoglio and Sauro Mostarda, Co-founder and CEO of Lokky Awarded as 'Best ...
An ally for cyber security: Load Balancing

An ally for cyber security: Load Balancing

Having a fast, high-performance and reliable website is a non-negligible aspect for those who have ...
Business Trend 2023 for SMEs, professionals and commercial activities

Business Trend 2023 for SMEs, professionals and commercial activities

The main trends of 2023 that you will need to consider in your business Digital ...
Occupational risks for pastry shops

Occupational risks for pastry shops

The pastry chef's activity involves the production of confectionery products, from the preparation of the ...
How to read a pay slip

How to read a pay slip

In collaboration with our partner F2Dwe decided to delve deeper into the elements that make ...
What are the most common cyber risks and how to protect yourself

What are the most common cyber risks and how to protect yourself

“Houston, we have a problem."Who doesn't know the words of Jack Swigert, pilot of the ...
Clinical Risk: What it is and What are the consequences

Clinical Risk: What it is and What are the consequences

In recent years, the responsibility of healthcare facilities has increased significantly and with this also ...
Commercial activities most affected by theft

Commercial activities most affected by theft

Theft, shoplifting and armed robberies are a plague for Italian traders. In Europe, Italy is ...
October is European Cyber ​​Security Month

October is European Cyber ​​Security Month

October is the European month dedicated to cybersecurity, a good opportunity to acquire new awareness ...
Estimating cyber risk: importance and difficulties encountered

Estimating cyber risk: importance and difficulties encountered

The biggest challenge regarding cyber security is to estimate cyber risk in a credible, sustainable ...

Leave a Reply

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *