What is a digital signature and why it is important to have it
Digital signature is a method of authenticating and verifying the integrity of electronic documents. It is the digital equivalent of a handwritten signature and is used to ensure the authenticity and integrity of data transmitted and stored electronically. This is an IT procedure, which guarantees a very high level of security. More precisely, the digital signature is a type of electronic signature that is based on a mechanism of cryptographic keys, one public and one private.
Thanks to the digital signature, it is possible to confer legal validity to the most diverse digital documents: signing of contracts, declarations, public and private administrative documents, requests for contributions, Chamber of Commerce declarations and certificates, but also in invoices and self-certifications.
The digital signature guarantees the authentication of the sender, the non-repudiation of the message and its integrity. This expression refers to a condition that prevents the author of a message or statement from denying their authorship. It also ensures the integrity of the message sent: an intact message is an unaltered message during the «journey» that starts from the sender and reaches the recipient.
The digital signature is an element that must be present in all electronic invoices sent to the Public Administration. The situation changes for electronic invoices between private individuals or companies, which however do not necessarily require a digital signature. Even in this case, the digital signature procedure is still highly recommended by professionals. Electronic invoices are sensitive documents and it is important to have a tool available that demonstrates their authenticity and integrity.
A particularly relevant legal aspect of the digital signature is its validity over time. The mechanism provides that each certificate has a limited period of validity, which can be suspended or revoked. This is a big difference compared to a handwritten signature, which instead has an unchanged legal value over time. It is no coincidence that it is necessary to renew the digital signature, just as it is recommended to place all the documents containing it over time.
This mathematical method, in fact, must be purchased and renewed over time and to do so it is possible to use various suppliers, such as: Aruba, Infocert, Poste Italiane and others that allow you to obtain a free digital signature. Depending on the supplier and the service chosen, it may be necessary to equip yourself with different devices. There are solutions that operate directly on a PC, or, alternatively, the use of a USB port or a digital signature smartcard reader may be required.
Purchase a digital signature
There are several options available to a user interested in acquiring a digital signature: offers and kits that vary based on the price and type of device supplied, but also based on the number of sales mechanisms available. The purchase price of the digital signature generally varies from 20/30 euros to 60/80 euros + VAT, if you also choose to purchase a token, a USB stick or a smart card.
There are also circumstances that allow you to obtain a free digital signature. For example, some professional associations issue digital signatures to their members at no cost. Similarly, the digital signature issued by the Chamber of Commerce when registering a company can also be free.
In any case, the main difference is between smart cards and USB tokens. In both cases these are devices that allow you to «put your digital signature in contact» with a computer.
The digital signature certificate is placed inside a particular device not too different from a SIM card. To communicate the information present in the SIM with a PC you need to have a smart card or a USB token. Consequently, in the first case it will be necessary to have a smart card reader available, in the second case a simple USB port will suffice.
Another aspect to keep in mind is the presence of subscription and authentication certificates. The signature certificate is the one that allows you to sign documents with legal value.
The authentication certificate (CNS), on the other hand, allows you to ascertain the correspondence between the name of any certified entity and the public key of its digital signature. Furthermore, it allows access to certain Public Administration portals and is only available to those who have a digital signature on the device.
There is also a third option, designed for those with special needs. A solution that combines the advantages of remote signature mobility with the CNS authentication certificate. This is the so-called wireless key: a USB token which is also equipped with Bluetooth technology.
How to activate and renew your digital signature
Once you have purchased your favorite digital signature kit, you move on to the next phase: verifying your identity. This verification can occur in different ways:
- Online verification: carried out via webcam or via dedicated mobile apps, available for both Android and iOS operating systems;
- Personal recognition: an appointment is organized with the user;
- Remote identity verification: in this case the Electronic Identity Card, the Health Card or the National Services Card are used. To verify your identity remotely, however, you may need to have a smart card reader for digital signature or a contactless NFC reader.
Once the verification phase is completed, the digital signature is ready to be activated. Simply connect to the supplier’s website and provide the requested data. The information to be entered may vary depending on the supplier: generally it is necessary to send the details of one or more identity documents and the tax code. In addition, the serial code of the smart card may be requested, or perhaps a secret code communicated via SMS.
Digital signature renewal procedures may also vary from operator to operator. Suppliers tend to warn the user well in advance and send all the instructions to follow in the case.
latest posts published
Lokky, the Italian data driven insurtech for professionals and SMEs
An ally for cyber security: Load Balancing
Business Trend 2023 for SMEs, professionals and commercial activities
Occupational risks for pastry shops
How to read a pay slip
What are the most common cyber risks and how to protect yourself
Clinical Risk: What it is and What are the consequences
Commercial activities most affected by theft
October is European Cyber Security Month
