My business is Franchises. Ratings. Success stories. Ideas. Work and education
About the site Contacts
Menu
Contacts
Site search

home Magazine Enhanced Qualified Electronic Signature Certificate. (EDS) electronic signature for public services, creation and receipt

Enhanced Qualified Electronic Signature Certificate. (EDS) electronic signature for public services, creation and receipt

The concept of a qualified electronic signature (QES), introduced in Federal Law No. 63-FZ of 2011, has significantly expanded the scope of this attribute, which confirms the authenticity and immutability of an electronic document. CEP today is issued not only to organizations, but individual entrepreneurs and, as well as ordinary citizens, individuals who can, using electronic signature:

  • submit documents to in electronic format(declarations, tax reports, etc.) to state regulatory authorities;
  • take part in electronic trading on online platforms, both commercial and government;
  • Submit reports of securities issuers to corporate information disclosure centers;
  • submit applications and exchange information in the electronic document management system.

According to the legislation, CEP is divided into two subspecies - simple and enhanced. Unlike a regular ES, in which only the username and password of the owner are needed to access the Unified Portal of Public Services and the electronic document management system, the most stringent requirements are imposed by law on the enhanced CEP. It is the use of an enhanced qualified electronic signature generated with the help of modern cryptographic software approved by the FSB of Russia that ensures the protection of a document to such a high degree that, from a legal point of view, it completely replaces a paper document sealed with a signature and a seal.

Obtaining an enhanced CES (ECES) implies issuing a qualified electronic signature key certificate to the user. This requisite confirms that the key for verifying the enhanced EDS belongs to its owner and is usually provided in paper format. The main information in the certificate is the data on the owner, the validity period and the CEP verification key, as well as information on the cryptographic information protection tools used (cryptographic information protection tools) and the details of the certification center, which must be accredited by the Ministry of Communications of Russia. In this case, the certifying organization assumes all obligations to ensure the reliability and authenticity of the UKEC.

Enhanced electronic signature: get and use

The production of a qualified electronic signature is carried out by the specialists of our accredited CA in accordance with the requirements of the Federal Security Service of Russia and the current legislative acts. Working in this area for many years, we can offer our customers the service of issuing ES at a reasonable cost.

Our experts will provide any advice regarding the receipt and use of enhanced electronic digital signature.

In private life, qualified and unqualified electronic signatures are still rarely used by individuals. Much more they are in demand among individual entrepreneurs. You can purchase any of them at the Certification Center.

The difference between a qualified EDS and an unqualified one

Electronic signatures NEP (unqualified) and KEP (qualified) belong to the group of enhanced ones. This means that they are created using cryptographic (encryption) algorithms. This implies a high degree protection of information from unauthorized access - only the person to whom it is addressed can decrypt and read the document. And for this, the recipient must have a certificate of the ES verification key.

From a technical point of view, both a qualified and an unqualified electronic signature protects information well, the difference between them is as follows:

  1. CEP can be used almost anywhere, it is legally equivalent to a handwritten assurance. It is required when working in government information systems ah: FTS, EGAIS, Rosreestr and others. You can get it only at accredited certification centers that use FSB and FSTEC certified software products and technical devices.
  2. The NEP is applied to a limited extent - only on the basis of an agreement between partners. An unqualified electronic signature can be created using any, including foreign, encryption algorithms. The Center that issued it is not required to be accredited, and may not issue a certificate. It is widely used at trading and purchasing sites, including under the law 223-FZ (for state institutions).

A qualified electronic signature for individuals is needed mainly when it is planned or underway entrepreneurial activity. In private use, it is purchased to receive state and municipal services, participate in auctions for the sale of bankrupt property, and communicate with banks online.

Qualified electronic signature for individuals

Purpose of acquiring CEP for individual- an individual entrepreneur is understandable:

  • it makes it possible to submit documents for registration, liquidation, change of entry in the USRIP, fill out and submit 3 personal income tax through Personal Area on the website of the Federal Tax Service;
  • required when submitting reports to the Federal Tax Service, PFR, FSS with the number of employees over 25 people; when selling alcohol - for EGAIS;
  • it is possible to apply for participation in state auctions under 44-FZ and 223-FZ, make requests from the State Property Committee, issue patents in remote access mode.

In other words, if a person wants to work in information systems, where the condition of work is the signing of CEP documents, he is forced to acquire it. Accredited CAs are commercial structures, and in the overwhelming majority they issue both a qualified and an unqualified electronic signature, the difference is in the price and the received certificate. It spells out the scope of EP, beyond which it is impossible to go. Therefore, it is proposed different types certificates, each of which is designed to work in one or more EDMS.

In ordinary life, CEP for individuals may be needed, except when working with the Public Services Portal. You can register on it, get a simple signature (login plus password) - this is enough to send requests and receive background information. So, for example, you can find out your tax debts, but you won’t be able to send a declaration or submit documents for registering an individual entrepreneur.

In modern electronic document management, three types of ES are used - a simple, unqualified, enhanced qualified electronic signature. What is it, we will tell further. Regulates work with EP the federal law No. 63 of 04/06/2011 "On the electronic signature".

Simple ES is the most simplified and common type of user authentication. This includes the well-known login and password entered during registration in almost every Internet resource, and codes that are sent to the client in messages on the phone in order to verify certain actions. The main use of a simple ES is to conduct banking transactions or enter an online system.

An enhanced unqualified electronic signature (NES) serves to confirm the actual formation of the approval by a specific individual or legal entity and the status of the document from the moment it was signed. It is created using the private key of the ES. Its main task is to identify the owner of the electronic signature. You can also use the NEP to check if changes have been made to the original document since it was sent.

NEP is used in the following cases:

  • when creating and processing documentation that does not require a seal imprint - some types of contracts, accounting and tax reporting;
  • internal and external electronic document management(upon prior agreement between the parties);
  • conducting procurement activities under 44-FZ - participation in trading procedures at 6 procurement sites as a performer (supplier, contractor).

In order to obtain the NEP, the user must contact the certification center. The current legislation allows the use of a certificate obtained from a non-accredited CA.

The CA employee issues the public and private keys of the ES to the representative of the organization. The private key must be stored either on a specialized medium protected by a pin code, or under protection in the personal computer of the responsible specialist. The private key allows you to generate an ES, with which documents are signed. The public key is required to verify the authenticity of the ES and is available to all EDF participants.

The CA also issues an ES certificate, which indicates the correspondence of public keys to private ones. However, due to the fact that 63-FZ does not establish requirements for the structure of the NEP, when applying it, the certificate may not be used.

In order for the documentation certified with the help of the NEP to be equivalent to paper copies signed by both parties with “live” signatures, the participants in the document flow must conclude an agreement (agreement) on recognizing the legal force of such an ES and on the procedure for its application.

Qualified electronic signature for legal entities

An enhanced qualified ES, or ECES, is a crypto signature that is created using specialized encryption algorithms and in without fail is confirmed by authorized bodies, such as the FSB (clause 4, article 5 of 63-FZ). Structurally, the UKEP is similar to the NEP, as it is based on a public key system. The main differences between a qualified ES and an unqualified one are:

  • specialized software, certified Federal Service security;
  • qualified certificate an electronic signature verification key, which is issued both in paper and in electronic form in accordance with FSB order No. 795 dated December 27, 2011;
  • obligatory presence of accreditation from the Ministry of Telecom and Mass Communications at the certification center issuing the certificate.

UKEP is used to submit reports to regulatory authorities, to conduct procurement activities and participate in tenders both as a supplier and as a customer, to work with various state information and integrated systems, for internal and external EDI, for file exchange with the tax inspectorate.

The main feature of the UKEP is the fact that it gives the documentation full legal force without signing. additional agreements and agreements, that is, a document signed by CEP is fully recognized as legally significant, in accordance with 63-FZ.

How to get an enhanced qualified electronic signature

Each user, whether a legal entity or an individual, can receive a UKEP only at an accredited CA. A list of such certification centers can be found on the official website of the Ministry of Communications. The responsible specialist must prepare and submit to the CA a complete package of documents, consisting of the following registers:

  • application for a UKEP;
  • an order or instruction from the head of the organization that a particular specialist is vested with the appropriate authority;
  • a copy of the passport or other identification of the future owner of the certificate;
  • copy of TIN;
  • information about the organization in the form of an information card - its name, address, contact details, full name head, organizational and legal form, bank details, tax regime, codes for All-Russian classifier;
  • a power of attorney for the future owner of the certificate in the event that this is not the head of the institution;
  • power of attorney for the representative of the certificate holder;
  • SNILS of the future owner of UKEP.

Many users contact the CA with the question of how to obtain a qualified electronic signature for IP. The procedure for providing the UKEP and a package of documents submitted to the certification center for individual entrepreneurs is similar to other users.

An electronic signature (ES) is information in electronic digital form that can be used to identify an individual or legal entity without his personal presence.

There are two types of electronic signature used in electronic document management:

  • simple electronic signature;
  • enhanced electronic signature (can be qualified and unqualified).

They differ in the degree of protection and scope.

2. What is a simple electronic signature?

A simple electronic signature is, in fact, a combination of login and password, confirmation code by email, SMS, USSD and the like.

Any document signed in this way is not, by default, equivalent to a paper document signed by one's own hand. This is a kind of statement of intent, which means that the party agrees to the terms of the transaction, but does not participate in it.

But if the parties conclude an agreement on the recognition of an electronic signature as an analogue of a handwritten one at a personal meeting, then such documents may acquire legal significance. So, for example, it happens when you connect an online bank to a credit or debit card. A bank employee identifies you by your passport, and you sign an agreement to connect an online bank. In the future, you use a simple electronic signature, but it has the same legal force as a handwritten one.

3. What is an enhanced unqualified electronic signature?

An enhanced unqualified electronic signature is two unique sequences of characters that are uniquely related to each other: an electronic signature key and an electronic signature verification key. To form this bundle, cryptographic information protection tools are used ( Information cryptographic protection tools (CIPF) are tools that allow you to sign digital documents with an electronic signature, as well as encrypt the data contained in them, thereby contributing to their reliable protection from third-party interference. CIPF are implemented in the form software products and technical solutions.

"> CIPF). That is, it is more secure than a simple electronic signature.

By itself, reinforced qualified signature This is not the equivalent of a handwritten signature. It means that the document was signed by a specific person and has not changed since then. But such a signature is usually valid only in conjunction with an agreement on recognizing it as handwritten. True, not everywhere, but only in the document flow with the department (organization) with which such an agreement was signed.

4. What is an enhanced qualified electronic signature?

An enhanced qualified electronic signature differs from an enhanced unqualified one in that cryptographic information protection tools (CIPF) certified by the Federal Security Service of the Russian Federation are used for its formation. And only a certification center accredited by the Ministry of Digital Development, Communications and Mass Media of the Russian Federation can issue such a signature. In this case, the qualified certificate of the electronic signature verification key, which is provided by such a center, becomes the guarantor of authenticity. The certificate is issued on a USB stick. In some cases, you may need to install additional software to use it.

An enhanced qualified signature is an analogue of a handwritten signature. It can be used everywhere, but for use in work with a number of organizations, you need to make additional information into a qualified electronic signature certificate.

How to get an enhanced qualified electronic signature

To obtain an enhanced qualified electronic signature, you will need:

  • identity document;
  • insurance certificate of compulsory pension insurance (SNILS);
  • individual taxpayer number (TIN);
  • main state registration number records of state registration an individual as an individual entrepreneur (if you are an individual entrepreneur);
  • an additional set of documents confirming your authority to act on behalf of a legal entity (if you receive a signature of a representative of a legal entity).

Documents must be submitted to an accredited certification center (you can find them in the list or on the map), whose employee, after identifying you and checking the documents, will write the certificate and electronic signature keys to a certified electronic medium - electronic card or flash drive. You can also purchase cryptographic protection tools there.

The cost of the service for providing a certificate and keys of an electronic signature is determined by the regulations of an accredited certification center and depends, in particular, on the scope of the electronic signature.

5. Does an e-signature have an expiration date?

The validity period of the certificate of the electronic signature verification key (both qualified and unqualified) depends on the cryptographic information protection tool (CIPF) used and the certification center where the certificate was received.

Typically, the validity period is one year.

The signed documents are valid even after the expiration of the certificate of the electronic signature verification key.

6. What is ESIA and why is it needed?

Federal State Information System " one system Identification and Authorization (ESIA) is a system that allows citizens to interact with authorities online.

Its advantage lies in the fact that a user who has registered in the system once (on the gosuslugi.ru portal) does not need to go through the registration procedure on state and other resources each time to gain access to any information or service. Also, to use resources that interact with the ESIA, you do not need to additionally identify your identity and equate a simple electronic signature with a handwritten one - this has already been done.

As the e-government and electronic document management as a whole, the number of resources interacting with the ESIA is growing. So, private organizations can already use the ESIA.

Since 2018, a system for remote identification of clients of Russian banks and users of information systems began to operate, subject to registration with the ESIA and the provision by a citizen of his biometric data (face image and voice sample) into a single biometric system. That is, banking services can be received without leaving home.

There are several levels on the gosuslugi.ru portal account. Using the simplified and standard levels, you sign applications with a simple electronic signature. But in order to access all services, you need a verified account - for this you need to verify your identity, that is, equate a simple electronic signature with a handwritten one.

On the website of the Federal tax service

Individuals, receiving services through a personal account on the website of the Federal Tax Service, use an enhanced unqualified signature, equivalent to a handwritten one. The verification key certificate can be obtained in the personal account itself, but the identification of the person and equating the electronic signature with the handwritten one occurs at the level of entering the personal account: you can enter either using the login and password that are issued during a personal visit to tax office, or using a verified account on the gosuslugi.ru portal, or even using an enhanced qualified electronic signature.

But for individual entrepreneurs and legal entities to receive services (for example, to register an online cash register), an enhanced qualified signature may be required.

On the website of Rosreestr

Part of Rosreestr's services (for example, apply, make an appointment) can be obtained using a simple electronic signature. But most services are provided to those who have an enhanced qualified electronic signature.

For participation in electronic auction

In order to participate in electronic trading, an enhanced qualified electronic signature is required.

avtovsamare.ru - My business - Franchises. Ratings. Success stories. Ideas. Work and education

Mass media registration certificate EL No. FS 77 - 57771 dated April 18, 2014.
Copyright © 2006-2017. All materials are protected by copyright
Mass media "BusinessGarant" is registered by the Federal Service for Supervision of Communications, Information Technologies and Mass Communications