Using a Simple Electronic Signature in Documents


What does the digital signature look like on a document?

An electronic signature is a unique sequence of characters. It acts as a mandatory requisite placed on official electronic documents. Reliable cryptographic methods and mathematical calculations are used to generate the signature, and the software is FSB certified.

There are 3 types of digital signature:

  • simple;
  • unskilled;
  • qualified.

A simple electronic signature (SES) is a code or password created by the system and sent to the user’s phone or email address. Typically used on websites to confirm an action. An unqualified signature (NES) differs in that it requires confirmation of the client's identity and is formed using a cryptographic transformation.

The most reliable is a qualified digital signature (QDS). It is confirmed by a verification certificate, has a private and public key, and gives the document full legal force.

A key certificate is a file with a .crt extension that contains information about the owner, the certificate's thumbprint, and the validity period of the signature.

An electronic signature on a document looks like:

  • a sequence of letters or numbers that corresponds to the key specified in the certificate;
  • a graphic picture or stamp indicating the signature of the certificate owner.

The most reliable is the invisible ES, which is not visually detected. It is used when creating MS Word, Excel documents, and is generated automatically. You can determine its presence by the mark that appears in the “status” column.

An example of what an enhanced qualified electronic digital signature looks like is an extract from the Unified State Register of Legal Entities certified by the Federal Tax Service. The signature here is a stamp indicating the certificate number, owner, and validity period of the electronic signature.

Sample:

What does a document signed with digital signature look like:

How to get an electronic signature

Let's consider what steps need to be taken to obtain an electronic signature for individuals and legal entities.

Receipt of electronic signature by an individual

The easiest way for individuals is to apply to obtain an electronic signature at the MFC. All you need to do is make an appointment and provide a number of documents:

  • application for the production of a qualified certificate;
  • identification document (passport), as well as copies of the photo page and registration page;
  • pension card - SNILS;
  • certificate of assignment of TIN.

Individuals can receive a simple electronic signature for free, while they will have to pay for an enhanced electronic signature.

You can also issue a certificate at a special certification center. The cost of the certificate depends on the tariff plan. You can apply for a certificate online and then visit the center. To do this you need:

  • register on the center’s website;
  • choose a tariff plan and pay the bill;
  • arrive at the center at the appointed time and provide your passport, INN and SNILS.

Receipt of electronic signature by legal entities or individual entrepreneurs

Legal entities also receive qualified digital signature certificates from a certification center or MFC. The list of accredited certification centers can be found on the website of the Russian Ministry of Telecom and Mass Communications. Since it is impossible to obtain an electronic signature remotely, you should choose a center that has a branch in your city.

You will need the following documents:

  • Application for production of electronic signature. When you contact the certification center, you will be provided with an application form, and at the MFC you can fill out an application on the government services website.
  • Extract from the Unified State Register of Legal Entities or Unified State Register of Individual Entrepreneurs. You can get one on the Federal Tax Service website.
  • For legal entities, you will also need a copy of the charter, and for individual entrepreneurs - a passport and SNILS.

If a representative receives an electronic signature, he will also have to provide a power of attorney from the authorized representative to receive a signature and his passport.

After checking the documents by the certification center’s specialists, the certificate will be issued within 4-10 working days. To get it faster, you can pay an urgent rate.

The period for which an ES certificate is issued is usually one year. If the electronic signature has not yet expired, it can be renewed using a valid certificate. If the previous certificate has expired, you will have to re-apply and provide a complete package of documents. However, signed documents are considered valid even after the expiration of the digital signature verification key certificate.

The owner of the electronic signature is issued a specialized digital medium - a USB token, which looks like a regular flash drive, and a certificate in paper and electronic versions. To work with an electronic signature, you will need to install special software on your computer.

What does the stamp on ED imaging include?

According to GOST R-7.0.97-2016 dated July 1, 2018, the electronic signature form must contain a new form with the “electronic signature mark” attribute. It is mandatory for any ED when it is visualized, scanned or printed in the place where a signature is usually affixed on paper by hand.

The mark is placed on a document signed with an electronic signature, which is:

  • printout of the electronic contract;
  • printout of the protocol of consideration of applications and their assessment for participation in bidding on the ETP;
  • responses to requests from regulatory authorities.

The electronic signature stamp must include the following details:

  • signature key certificate number;
  • Full name of the owner of the digital signature;
  • expiration date of the certificate;
  • a phrase stating that the document is signed by an electronic signature.

Additionally, the stamp may contain the following emblem:

According to the requirements of the standard, the electronic signature mark must be readable, and its elements must not intersect or overlap each other.

How to mark

Typically, two options are used to mark an electronic signature:

  • making a stamp and then inserting it into copies;
  • setting up a signature in MS Office.

To set up a digital signature via MS Office, in an open document, go to the “Tab” submenu and select “Signature Line”:

Next, select “signing”:

If a stamp is made, then it is inserted into the copy in the usual way by inserting a picture or drawing and placed in the desired place.

GOST EDS

In 1994, GOST R 34.10-94 was developed, which became the first Russian standard for digital signatures. In 2002 it was replaced by GOST R 34.10-2001. This standard is based on elliptic curves. According to him, the concepts of “digital signature” and “digital signature” have become synonymous. And on January 1, 2013, GOST R 34.10-2012 was introduced, which is also based on elliptic curves.

The process of transition to the new standard has already begun, but not all trading platforms and state portals are abandoning the previous GOST. However, holders of digital signatures valid until December 31, 2018, from January 1, 2021, cannot renew signatures under the old standard. This means that this year signatures corresponding to both GOSTs will be in effect.

We will select an electronic digital signature for your business, install and configure it in 1 hour!

Leave a request and receive a consultation within 5 minutes.

What is a time stamp

Clients of the CryptoPro TSP system can additionally receive time stamps. The signed data is the hash function value and the time the stamp was affixed. The requisite is associated with the ED for which it was issued and ensures its integrity.

To issue a stamp and implement a service based on CryptoPro, you need to create a separate TSP server and add CryptoPro TSP Client to the workstation software.

Advantage of time stamp:

  • recording the time of ED creation;
  • recording the time of digital signature formation;
  • recording the time of the ED processing operation;
  • long-term storage of digital signature (even after the expiration of the user’s digital signature certificate).

When opening a document and viewing information about the digital signature, the time stamp will look like this:

Working with the TSP protocol is simple, and is based on interaction with the server using the “request-response” type. The user creates a request, sending it to the server, and receives a response that contains the generated time stamp. If an error occurs, the response will contain an error code instead of a stamp.

Is compliance with GOST mandatory or not?

There is a GOST for electronic signature. In the unified register it is listed under number 7.0.97-2016. The standard contains rules for the generation of documents both in paper and electronic form, and addresses issues such as:

  • location on the media of the necessary details;
  • requirements for the creation and execution of electronic documentation, including the use of IT.

GOST rules are regulated by Article 26 of Federal Law 162 dated June 29, 2015. Article 6 of Federal Law 162 provides for the mandatory use of standardization documents for defense products, state. orders for goods and services used for data protection, as well as for providing information related to nuclear energy, etc.

Based on regulatory documents, GOST requirements on information standards are not mandatory and their non-compliance does not violate current legislation.

Digital signature for individuals

For individuals, digital signature is a convenient tool for interaction with universities, employers, government agencies and other organizations. An electronic signature allows an individual to perform the following actions:

  • submit a 3-NDFL declaration on the Federal Tax Service website;
  • register as a legal entity or individual entrepreneur with the tax office;
  • receive services provided by government agencies;
  • send electronic documents upon admission to a higher education institution;
  • sign an employment contract;
  • apply for a loan online and more.

Depending on the scope of use, an individual can receive any type of digital signature.

Loss of legal significance of electronic signature

An official document has legal force and legal significance. The first term means that the document has legal consequences. Significance is a proof of business activity.

The Federal Law on Electronic Signatures specifies that in EDI a document is certified using special technologies and electronic signatures. To have legal force and serve as proof of action, the ED must have the following details:

  • name;
  • number;
  • indicating the full name of the author of the signature, the name of the company and the person authorized to sign;
  • date of compilation;
  • signature.

The law also prescribes three types of electronic signature, the characteristics of each of them, legal force, method of receipt and validity period. According to the bill, only documents signed with a qualified electronic signature have legal force. The NEP gives legal force to e-documents if there is a separate agreement between the participants of the e-document flow.

The digital signature loses its legal force in the following cases:

  • the signature was made by a person who does not have the right to act on his own behalf or on behalf of the organization;
  • the ED does not contain all required details;
  • the format and method of transmitting ED is not followed;
  • the certificate will expire at the time of signing or verification of the ED;
  • The electronic signature was used in violation of the information specified in the certificate.

The agreement between the EDF participants prescribes the requirements for recognizing the equivalence of documents with electronic signature and on paper, and their violation also leads to the loss of the legal significance of the document. Typically these include:

  • mandatory sending of ED from a secure mailbox, access to which only the owner of the signature has;
  • the public key must be enclosed in the letter;
  • the mail service should have limited access.

The same conditions are used for corporate digital signature. Working with public postal services reduces the legal force of a simple signature and makes it impossible to use it to certify documentation.

Types of digital signature

As noted in Art. 5 FZ-63, a digital signature can be simple or enhanced. A simple one is created using codes, passwords and other means confirming the formation of an electronic digital signature by a specific person. CIPF is used to create an enhanced signature. Enhanced digital signature is divided into the following types:

  • unskilled (NEP);
  • qualified (KEP).

In accordance with paragraph 3 of Art. 5 FZ-63, NEP is characterized as follows:

  • formed by cryptographic transformation of information;
  • helps identify the owner;
  • makes it possible to identify what changes were made to the document after signing;
  • formed using electronic means.

The CEP has all the characteristics of the NEP, but is additionally confirmed by a qualified certificate, which contains the key for its verification. The main advantage of the CEP is that documents certified with its help will have legal force in all authorities, including courts, government agencies and other bodies. According to paragraph 2 of Art. 17 FZ-63, the qualified certificate includes the following information:

  • his number;
  • Full name of the owner (for individual entrepreneurs or individuals), OGRN (for LLC);
  • insurance number of the owner of the certificate or TIN (depending on the registered form of ownership);
  • verification key;
  • name and location of the CA that issued the signature;
  • restrictions on the use of the certificate (if any);
  • other data according to the applicant's requirements.

To better understand the differences between different types of digital signatures, it is worth familiarizing yourself with their main characteristics presented in the table.

Type of digital signatureFormation orderScope of use
SimpleCreated based on ready-made software productsApplicable within the enterprise
Reinforced unskilledIssued in centers without certificationApplied in different instances, not recognized in courts
Reinforced qualifiedIssued exclusively in accredited certification centers, has a certificateRecognized by all authorities and distinguished by the highest degree of protection

1. Ask our specialist a question at the end of the article. 2. Get detailed advice and a full description of the nuances! 3. Or find a ready-made answer in the comments of our readers.

Use of electronic signature in judicial practice

The use of an electronic signature sometimes complicates legal proceedings. The chief accountant can certify the statements instead of the manager, and the lawyer can certify the application for the court instead of the plaintiff. Similar violations occur when using client-bank software, when payment orders are not sent by the owner of the electronic signature.

When considering claims for unlawful debiting of funds from an organization’s current account, the court recognizes the correctness of the bank’s action, since the electronic signature is correct, and considers the transfer of signature rights to a third party as a violation of contractual relations and customer service rules.

A similar practice occurs when participating in electronic government auctions. If an organization does not sign a won contract in a timely manner, it is recognized as a party that has evaded concluding a contract and is entered into the register of unscrupulous suppliers. In judicial practice, there are also frequent cases when an organization is entered into the register because of a contract signed by a person who does not have the right to certify such documents.

In civil legal relations, disputes between counterparties arise about the legality of documents signed by electronic signatures of unauthorized persons. When making a decision, the court proceeds from checking the validity of the electronic signature certificate.

The legislation of the Russian Federation does not directly prohibit the transfer of electronic signatures to third parties with the consent of the owner, and in the event of controversial situations, the court recognizes the owner of the signature as the person who signed the document. All responsibility for the use of the digital signature lies with the owner of the certificate, and if the key is compromised, he is obliged to contact the CA with an application to suspend the signature. In controversial cases, such an appeal can serve as evidence of damage caused not by the owner of the signature, but by a third party.

Digital signature for individual entrepreneurs

The digital signature for individual entrepreneurs, in addition to basic information, contains data on the registration number of the entrepreneur. For each employee, you will need to issue an electronic signature for individuals. With the help of a digital signature, an individual entrepreneur will be able to:

  • submit reports online;
  • participate in government procurement, tenders, auctions;
  • register an online cash register with the Federal Tax Service;
  • work with EGAIS and so on.

If it is not the entrepreneur himself who applies for a signature, but an authorized person, you will need to present a notarized power of attorney.

Rating
( 2 ratings, average 5 out of 5 )
Did you like the article? Share with friends:
For any suggestions regarding the site: [email protected]
Для любых предложений по сайту: [email protected]