How to obtain an electronic signature (EDS) for an individual entrepreneur: download a sample, sample filling


Public key certificate for electronic digital signature verification - what is it, what is its purpose

The main purpose of an electronic signature verification key certificate is to confirm that the electronic signature belongs to a specific person, the so-called owner of the electronic signature. In practice, a certificate is a kind of passport of the owner of an electronic signature, which indicates the last name, first name, patronymic, SNILS - if the owner of the digital signature is an individual. Or name, location address, INN, OGRN, if the owner of the signature is an organization.

An EDS certificate with a unique number assigned to it is provided by the certification center in electronic form or on paper.

Digital signature from a technical point of view

If you look at an electronic signature from a technical perspective, you will find that it is essentially a special sequence of characters encrypted in a document. Moreover, the signature can be located either inside an electronic file or as a separate application.

By law, there are three types of digital signatures:

  1. Simple . In this case, it serves a completely obvious and banal purpose: proof that the document was written and transmitted by a certain person;
  2. Reinforced unskilled . In addition to confirming authorship, it indicates that no edits or changes were made to the already written document;
  3. Reinforced qualified . This is the most complex type of signature, which is issued in special Certification Centers that have permission from the Ministry of Communications of the Russian Federation. These centers are located in almost all major cities of the country and their list can be easily found on the official website of the Ministry of Telecom and Mass Communications. We can say that this signature is of official origin and only it is suitable for certifying documents sent to government bodies, such as the Federal Tax Service and various extra-budgetary funds.

For your information . When registering an electronic digital signature at an accredited Certification Center, the user receives two types of keys: private and public. The owner must transfer the public key to all organizations and individuals with whom digital documents will be exchanged, and its analogue is given for storage to the Certification Center (thus ensuring the safety of the key and its inaccessibility to intruders). The private key remains in the hands of the owner and serves to confirm documents and ensure that they are sent to recipients.

The last third type of signature is precisely the most correct from the point of view of legal practice. An enhanced qualified digital signature completely replaces the handwritten counterpart and even the organization’s seal. This is what is required when sending documentary reports to the tax authorities, pension fund and other government agencies. However, the value of other types of electronic signatures should not be diminished - they are quite suitable for certifying various business transactions, if this is provided for by the internal regulations of the organization.

Important! Any, even the simplest digital electronic signature, is practically impossible to fake. To carry out the forgery, it would be necessary to perform a huge number of cumbersome calculations, which, even at current computer speeds, would take a lot of time. That is why, despite the fact that manufacturers offer insurance, it is not at all advisable to do so.

Selecting an electronic signature verification key certificate

There are qualified and unqualified EDS certificates. Their difference primarily lies in functionality. For example, an electronic signature with a non-qualified certificate can be used either by an individual - when working with a taxpayer’s personal account, or by supplier companies - when participating in electronic trading.

An electronic signature with a qualified certificate has a wider range of actions: starting from logging into the State Services portal and ending with the signing of any legally significant documents that do not require mandatory paper execution with a manual signature.

How to get a certificate

You can obtain a certificate from a certification center. The choice of center is a personal matter for the applicant; it is not tied to territoriality or other indicators.

The certificate is issued by certification centers subject to the established conditions. You will need to pay the invoice and provide the necessary documents.

For individual entrepreneurs

An individual entrepreneur can act either personally or by proxy. In this case, each individual entrepreneur must provide:

  • certificate of its registration;
  • TIN;
  • extract and Unified State Register of Individual Entrepreneurs (the deadline requirements are the same as for organizations);
  • SNILS.

For individuals

Digital signatures are rarely used by individuals, but every year Certification Authorities are issuing more and more signatures of this type.

The signature can be used, for example, when using a government services portal. The electronic signature allows you to minimize the time required to work with the many services provided by the portal.

An individual will need to provide the CA with:

  • a copy of the identity document (if a passport is provided, then copies of the first sheet and the sheet with the place of registration are made);
  • a copy of SNILS;
  • TIN;
  • a power of attorney, duly certified (in the case where the application is not submitted in person).

Legal entities

Most often, Electronic Signatures are used by organizations. The scope of their application is quite wide - from certification of electronic documents to use when participating in auctions.

Electronic document management saves time and money, speeds up the process of information exchange and acts as a reliable guarantor of compliance with established procedures.

To obtain a signature, the organization will have to provide the following package of documents to the certification center:

  • certificate of state registration of the organization;
  • TIN;
  • an extract from the Unified State Register of Legal Entities (it must be received within the last six months);
  • document confirming the identity of the applicant;
  • SNILS of the applicant.

Tired of the teacher's arbitrariness? Find out where to complain about a school teacher. How to write a reference from your place of residence? Read more.

Read more about the transition of municipal unitary enterprises and state unitary enterprises to the new law in our article.

A power of attorney from the applicant will also be required if it is not submitted by a person who has the right to act on behalf of the organization without a power of attorney.

How to make an unqualified electronic signature key certificate

A non-qualified certificate is issued by any certification center for a fee. It can also be generated by any experienced IT specialist when creating an electronic digital signature using cryptographic programs.

Read about the differences and similarities between unqualified and qualified signatures in our material “What is the difference between the two main types of electronic signatures.”

Types of electronic signature

There are two types of EP:

  1. A simple electronic signature (only allows you to establish the authorship of a document, requires an electronic signature key).
  2. Strengthened electronic signature (formed using special cryptographic algorithms). Can be unskilled or qualified.

A simple electronic signature is used in cases where a seal is not required on a similar paper document. Such a signature can only confirm the identity of the signatory.

An enhanced unqualified EP is characterized by a number of fundamental qualities:

1) obtained as a result of cryptographic transformation of information using an electronic signature key;

2) thanks to the electronic signature and verification key, it helps to determine the authorship of an electronic document and identify changes in the document after it is signed;

3) created using digital signature tools.

If we add two more qualities to these qualities, we get an enhanced qualified electronic signature. At the same time, it would be a mistake to assume that an enhanced qualified electronic signature is at the same time an enhanced unqualified electronic signature.

What two additional features are we talking about?

1) the ES verification key must be contained in a qualified ES verification key certificate;

2) the electronic signature tool, which is used to create and verify, must receive confirmation of compliance with the requirements provided for by law and the FSB for electronic signature tools.

An enhanced qualified electronic signature provides its owner with maximum opportunities from a legal point of view. At the same time, high demands are placed on it.

How to create a qualified digital signature certificate

It is not possible to create an electronic digital signature with a qualified certificate on your own. A qualified certificate is issued only by accredited certification centers. Therefore, to obtain it, you will have to contact one of these centers with an application for a certificate.

You can learn more about the purpose of a qualified signature and the procedure for obtaining it in our article “Strengthened qualified electronic signature - what is it?”

Required documents to obtain an electronic signature

The set of documents that an entrepreneur must submit to the certification center to obtain a qualified signature includes: a general passport, SNILS, OGRNIP and a certificate of registration with the tax authority (on assignment of a TIN). These documents can be either in the original or in the form of certified copies (clause 2 and clause 2.1 of Article 18 of Law No. 63-FZ).

REFERENCE.

The entrepreneur can certify copies of documents for the certification center independently. For information on how to do this, read the article “How to properly certify a copy of a document.”

Entrepreneurs who do not have a general passport of the Russian Federation can also obtain an electronic signature. To do this, citizens of the Russian Federation will need a temporary identity card. It is issued by the Ministry of Internal Affairs in case of loss of a passport and in other cases when the passport is temporarily removed from the possession of a citizen (change of place of residence, surname, etc.). And foreigners present a foreign passport with a notarized translation into Russian.

Order an electronic signature for remote submission of documents to the court Receive in an hour

Application for an electronic signature verification key certificate - sample completion

An application for the issuance of a certificate is drawn up as an annex to the agreement for the purchase of an EDS key certificate. Each accredited center has its own form for filling out this application, but the information entered into it is the same.

To clearly see what this document approximately looks like and what information will be needed to fill it out, we have prepared for you a sample of an already completed application (see below).

Renewal of digital signature certificate

The term of digital signature certificates issued by certification centers is limited and is 12 months (year), regardless of whether the certificate is qualified or unqualified. Some large accredited centers can issue a certificate for 15 months. But not more. Once the specified period of the certificate expires, the electronic signature will become invalid.

If you plan to use an electronic signature after the expiration of the established period of the certificate, then you must submit an application to extend its validity period to the certification center that issued this certificate, draw up an additional agreement and pay the invoice issued by the center.

What is the difference between a qualified signature and an unqualified one?

The difference lies in the order of signatures and the severity of the checks that are carried out.

The rules for issuing certificates of unqualified signatures are determined by regulations or agreement of the parties in the information system where this digital signature is used. An entrepreneur can make an unqualified signature independently using appropriate software. It can be built into, for example, a program for receiving and sending emails. If the required program (or specialists capable of working with it) is not available, such a signature can be issued through a certification center.

IMPORTANT.

It is possible to use an unqualified digital signature only on the basis of the preliminary agreement of the parties, or by virtue of a direct indication of the law. Without this, an unqualified signature has no legal force.

You can only obtain a qualified electronic signature from a certification center that is licensed and accredited. This ensures that the signature itself complies with mandatory encryption standards and is resistant to hacking. In addition, the certification center must comply with procedures related to establishing and confirming the identity of the individual entrepreneur to whom the signature is issued.

IMPORTANT.

An enhanced qualified electronic signature gives documents legal force without any additional conditions. This type of signature is used, for example, to communicate with government agencies and to access trading platforms within the framework of government orders. Also, the UKEP is needed so that an entrepreneur affected by the coronavirus can receive a non-repayable subsidy from the state (see “Interest-free loan for salary payments: who can get it and how to apply”).

Order an electronic signature to receive a non-refundable subsidy from the state Submit an application

Reissue of digital signature certificate

Sometimes situations arise when the owner of an electronic signature loses a USB drive, changes his personal or legal details, or the law makes changes to the requirements for electronic signatures. In such cases, the certificate will need to be reissued. In most cases, this service is provided by certification centers on a paid basis. And changing the details again or losing USB keys is financially unprofitable. True, some certification authorities offer, which allows you to re-issue it at a lower cost up to a certain date during the validity period of the certificate.

If the EDS certificate is reissued, you won’t be able to simply update it—you’ll have to install it again. To install a new certificate, you will need the CryptoPro CSP program, located in the “Start” menu - “Settings” - “Control Panel”. In this program, on the “Service” tab, you can install a new certificate either through the “View certificates in the container...” button, or through the “Install personal certificate...” button. Next you need to follow the instructions of the program. Additionally, you can use the detailed instructions provided by the websites of accredited centers.

What does the CEP consist of?

From a technical point of view, several elements are recorded on the media that you ultimately receive for use, all together making up the CEP. Namely, the creation of a qualified electronic signature includes the release of the following elements:

  1. KEP key , which is a unique set of characters that is necessary to create the signature itself;
  2. CEP verification key , which is another unique set of characters used to establish the authenticity of the ES key;
  3. qualified verification key certificate . Let's take a closer look at what it is;

To use a qualified electronic signature, you need to obtain a medium with the above information recorded on it from the Certification Center, install the CryptoPRO software on your work computer (i.e. CIPF, which will also be provided to you by the certification center) and get to work.

How to remove old digital signature certificates

Removing old digital signature certificates will be much easier than installing or updating new ones. To do this, you need to go to the “Certificates” program through the “Start” menu - “Programs” - “Crypto-Pro”, open the “Personal” subfolder, select the old certificate, right-click and select the “Delete” function from the menu that appears. The certificate will be deleted.

But experts do not recommend doing this, since outdated certificates may be needed to view previously signed documents and reports. For example, if old certificates are deleted, it will no longer be possible to view reports and letters sent using them via TCS. And you will have to contact accredited centers with a request to provide remote certificates.

In order for old certificates to be saved in electronic form, but not to appear in the list of valid certificates, instead of deleting the certificate, simply open it by double-clicking the left mouse button and in the window that appears, on the “Composition” tab, click on the “Properties” button. In the new window, move the checkbox to “Allow only the following assignments” and uncheck the “Client authentication” checkbox. This way, the old certificate will be preserved, but it will no longer interfere with the use of existing certificates.

Obtaining an electronic signature for electronic interaction with the Federal Tax Service

To send electronic documents to the Federal Tax Service, a taxpayer - a legal entity or an individual entrepreneur - should use an enhanced qualified digital signature. The algorithm for obtaining a verification key certificate is described in the previous section.

Since July 1, 2015, individuals have been able to exchange electronic documents with the Federal Tax Service through the taxpayer’s personal account. In this case, all files sent by an individual must be certified with a non-qualified digital signature (clause 2 of Article 11.2 of the Tax Code of the Russian Federation). An unqualified signature certificate can be installed for free from your personal account in the “Profile” section using the link “Obtaining an electronic signature verification key certificate.” The certificate is valid for 1 year, after which you need to generate a new document according to the scheme described above.

The possibility of EDI through a personal account does not apply to individual entrepreneurs, notaries and lawyers engaged in private practice.

How long should I keep the digital signature certificate?

Does the owner of an electronic signature need to store digital signature certificates after their expiration? Yes, it is advisable to keep them in electronic or paper form, since they can be useful at any time to confirm the legal validity of documents previously signed with them. When determining the storage period for an EDS certificate, you can rely on the statutory storage periods for documents in paper form. You can familiarize yourself with them in our article “Basic storage periods for documents in an organization (archive).”

But let us remind you once again that this is only a recommendation for digital signature owners. The obligation to store certificates is legally assigned to the accredited certification centers that issued them (Clause 1, Article 15 of the Law “On Electronic Signatures” dated April 6, 2011 No. 63-FZ). The storage period for issued certificates is limited only by the period of activity of the accredited center. That is, while the accredited center is working, you can at any time request information from it about previously issued certificates. But as soon as the certification center ceases its activities, the obligation to store certificates is removed from it.

In the future, it is planned to transfer the storage of all issued certificates under the control of a single state database in order to minimize the risk of their loss in the event of termination of the activities of accredited centers. But so far there is no such storage system, so behind the scenes, responsibility for the safety of the certificate lies entirely with its owner.

Use of electronic signature in judicial practice

The use of an electronic signature sometimes complicates legal proceedings. The chief accountant can certify the statements instead of the manager, and the lawyer can certify the application for the court instead of the plaintiff. Similar violations occur when using client-bank software, when payment orders are not sent by the owner of the electronic signature.

When considering claims for unlawful debiting of funds from an organization’s current account, the court recognizes the correctness of the bank’s action, since the electronic signature is correct, and considers the transfer of signature rights to a third party as a violation of contractual relations and customer service rules.

A similar practice occurs when participating in electronic government auctions. If an organization does not sign a won contract in a timely manner, it is recognized as a party that has evaded concluding a contract and is entered into the register of unscrupulous suppliers. In judicial practice, there are also frequent cases when an organization is entered into the register because of a contract signed by a person who does not have the right to certify such documents.

In civil legal relations, disputes between counterparties arise about the legality of documents signed by electronic signatures of unauthorized persons. When making a decision, the court proceeds from checking the validity of the electronic signature certificate.

The legislation of the Russian Federation does not directly prohibit the transfer of electronic signatures to third parties with the consent of the owner, and in the event of controversial situations, the court recognizes the owner of the signature as the person who signed the document. All responsibility for the use of the digital signature lies with the owner of the certificate, and if the key is compromised, he is obliged to contact the CA with an application to suspend the signature. In controversial cases, such an appeal can serve as evidence of damage caused not by the owner of the signature, but by a third party.

Reasons for revocation of an EDS certificate

In addition to the cancellation of an electronic digital signature certificate due to the expiration of its validity period and its revocation by the owner of the electronic signature, there are several other reasons why the certificate may become invalid (clause 6, clause 6.1 of Article 14 of Law No. 63-FZ):

  • liquidation of an accredited center if its functions have not been transferred to other certification centers;
  • the owner of the certificate owns an EDS key that does not correspond to the EDS key registered in the issued certificate;
  • the electronic signature issued by the certificate is already used under another certificate;
  • a court decision was made on the unreliability of the information included in the digital signature certificate;
  • other cases established by law or agreement between the accredited center and the certificate holder.

What is an electronic signature and why is it needed?

According to Article 2 of the Federal Law of 04/06/11 No. 63-FZ, an electronic signature (EDS - from the old name “electronic digital signature”) is the information that is needed to identify the person signing information in electronic form.
Simply put, an electronic signature is an additional block of data that is attached to an electronic document being signed in order to certify its author. For more information about the mechanism of action of an electronic signature, see “Electronic digital signature (EDS): types and their differences.” Order an electronic signature certificate according to the new GOST

Rating
( 2 ratings, average 4.5 out of 5 )
Did you like the article? Share with friends:
For any suggestions regarding the site: [email protected]
Для любых предложений по сайту: [email protected]