How to obtain an electronic signature from a certification center? Where to buy an electronic digital signature? What does the electronic signature law regulate?

The weather is miserable: rain and snow, piercing wind. Moreover, this process is in the Arbitration Court, for which additional documents are urgently required. If only I could send them there without leaving home... Is something similar familiar to you?

Nowadays, electronic signatures are used by both legal entities and individuals. It is recognized by courts, regulatory authorities and government agencies.

The publication material will allow you to get a clear idea of ​​the process of registration and use of digital signatures.

1. What is an electronic digital signature

Let's start with the basic concept of the article.

Electronic digital signature(EDS) - an analogue of a personal signature, provides the ability to endorse electronic documentation. Serves as a guarantor of its integrity and authenticity.

An electronic signature (ES) allows you to:

• authenticate the source of the message;
• control the consistency of the shipment;
• make it impossible to refuse the fact that a message has been endorsed.

The electronic signature scheme includes two processes: a signature generation algorithm and a verification algorithm.

To better visualize this process, I depicted it schematically.

The question often arises about the legality of such approval. There is a large amount of judicial practice on this matter confirming the legality of digital signatures.

Example

The decision of the Volga-Vyatka Court in one of the cases considered in 2010 is indicative.

Company "A" filed a claim against its partner, company "B" for the return of funds for goods delivered but not paid for. During the transaction, electronic documents certified by digital signature were used.

The defendant explained the lack of payment by saying that the documents presented, certified in this way, are invalid, and therefore cannot serve as a basis for making payments.

The court did not accept the defendant’s explanation, since an additional agreement had previously been signed between the former partners, allowing the use of documentation endorsed by electronic signature within the framework of these contractual relations.

And, therefore, all documents are drawn up properly and have a visa from an authorized person. The court satisfied the claim in full.

Regulation of electronic signatures is carried out within the framework of Federal Law No. 63 “On Electronic Signatures”.

It regulates its use:

• in civil transactions;
• provision of public services;
• providing municipal services;
• performing government functions, etc.

There are some requirements for EP.

The main ones are:

• ease of authentication;
• high difficulty of its forgery.

2. What types of digital signature are there - TOP 3 main types

Varieties of digital signatures are prescribed by law. Article 5 of Federal Law 63 mentions: simple and reinforced. Reinforced, in turn, can be unqualified (UNEP) and qualified (UKEP).

Let's get to know them better!

Type 1. Simple electronic signature

So, a simple electronic “autograph”, formed using special codes (passwords), indicates that the messages being sent have been endorsed.

He is not vested with any other powers.

Type 2. Enhanced unqualified electronic signature

This option is formed in the process of cryptographic transformation of information using an electronic signature key.

Such approval makes it possible not only to identify the author, but also to identify unauthorized adjustments to the sent message.

Type 3. Enhanced qualified electronic signature

This is the most protected species.

It has all the features of UNEP and some additional qualities:

• the verification key is contained in the qualified certificate;
• is created and verified by UKEP using tools approved by the FSB.

3. Where is an electronic signature used - an overview of the main options

Depending on the type, an electronic signature is used in various fields.

Possible areas of application of electronic signature:

Let's look at each use case in more detail.

Option 1. Internal and external document flow

ES is especially in demand in internal and external document flow. Company documentation endorsed in this way is considered approved and becomes protected from adjustments.

With electronic document flow between counterparties, documents signed with an electronic signature receive legal status. Both contracts and primary accounting documents (invoices, etc.) can be certified.

Option 2. Arbitration court

Often, when considering cases in the Arbitration Court, additional evidence may be required, which is allowed to be presented in in electronic format.

Certification of such documents by electronic signature is required by law. Then they have legal force and are equivalent to written evidence on paper.

Today, the arbitration courts of the Russian Federation accept for consideration the following documents certified with digital signature:

• statements;
• petitions;
• reviews.

Option 3. Document flow with individuals

Individuals still rarely sign any documents with a digital signature, although every year this practice is becoming more and more popular, especially among people working remotely.

An electronic digital signature allows them to exchange acts of acceptance and delivery of their services in electronic form. With the help of an electronic signature, individual inventors have the right to submit a patent application on the Rospatent website. Its owners can write an application for state registration of an individual entrepreneur or legal entity directly on the website of the tax department.

Option 4. Public services

The government services portal makes life much easier for Russians. If you want to get full access to the portal services without any problems, issue an electronic signature.

With its help, you can interact with the traffic police, submit applications for a passport, the registry office, etc.

Option 5. Regulatory authorities

Electronic reporting certified using a qualified electronic signature has legal force and is recognized by regulatory agencies.

With its help, reports are submitted not only to the tax office, but also to the Pension Fund of Russia, Social Insurance Fund, Rosstat, etc.

Option 6. Electronic trading

Electronic trading is specialized sites, places where suppliers and buyers meet, transactions for the purchase/sale of services, works and goods are concluded.

To participate in them, you must purchase an electronic signature. Documents signed in this way confirm the reality of the proposals and become legal.

4. How to get an electronic signature - 6 simple steps

You have heard that digital signature allows its owners to perform various legally significant actions without leaving their office or home.

Are you eager to get such a signature and join the ranks of its lucky owners, but don’t know how to do it correctly?

You have come to the right address! In my mini-instructions, I will tell you how to get an EP quickly and correctly.

Step 1. Decide on the type of electronic signature

Before ordering an electronic signature certificate, I recommend answering the question again: “Why do I need it?”

If you plan to use it only for internal electronic document management your company, then a simple or unqualified digital signature will suit you for legal entity.

If you use a signature in external electronic exchange, then you already need a qualified electronic signature.

Step 2. Select a certification authority

Certification center (CA) is a legal entity, one of the statutory activities of which is the formation and issuance of digital signatures.

Choose a CA that is as close as possible to your location. Also pay attention to the cost of services and the production time of the electronic signature.

You may be interested in the “On-site clearance” service, then choose a center that offers this service.

Step 3. Fill out and send the application

The type of signature has been determined, the certification center has been selected, and it’s time for the application.

You can submit it in two ways:

• make a personal visit to the office;
• fill out the form on the center's website.

It contains only the most necessary information: full name, contact information (phone, email).

Having received the application, the CA manager will contact you and clarify all the data necessary for issuing the digital signature, and advise on prices and conditions.

Step 4. Pay the bill

After processing the application by the center’s specialists, you will receive an invoice for payment. As you know, services are usually paid according to the principle “Money in the evening, chairs in the morning”, that is, on the terms of 100% prepayment.

The cost of an electronic signature is on average 5-7 thousand rubles, the minimum price is 1.5 thousand rubles.

It includes:

• generating a signature key certificate;
• necessary software;
• technical support.

You can pay the bill either by bank transfer or in cash.

Step 5. Provide documents

The list of documents depends on the applicant’s status: legal entity, individual entrepreneur, individual.

The table shows the required documents taking into account the applicant’s status:

№	Applicant status	Required documents
1	Entity	Copies: certificate of registration with the Federal Tax Service, confirmation of the authority of the head of the legal entity, the applicant’s passport, SNILS of the certificate owner, power of attorney confirming the authority of the certificate owner, power of attorney to receive the certificate (if not the owner) Original: application for certificate production
2	IP	Copies: certificate of state registration of an individual as an individual entrepreneur, passport, SNILS Originals: application for the production of a certificate, a notarized power of attorney confirming the authority of the owner of the certificate acting on behalf of the individual entrepreneur (if the owner of the Certificate is not an individual entrepreneur), a notarized power of attorney to receive the certificate (if the certificate is received by a representative of the individual entrepreneur)
3	Individual	Copies: SNILS, passport Original: statement

Step 6. Obtaining digital signature

You can get a signature at collection points, of which there are now many. You will find their addresses on the website of the selected center.

An electronic signature is usually produced within 2-3 days. Some CAs provide a service for urgent registration and issuance (within an hour). Having visited the point at the appointed time, providing original documents (for control verification), you will receive your digital signature.

Remember! An electronic signature is valid for a year, after which it requires renewal or reissue.

5. Where to get an electronic signature - review of the TOP-3 certification centers

As usual, I present to you a selection of companies that provide digital signature services.

Today I bring to your attention 3 specialized centers.

The company offers its clients the issuance of various electronic key certificates.

State portals, electronic auction, tenders, government procurement will become available to owners of digital signatures issued by highly qualified Alfa-Service specialists. The company is ready to urgently produce any digital signature and then the procedure for obtaining it will take no more than 10 minutes.

Flexible prices and permanent promotions As part of the loyalty program, companies make digital signature available to everyone.

TC "Takskom" has been operating in the field of electronic document management since 2000. During its existence, the company has established constant cooperation with various organizations, enterprises and government agencies.

Our partners and clients are:

• various ministries and departments (Ministry of Foreign Affairs, Ministry of Economic Development, Federal Tax Service, etc.);
• famous brands (Nokia, Svyaznoy, HeadHunter, etc.):
• credit organizations (Sberbank, Alfa-Bank, etc.);
• Russian Post, etc.

Clients are attracted by the reliability and impeccable reputation of the company and the undeniable advantages that Taxcom has.

Benefits of work:

• there is accreditation;
• a wide selection of electronic signatures for different purposes (request for quotes, construction tenders and so on.);
• experienced specialists;
• a new generation of secure information media.

"Center for Paperless Technologies" was founded in 2016 by separating separate company directions of paperless technologies from Garant-Park LLC.

The center provides a wide range of services in 2 main areas:

• paperless technologies in document management;
• electronic trading.

The company offers its clients an increase in sales thanks to the Center’s online service for selecting auctions according to the parameters they set.

It allows:

• find a suitable tender or procurement;
• monitor trading in the Russian Federation and abroad;
• win more auctions.

6. How to store an electronic digital signature - 3 proven methods

In the modern world, the problem of protecting various information, including electronic signatures, is becoming increasingly urgent.

To preserve it, owners use various methods. I will briefly tell you about the most common ones.

Method 1: Local storage

A very common storage method is local. In this case, the electronic autograph is placed on a computer, for example, in a registry.

Disadvantages of the local method:

• no key mobility;
• there is no way to constantly control the key by its owner.

Method 2: Cloud storage

This method involves storing the key on a remote secure service.

To use it, you must go through strict multi-step authentication, which greatly increases the security of this storage.

Method 3. Storage on tokens

And finally, the third method is tokens.

A token is a device capable of generating a key pair and digital signature. The main purpose of this device is to store electronic keys.

By entrusting your electronic digital signature to a token, you can reliably protect it from intruders.

To use it, you must enter a PIN code. It's almost impossible to find it. In addition, 3 unsuccessful attempts and the token will be blocked.

Advantages of storing digital signature on a token:

• highly reliable storage method;
• PIN code access;
• The PIN code is not transmitted over the network, which means it cannot be intercepted;
• long term of use (5-20 years);
• does not require wiring, power supply, or special readers.

Some additional information you will find out by watching the video.

7. Conclusion

Summarize! In times of complete computerization, an electronic signature is necessary for both organizations and individuals. It saves time and expands possibilities!

An electronic digital signature (EDS) gives its owners access from any convenient place where there is Internet access to a wide range of government services, electronic trading, auctions, electronic reporting, etc.

Bank guarantee to ensure the execution of a contract - how to obtain a bank guarantee: instructions for registration for beginners + 3 useful advice how to check a bank guarantee

Electronic signature (ES) is a software-cryptographic tool that provides:

• checking the integrity of documents;
• confidentiality of documents;
• identification of the person who sent the document

An electronic signature is used by individuals and legal entities as an analogue of a handwritten signature to give an electronic document legal force equal to the legal force of a paper document signed with the handwritten signature of an authorized person and sealed.

Electronic document is any document created using computer technology and stored on computer-processed storage media, whether a letter, contract or financial document, diagram, drawing, drawing or photograph.

Benefits of using ES

The use of electronic signature allows you to:

• significantly reduce the time spent on completing a transaction and exchanging documentation;
• improve and reduce the cost of the procedure for preparing, delivering, recording and storing documents;
• guarantee the accuracy of documentation;
• minimize the risk of financial losses by increasing the confidentiality of information exchange;
• build a corporate document exchange system.

It is impossible to forge an electronic signature - this requires huge amount calculations that cannot be implemented with modern level mathematics and computer science in an acceptable time, that is, as long as the information contained in the signed document remains relevant. Additional protection against forgery is provided by certification of the public signature key by the Certification Authority.

With the use of electronic signatures, work according to the scheme “developing a project in electronic form - creating a paper copy for signature - sending a paper copy with a signature - reviewing a paper copy - transferring it electronically to a computer” becomes a thing of the past.

Three types of electronic signature

Electronic signatures are divided into three types by the 2011 law.

• Simple signatures are created using codes, passwords and other tools that allow you to identify the author of the document, but do not allow you to check it for changes since the moment it was signed.
• Strengthened unqualified signature created using cryptographic tools and allows you to determine not only the author of the document, but also check it for changes. To create such signatures, a certificate from an unaccredited center can be used, or you can do without a certificate altogether if the technical means allow you to comply with the requirements of the law.
• Enhanced Qualified Signature is a type of reinforced one, it has a certificate from an accredited center and was created using funds confirmed by the FSB.

Simple and unqualified signatures replace a signed paper document in cases specified by law or by agreement of the parties. For example, simple signatures can be used by citizens to send messages to authorities. Enhanced signature can also be considered as an analogue of a document with a seal.

Qualified signatures replace paper documents in all cases except where the law requires a paper document only. For example, with the help of such signatures, citizens can receive government services electronically, and public authorities can send messages to citizens and interact with each other through Information Systems. Previously issued digital signature certificates and documents signed with their help are equivalent to qualified signatures.

Foreign electronic signatures are equated in Russia to the types of signatures to which they correspond.

A simple electronic signature, unlike the previous electronic digital signature, is not intended to protect a document from forgery. It does not allow detecting possible distortion of the content of the document. Its only function is to confirm the fact of the formation of an electronic signature (and not the document itself!) by a certain person.

An enhanced electronic signature serves the purpose of identifying the person who signed the electronic document, as well as detecting the fact that changes have been made to the document after it has been signed. It is this signature (in two forms - unqualified and qualified) that is analogous to the previous electronic digital signature.

Since a simple electronic signature requires the use of codes, passwords or other means, it will become clear what can be considered an electronic signature and what does not. Obviously, in case email The role of an electronic signature cannot be played by the sender's name, manually placed after the text, since it does not depend in any way on the password using which the sender generated and sent the letter. Information indicating the person on whose behalf the document was sent could probably be the message ID in combination with the IP address of the sender's computer, indicating that the message was created as a result of accessing the mail system, accompanied by entering a password belonging to a certain to the user. The sender's email address and sender's name can be considered a signature only if the information system operator ensures their authenticity, because the postal protocol allows you to specify any name and any return address, and some postal systems do not impose any restrictions here.

Digital signature means

EDS means are hardware and (or) software, providing the implementation of at least one of the following functions:

• creating an electronic digital signature in an electronic document using the private key of the electronic digital signature,
• confirmation using the public key of an electronic digital signature of the authenticity of an electronic digital signature in an electronic document,
• creation of private and public keys of electronic digital signatures.

Cryptographic basis

The basis of an electronic signature is public key cryptography. With its help, a special user certificate is generated. It contains user data, a public key and an electronic signature of the certificate, which can be verified using the public key of the certification authority. The algorithm guarantees that only a certification center that has a secret encryption key and trust in which is the basis for the operation of the entire digital signature system can generate a signature.

Trust in certification centers is based on a hierarchical principle: the certificate of a lower-level certification center is certified by the electronic signature of a higher-level certification center. The highest level of certification centers is federal, which is under the control of government agencies. The entire trust system built on certificates forms the so-called public key infrastructure (PKI). With such an infrastructure, it is necessary to check not only the legitimacy of the key of the certification authority that issued the certificate, but also all higher-level certification authorities. In particular, when forming an electronic transaction, it is necessary to check not only the mathematical correctness of the digital signature, but also the validity of the entire chain of certificates involved in the production of the signer’s certificate at the time he signed a specific electronic document.

To participate in procurement procedures, you must have an electronic signature. What types of electronic signatures are there, what affects the cost of the signature and what package of documents must be prepared to obtain it? Read more.

Certification authorities

Certification Authority (Certification Authority)(eng. Certification authority, CA) - an organization that issues electronic digital signature key certificates.

Chronicle

2018

Russia is working on an alternative to digital signature for identification on the Internet

The Ministry of Telecom and Mass Communications proposed introducing a single key verification certificate for digital signatures

At the beginning of April 2018, information appeared that the powers of users of electronic digital signatures could be enshrined in a single key verification certificate of an enhanced qualified digital signature. The Ministry of Telecom and Mass Communications of Russia published a corresponding bill on the portal of draft legal acts.

The explanation to the draft law states that according to the current state of affairs, digital signature users are individuals and legal entities, government bodies and officials - cannot access the information systems of various departments, since they require the presence of object identifiers (OID) in a qualified certificate.

At the same time, certificates issued by accredited Ministry of Telecom and Mass Communications of Russia, as the authors of the bill note, cannot be used to verify electronic signatures in the information systems of such individual departments.

OIDs are not included in single certificates, so there are many companies on the market selling qualified key verification certificates that are designed to work with a single authority and therefore cannot work with others.

Now the Ministry of Telecom and Mass Communications proposes to introduce the concept of “authorized certificate”, which will contain both the user’s OID and information about his powers. Thus, the problem of multiple certificates - if the bill is adopted - will be removed.

Read the text of the bill of the Ministry of Telecom and Mass Communications of Russia "On Amendments to the Federal Law "On Electronic Signatures", the Federal Law "On the Protection of the Rights of Legal Entities and Individual Entrepreneurs in the Execution of state control(supervision) and municipal control" and the Federal Law "On accreditation in the national accreditation system"" can be found at the link.

2013: The government simplifies the use of a simple electronic signature when providing public services

The head of the Russian government, Dmitry Medvedev, signed Resolution No. 33 at the beginning of 2013, describing the procedure for using a “simple electronic signature” in the provision of state and municipal services in addition to the already used enhanced electronic signature.

Although the term “simple electronic signature” was first used in the Law “On Electronic Signature” adopted in 2001, its description first appeared in Resolution No. 33. According to the text of the document, its key will be a combination of identifier and password, and the identifier will be the insurance number of the personal account of an individual or the head of a legal entity.

Unlike the simple electronic signature introduced by the regulation, the already existing “enhanced electronic signatures” are created using cryptographic tools and include a certificate from an accredited certification authority, which gives it the force of a traditional paper document with a handwritten signature.

A simple electronic signature, on the contrary, does not require a certificate during its creation, thus excluding from the process of its creation the chain of both final certification authorities and the Rostelecom root CA.

At the same time, citizens who have received a simple signature will be spared the need to use an electronic key on a flash drive when accessing the Public Services Portal, which is required when using an enhanced signature.

Resolution No. 33 describes the requirements for a simple electronic signature password, which must consist of at least eight characters, including letters and numbers, and cannot contain the characters “*” or “#”. Interestingly, signature users have the right to change the key themselves using personal account on the Unified Government Services Portal.

2012

Waiting for the distribution of a SIM card with digital signature

According to a study published in September 2012 by research firm TechNavio, the two-factor authentication market will grow at a CAGR of 20.8% from 2011 to 2015. Two-factor authentication implies that in order to access information, the user must not only enter a password, but also have a certain device or program that can be used to confirm access rights. A classic example is online banking, where to confirm the operation you must not only enter a password, but also enter a one-time code sent via SMS or generated by a special program on your computer.

According to analysts, the next stage in the development of these technologies will be authentication using mobile phones, when an electronic digital signature is “sewn into the SIM card” of the device, with the help of which the user can carry out legally significant actions. For example, such a mechanism has already been implemented in Estonia. Another option for technology development is the creation of smart cards, which are electronic identity cards.

The spread of technology will be facilitated by the introduction of short-range wireless communication NFC into phones. Thus, a mobile phone can be used instead bank card when paying for goods in a store or at a checkpoint to an area with limited access. However, market development will be hampered by security considerations and the actions of regulators who impose certain requirements for the transfer and protection of confidential data.

Among the leading manufacturers of two-factor authentication solutions, TechNavio researchers name Entrust, Gemalto, RSA Security and VASCO Data Security.

Second-tier developers include ActivIdentity, CryptoCard, Deepnet security, Equifax, PhoneFactor, SecureAuth, SecurEnvoy and SafeNet Inc.

Permission for government agencies to submit documents to the government electronically using an electronic signature

According to his message, the Government approved the draft changes made by the Ministry of Communications and Mass Communications. Thus, documentation between government and executive power, as well as by the government apparatus will be entered electronically using an electronic digital signature.

Denis Kuskov, CEO of the Telecom Daily analytical agency, in a conversation with a TAdviser correspondent, said that the creation of an internal secure electronic document management system would greatly make life easier for departments and ministries.

“If we talk about the project from an IT point of view, the development, implementation, and configuration of a system of this scale and complexity, as well as with similar security requirements, can cost hundreds of millions of rubles. This includes digital signature keys,” Kuskov said. “Currently there is quite high competition in the market for such systems, so the state can reduce the costs of the project quite seriously.”

According to Kuskov, in the absence of any obstacles, the development, implementation and debugging of the EDMS and keys can take about a year.

Kuskov is confident that each department or institution will need a maximum of 20 digital signature keys. The Cabinet of Ministers consists of 21 members.

In July 2012, it became known that in the fall the Federation Council intends to conduct an audit of the preparation of regulations relating to the creation of a unified electronic digital signature (EDS). As the media found out, if the senators are not satisfied with the results of the audit, they will come up with a legislative initiative to introduce a single digital signature. (Previously, the Government of the Russian Federation extended the validity of the Law “On Electronic Digital Signature” for another year). Experts are not sure that the idea will be implemented: we are talking about a huge business, covering which will not be profitable for either certification centers or officials.

For the first time, the question that the current law on digital signature needs to be supplemented with amendments allowing officials to use one signature for all information systems was raised by senators back in April 2011. The Federation Council eventually approved the senators’ proposal, and the government, in turn, promised “that this innovation will be implemented in the regulations on the procedure for using electronic signatures,” a member of the Federation Council Committee on economic policy Yuri Roslyak. However, in almost a year and a half regulations we never saw the light.

“Today, regulations are still being developed, so in the fall we will check in what form all this has been implemented. If this principle is not fulfilled, then we will come up with a legislative initiative to legislatively encourage the government, including the Ministry of Telecom and Mass Communications, to use this technology, adds Yu. Roslyak.

According to the senators, the current law on digital signatures is extremely inconvenient: each information system requires an individual digital signature, so civil servants and businessmen have to use several digital signatures at once.

Order of the FSB on requirements for electronic signature tools and CA

On February 17, 2012, the order of the FSB of the Russian Federation dated December 27, 2011 No. 796 “On approval of requirements for electronic signature means and requirements for means of a certification center” was published. Previously, an order dated December 27, 2011 No. 795 “On approval of the requirements for the form of a qualified electronic signature verification key certificate” appeared.

According to the new norms, the signatory when signing a document must show the electronic document to the person signing it, wait for confirmation from that person, and after signing, show him that the signature has been created. When verifying a signature, the tool must show the electronic document, as well as information about changes to the signed document and indicate the person who signed it.

The format of a qualified certificate differs significantly from the format of digital signature certificates that are issued at this time (in accordance with Federal Law No. FZ-1). For example, a qualified certificate must include the name of the electronic signature tools and certification authority tools used to generate the signature key and verification key (private and public keys, respectively), as well as to create the certificate itself.

Compared to digital signature certificates, the way of representing the authority of the certificate owner has changed. At the owner’s request, the EDS certificate could include any information confirmed by relevant documents, and the qualified certificate could include non-standard details (for example, registration number policyholder) may be included only if the requirements for their purpose and location in the certificate are defined in the documents provided to confirm compliance of the certification center’s funds with the requirements of the FSB.

2011

Over the entire period of time, 5-7 million electronic key certificates have been issued in Russia

During the entire period of the 2002 law on electronic signatures, 5-7 million electronic signature key certificates were issued in Russia, the Ministry of Telecom and Mass Communications cites expert estimates. They will be valid until July 1, 2012, then they will have to be replaced with new ones.

In 2011, a market for services for issuing electronic signature media to citizens began to form in Russia. They cost no more than 500 rubles, but it was difficult to estimate the demand at that time: it had not yet been decided which documents were suitable for which signature.

The signature of the highest level, protected from forgery, is the so-called enhanced qualified signature. The means by which documents are certified with such a signature are issued by special certification centers that have been certified by the FSB. According to the Ministry of Telecom and Mass Communications, the Unified State Register of Signature Key Certificates contains 284 such centers.

Tools for issuing simpler signatures - enhanced unqualified and simple - can be purchased on the market; you do not have to contact a certification center for this.

In 2011, certification centers, the tariffs of which were studied by a Vedomosti correspondent, charge 2,000-10,000 rubles for issuing an electronic signature. (depending on the number of related services - for example, for 10,000 rubles you can also take part in a seminar on using such a signature). But the price should be radically reduced, promised the press secretary of the Minister of Communications Elena Lashkina, in fact, it will be reduced to the cost of the carrier. For a carrier of an enhanced electronic signature certified by the FSB, you will need to pay 500-600 rubles, and in the future - 300 rubles. For an unqualified enhanced electronic device, you can buy any USB flash drive (from 100 rubles).

President Medvedev signed the law "On Electronic Signature"

The need for a new law was due to the fact that the provisions current law on electronic signatures (FZ-1) did not comply with modern principles of regulation of electronic signatures that operate in European countries.

There are three types of electronic signature - a simple electronic signature, an unqualified electronic signature and a qualified electronic signature.

A qualified electronic signature is an electronic signature that:

• obtained as a result of cryptographic transformation of information using a signature key;
• allows you to identify the person who signed the document;
• allows you to detect the fact of making changes to the document after it has been signed;
• created using electronic signature tools.

In addition, the verification key for such a signature is indicated in a qualified certificate, and to create and verify an electronic signature, means are used that have received confirmation of compliance with the requirements established in accordance with federal law.

Before use EDS center had to submit copies of the certificate in paper and electronic form to the authorized body. The certification centers themselves were subject to mandatory licensing and had to be organized into a single hierarchical structure. Although the law came into force at the beginning of 2002, the authorized government agency (then it was the Federal Agency for information technology) appeared only in 2004, and the root certification center, without which the work of all the others is impossible, appeared in 2005. Licensing of certification centers did not work at all due to contradictions with the later adopted law “On Licensing individual species activities."

As a result, as noted in the explanatory note to the law “On Digital Signatures,” in Russia digital signatures are practically used only by legal entities, and the number of certificates issued is no more than 0.2% of the total population. The law that has now been adopted does not require licensing from certification centers - they can undergo accreditation and then only on a voluntary basis. Accreditation will be carried out by an authorized body appointed by the government, which will also organize the work of the root center.

To be accredited, a Russian or foreign legal entity must have net assets for an amount of at least 1 million rubles. and financial guarantees for payment of compensation to affected clients in the amount of 1.5 million rubles, have at least two IT specialists with higher vocational education and go through the confirmation procedure with the FSB. Centers are obliged to provide free access to any person to the registers of current and revoked certificates; the mandatory transfer of the register of certificates to the root center will only occur if the center’s accreditation is terminated. A certification center can also organize a system of centers around itself, in relation to which it will be the root.

Plan for the preparation of legal acts in order to implement the federal laws “On Electronic Signature” and “On Amendments to Certain Legislative Acts” Russian Federation in connection with the adoption of the Federal Law “On Electronic Signature”, approved by Order of the Government of the Russian Federation dated July 12, 2011 No. 1214-r. The plan establishes the time frame for the development of legal acts of the Government of the Russian Federation and legal acts of federal executive authorities related to the use of electronic signatures. The Ministry of Telecom and Mass Communications of Russia is one of the responsible executors for the development of legal acts, most of which will be developed jointly with the FSB of Russia, the Ministry of Economic Development of Russia, as well as interested federal executive authorities.

According to the plan, by July 30, 2011, a federal executive body authorized to use electronic signatures will be appointed; by August 31, requirements for the form of a qualified electronic signature verification key certificate, requirements for electronic signature means, requirements for certification center means and procedure for accreditation of certification centers. By October 31, Government resolutions must be adopted on the types of electronic signatures that government agencies use when organizing electronic interaction with each other, on the types of electronic signatures that are used when applying for public services, and on the procedure for using a simple electronic signature when providing state and municipal services. By November 30, the procedure for using an electronic signature when applying for state and municipal services must be approved. The last planned document will be signed in March 2012.

The 2011 law made it possible to sign documents electronically, the circulation of which is not regulated by law direct action, notes Deputy Head of Rosreestr Sergei Sapelnikov. Few documents are subject to regulation: extracts from the real estate cadastre and the Unified State Register of Rights, invoices, etc. The new law, in theory, will allow notaries to electronically certify extracts from a marriage certificate, power of attorney, etc. However, not yet It is clear which of the three formats of signatures will be accepted by government agencies and what specific documents can be signed with them. The law has not established what type of signature a particular agency can use, in what format the general director of the company must sign, in what - Chief Accountant, and in which - a citizen, says Sapelnikov. For authorities, the types of electronic signatures will be determined by the government, and for business and everyday communication, citizens and legal entities have the right to choose the type of signature themselves, says an employee of the Ministry of Telecom and Mass Communications.

On March 30, 2011, at a meeting of the Federation Council, it was decided to amend the law on electronic digital signatures (EDS), without suspending the law in its current version. Now the document does not stipulate the rule that a particular person must have one digital signature, as well as his graphic personal signature. Because of this, officials and businessmen are forced to use different signatures in different information systems.

“In our country, each information system requires an official to issue an individual digital signature for each specific system. We consider this categorically unacceptable: firstly, it is an additional bureaucratic barrier, and secondly, it is a big waste of time and money,” noted one of the initiators of the amendments, a member of the Federation Council Committee on Economic Policy, Yuri Roslyak.

According to him, now an official working in the treasury system has seven different digital signatures. “It can reach the point of absurdity when a person can have 10-12 digital signatures in order not to limit his legal capacity,” he added. According to him, a unified digital signature should be issued in a system of certification centers. It must operate in all public information systems that exist in Russia. It is equally obvious that this thesis has nothing to do with identification in closed information systems.

“Currently, work is underway to coordinate the design: in which chapter this amendment should be included. I think that within a month we will finish this work and begin conciliation procedures at least in early June,” explains Yu. Roslyak.

The State Duma approved the bill "On Electronic Signature"

In March 2011, the State Duma of the Russian Federation approved in the last reading the draft Federal Law “On Electronic Signatures,” which is intended to replace the existing Federal Law No. 1-FZ “On Electronic Digital Signatures” since 2002. The law is intended to “regulate relations regarding the use of electronic signatures when making civil transactions, providing state and municipal services, executing state and municipal functions, as well as when performing other legally significant actions.”

In accordance with Art. 5 of the bill defines three new types of electronic signature: simple, unqualified and qualified (the most secure). The digital signature key certificates currently in use are equivalent to qualified electronic signature certificates.

The law regulates the issuance and use of signature key certificates, verification of the authenticity of signatures, accreditation and provision of services of certification centers that will issue electronic signature key certificates. Until July 1, 2012, such centers will continue to operate as before, but will have to undergo mandatory accreditation by the authorized body. Starting from the summer of 2012, the right to issue qualified signatures is granted exclusively to accredited certification centers.

The situation with digital signatures in the Russian Federation is such that any user, in order to work with information systems that require the use of an electronic digital signature, has to create a separate digital signature for almost each of them. To resolve this situation, the Federation Council of the Russian Federation is preparing an amendment to the law “On Electronic Digital Signatures,” which is designed to make life easier for digital signature users. As a result, it should become uniform for all information systems and not limit the legal capacity of their holders.

V. Putin’s order on the transition of government agencies to paperless document flow by 2012

In February 2011, Russian Prime Minister Vladimir Putin signed Order No. 176-“On approval of the action plan for the transition of federal executive bodies to paperless document flow when organizing internal activities.” This document approved an action plan for the transition of federal authorities to paperless document flow and established that the implementation of measures for the transition to paperless document flow is carried out “at the expense of funds provided for in the federal budget.”

By June 2011, it is planned to provide “officials of federal executive authorities with electronic digital signatures for use in electronic document management” and to create or modernize the electronic document management system of ministries and departments. From January 1, 2012, according to the plan, paperless document flow should be operational in all federal government agencies.

2010: Report of the Ministry of Energy to the President of the Russian Federation on the need for digital signatures for electronic government services

Electronic digital signatures are most actively used in the financial sector - this is facilitated by the growing penetration of Internet banking systems and the initiative of the Federal Tax Service, whose divisions accept reporting in electronic form. In addition, Russian President Dmitry Medvedev recently signed Federal Law No. 229-FZ dated July 27, 2010, which provides for amendments to the first and second parts of the Tax Code of the Russian Federation. Among them is the possibility of issuing invoices electronically by mutual agreement of the parties to the transaction and if the parties have compatible technical means and capabilities for receiving and processing invoices. One of the mandatory conditions for such a process is the signing of invoices using an electronic digital signature.

According to market experts, the creation of any financial documentation and reporting is one of the simplest examples of an industry where the use of digital signatures can bring profit. Nowadays, organizations often have to rent warehouses to store financial statements - the storage period for documents can be 5 years or even more. Quite a significant amount of money is spent on this. In addition, every ordinary private person also has a kind of warehouse at home in which documents are stored. If all these documents are transferred into electronic form, this will significantly make the life of a person or company easier and will ensure greater safety of documents - after all, paper documents cannot be copied as easily as electronic ones.

In the United States, UETA and the National Electronic Documents Act give electronic documents the same weight as traditional paper obligations signed by hand.

These statutes define electronic signature as “an electronic sound, symbol, or process attached to or logically associated with a contract or other record and attached thereto by a person with the intent to sign the record.” Thus, any business transaction can be completed electronically.

“In the US, people use electronic signatures in all aspects related to their daily lives. You can electronically apply for a mortgage or insurance as part of a car loan, says Stephen Bisbee, president of eOriginal, a Baltimore company that holds a patent on the process of creating, signing and transmitting documents electronically.

The most progressive enterprises no longer wonder whether to use an electronic signature - they are focused on how to best integrate its use into their own business processes.

The next step will be managing any “digital” business online. “This is a movement forward - from simple signatures to complex financial transactions in electronic form,” says Bisbee, and predicts that a turning point in this area will occur within the next four years.

1994: In Russia, the EDS standard was adopted - GOST R 34.10-94

Electronic digital signatures came to Russia in 1994, when the first Russian standard EDS – GOST R 34.10-94, which in 2002 was replaced by GOST R 34.10-2001.

1976: Development of electronic signature in the USA

It can be considered the birthplace of digital signature: in 1976, American cryptographers Whitfield Diffie and Martin Hellman first proposed the concept of “electronic digital signature,” although they only assumed that digital signature schemes could exist. But already in 1977, the RSA cryptographic algorithm was developed

With the help of which you can determine whether the information contained in an electronic document has been distorted since the moment the signature was formed, and also allows you to confirm the ownership of a particular document by the owner.

Decoding basic concepts

Each electronic signature must be confirmed by a special certificate that verifies the identity of the owner. You can obtain a certificate at a special center or from a trusted representative.

The owner of the certificate is individual, for which the certification authority issued an electronic signature certificate. Each owner has two signature keys: public and private. The private key of the electronic signature allows you to sign electronic documents; you can use it to generate an electronic signature. It is kept secret, like a PIN code for a bank card.

The function of a public key is to verify the authenticity of signatures on documents. It is connected with a closed "colleague" in a unique manner.

In law

The Federal Law “On Electronic Digital Signature” divides electronic signatures into several types: simple electronic signature, enhanced unqualified electronic signature and qualified electronic signature. Using a simple electronic signature, you can confirm the fact of creating an electronic signature for a specific person. This is done through the use of passwords, codes and other means.

A strengthened unqualified digital signature is the result of a cryptographic transformation of information, which is carried out using a private digital signature key. Using such a signature, you can establish the identity of the signatory of the document, as well as detect, if any, changes that have occurred since the signing of the papers.

Qualified Signature

The enhanced qualified electronic signature has the same features, however, to create it, the electronic digital signature is verified using cryptographic protection means certified by the Federal Security Service. Certificates of such a signature can only be issued by an accredited certification center, and nowhere else.

According to the same law, signatures of the first two types are equivalent to a handwritten signature on a paper document. Between people performing any transaction using digital signatures, it is necessary to conclude an appropriate agreement.

The third type (qualified digital signature) is an analogue of not only a handwritten signature, but also a seal. Thus, documents certified by such a signature have legal force and are recognized by regulatory authorities (Federal Tax Service, Social Insurance Fund and others).

Application for legal entities

Currently, digital signature is most often used for a legal entity. The technology of digital signatures is widely used in electronic document management. The purpose of the latter can be different: external and internal exchange, documents can be of a personnel or legislative nature, organizational, administrative or commercial and industrial, in a word, everything that can only be done with a signature and seal. EDS registration must be carried out in an accredited center.

For internal document flow, a digital signature is useful because it allows you to quickly initiate the approval of documents organizing internal processes. EDS allows the director not only to sign documents while away from the office, but also not to store piles of papers.

In inter-corporate document flow, an electronic digital signature is one of the most important conditions, because without it, digital papers have no legal force and cannot be used as evidence in the event of filing a claim. An electronic document signed with an enhanced electronic signature retains its legitimacy even if stored in an archive for a long time.

Electronic reporting

EDS is indispensable for reporting to regulatory authorities. Many documents can be submitted electronically instead of carrying a whole bunch of forms. The client can not only choose a time and not stand in line, but also submit reports in a convenient way: through 1C programs, portals government agencies or separate software specifically designed for this purpose. The fundamental element in such a process will be the digital signature. For a legal entity that has received an electronic signature certificate, the main criterion should be the reliability of the certification center, but the method of delivery is unimportant.

Government services

Most citizens have come across the term “electronic signature” on various websites. One of the ways to verify an account, for example, on a portal that provides access to many government services, is confirmation via an electronic signature. Moreover, digital signature for individuals allows you to sign any digital documents sent to a particular department, or receive signed letters, agreements and notifications. If the executive authority accepts electronic documents, then any citizen can send a digitally signed application and not waste their time submitting papers on a first-come, first-served basis.

UEC

An analogue of an electronic signature for individuals is a universal electronic card into which a reinforced qualified digital signature is embedded. The UEC has the form of a plastic card and is a means of identification for a citizen. It is unique, like a passport. Using this card, you can carry out many actions - from paying and receiving government services, to replacing documents such as a medical policy and SNILS card.

A universal electronic card can be combined with an electronic wallet, bank account and even a travel ticket, in a word, with any of the documents that can be accepted digitally. Is it convenient to carry only one document? Or is it easier to keep everything in paper form as usual? This issue will have to be resolved by every citizen in the near future, because technology is becoming more and more firmly rooted in our lives.

Other Applications

Also, documents signed by electronic signature are used to conduct electronic trading. Availability of a digital signature in in this case guarantees buyers that the offers at the auction are real. In addition, contracts not signed using the electronic digital signature have no legal force.

Electronic documents can be used as evidence when considering cases in arbitration court. Any certificates or receipts, as well as other papers certified by a digital signature or other analogue of a signature, are written evidence.

Document flow between individuals occurs mainly in paper form, but it is possible to transfer papers or conclude contracts using electronic signatures. Remote workers can use a digital signature to send acceptance certificates electronically.

How to choose a certificate

Since there are three types of electronic signatures, citizens often have a question about which certificate is better. It should be remembered that any electronic signature is an analogue of a handwritten signature, and at the moment the legislation of the Russian Federation establishes that a person has the right to use them at his own discretion.

The choice of a digital signature directly depends on the tasks that will be solved through it. If you are preparing to submit reports to regulatory authorities, a qualified signature will be required. For inter-corporate document flow, a qualified electronic signature is also most often required, because only it not only gives documents legal force, but also allows you to establish authorship, control changes and the integrity of documents.

Internal document flow can be carried out with all types of electronic digital signatures.

How to sign a digital signature document?

The main question for those who need to use it for the first time electronic digital signature, is how the document is signed. Everything is simple with papers - you sign and hand them over, but how can you do this on a computer? This process is impossible without the use of special software. The digital signature program is called a cryptoprovider. It is installed on the computer, and already in its environment various activities with forms are carried out.

There are quite a large number of crypto providers, both commercial and free. All of them are certified by government agencies, however, if interaction with 1C:Enterprise is required, then the choice should be made on one of two products: VipNet CSP or CryptoPro CSP. The first program is free, but the second will need to be purchased. You should also know that when installing two crypto providers at the same time, conflicts are inevitable, so for correct operation one of them will have to be removed.

According to user reviews, a convenient application for generating digital signatures is called CyberSafe. It not only allows you to sign documents, but also works as a certification center, that is, this program verifies your digital signature. The user can also upload documents to the server, so the signed agreement or certificate will be available to all company specialists who have access to the program, and there will be no need to send it to everyone by email. On the other hand, you can make sure that only a certain group of people gets access.

EDI - mandatory or not?

Many enterprises have already appreciated that digital signature is a convenience, and electronic document management (EDF) saves time, but whether to use it or not is an entirely personal choice. To carry out EDI, it is not necessary to connect an operator; by agreement, you can use regular email or any other method of electronic transmission of information, it all depends on the agreement between the participants in the exchange.

Organizing any electronic document flow is associated with certain costs; in addition, you will have to install and configure a program for signing documents - a crypto provider. This can be done like on our own, and use the services of specialists who install software remotely, even without visiting the client’s office.

EPC in internal EDO

In the case of inter-corporate turnover, the pros and cons are immediately clear, and positive sides in a clear majority. Among the disadvantages, the only disadvantages that can be noted are the costs of an electronic digital signature key, the organization of software (even if this is a one-time expense), as well as minimizing personal meetings of company representatives and managers, however, if necessary, a meeting can be organized.

But how will electronic document management within an enterprise be useful? How will the costs of supplying all employees with digital signature keys be recouped?

Using digital documents saves time: instead of first printing out the necessary paper and then searching for it among a pile of printouts or even going to another office, if a network printer is used, an employee can sign and send everything without leaving his desk. In addition, when switching to EDF, the costs of paper, toner and Maintenance printers.

Digital documents can also be a tool for maintaining confidentiality. An electronic signature cannot be forged, which means that even if an employee or manager has ill-wishers within the company, they will not be able to make any substitution of documents.

Often innovations are promoted with difficulty, so at first it may be difficult for employees to get used to the new format for submitting documents, but once they appreciate the convenience of digital signature, they will no longer want to go back to running around with paperwork.

Psychological barrier

Electronic digital signatures appeared relatively recently, so it is difficult for many to perceive them as a real analogue of familiar paper documents. A similar problem arises in many enterprises: employees simply do not consider the contract signed until there is a real stamp and signature on the paper. They use scans from paper documents and easily lose their digital signature key. One more piece of paper will help you overcome this psychological barrier. A provision on electronic document management officially certified with a “wet” signature will let employees understand that this is a serious thing and treat digital documents follows the same as for analog.

Another problem may arise in the educational part. Many enterprises employ older employees. They are valuable personnel, experienced in their field, have a lot of experience, but it can be quite difficult to explain to them how to use an electronic digital signature, because they have just recently mastered e-mail, but here everything is much more complicated, and there are many nuances.

The training task can be delegated to the IT department or the help of third-party specialists can be used. Many companies conduct computer trainings and courses for their employees, where they are explained the basics of working with email and various programs. Why not include an application for generating digital signatures in this list?