home / Tax system / What is an electronic signature - in simple language for beginners in the world of the digital economy. About the electronic signature for "beginners" Electronic signature generation tools
28.06.2020

What is an electronic signature - in simple language for beginners in the world of the digital economy. About the electronic signature for "beginners" Electronic signature generation tools

Types of electronic signatures in Russia and requirements for ES tools

Adopted back in April 2011, Federal Law N 63-FZ "On Electronic Signature" defined the following two types electronic signature(EP): simple EP and enhanced EP, of which the second, in turn, is unskilled and qualified.

A simple ES, by and large, is not even quite an electronic signature in the classical mathematical sense - at least one-time codes, even passwords, can be used as a simple ES:

A simple electronic signature is an electronic signature that, through the use of codes, passwords or other means, confirms the fact of the formation of an electronic signature by a certain person.

An enhanced electronic signature necessarily uses cryptographic transformations. Here are the requirements for enhanced unqualified ES (or just unqualified ES):

1) obtained as a result of cryptographic transformation of information using an electronic signature key;
2) allows you to identify the person who signed the electronic document;
3) allows you to detect the fact of making changes to the electronic document after the moment of its signing;
4) is created using electronic signature means.

As you can see, a reinforced ES, unlike a simple ES, should allow you to detect changes in an electronic document (it is clear that this cannot be done with a password), but it must be formed using the ES tools:

means of electronic signature - encryption (cryptographic) means used to implement at least one of following functions– creation of an electronic signature, verification of an electronic signature, creation of an electronic signature key and an electronic signature verification key;

The concept of an Electronic Signature Tool is very important and we will return to it below. In the meantime, we will continue to deal with the types of electronic signatures. It remains to consider a qualified enhanced signature - it differs from an unqualified enhanced signature in two fundamental additional requirements:

1) the electronic signature verification key is specified in a qualified certificate;

2) to create and verify an electronic signature, electronic signature tools are used that have confirmation of compliance with the requirements established in accordance with this Federal Law.

In other words, for a qualified electronic signature, no matter what certificate is suitable, you need a qualified one:

qualified certificate - a certificate of the electronic signature verification key, conforming to the requirements established by this Federal Law and other regulations adopted in accordance with it legal acts, and created by an accredited certification center or federal agency executive power, authorized in the field of use of electronic signature ;

Further, the text of the law provides an exhaustive list of information that a qualified certificate must contain and states that it is created only using the means of an accredited certification center.

The Signature ES Tool used to create and verify a qualified electronic signature is also suitable not for any, but only for the one that has confirmation of compliance with the established ones.

Concepts " electronic signature verification key«, « certificate«, « verification Center" and so on. I will not consider it separately in this post (you can see the beginning of this post, for example: http://zlonov.ru/2013/12/private-keys-keepers-evolution/), if necessary, write in the comments, I will reveal all the terminology separately.

Here is a table that briefly explains the main differences between the types of electronic signatures in accordance with 63-FZ:

Types of electronic signatures (ES) and their features in accordance with 63-FZ

Now let's return to the concept of the EP tool. From the above definition it follows that the means of ES are certain kind encryption (cryptographic) means that are used for any one or any combination of the functions:

  • creating an electronic signature,
  • electronic signature verification,
  • creation of an electronic signature key and an electronic signature verification key.

I will note in the margins that the creation of an ES key and an ES verification key is possible only in pairs (the same public and private keys in asymmetric cryptography).

The encryption tools themselves are defined in Decree of the Government of the Russian Federation of April 16, 2012 N 313 “On approval of the Regulation on licensing activities ...”, here is an excerpt from the definition:

Encryption (cryptographic) tools (means of cryptographic information protection), including documentation for these tools, include:

c) means of electronic signature;

For me, this is how we have a recursive looped definition of a concept through itself =) Well, let's not be casuists. In fact, under the concept means of EP include purely software, software and hardware, and even entire complexes and systems.

Let's go back to 63-FZ and see what the requirements are for ES funds. Here's what they should do:

1) allow to establish the fact of a change in the signed electronic document after the moment of its signing;

2) ensure the practical impossibility of calculating an electronic signature key from an electronic signature or from its verification key.

The fact of tracking changes was already higher in the requirements for enhanced ES, but the practical impossibility of calculating the ES key from the ES or from the ES verification key is an understandable and reasonable requirement (the private key should not be calculated from the public or from the electronic signature itself).

Let's continue.

For cases of signing documents containing state secrets, or when using the ES Tool in systems containing state secrets, confirmation of compliance is required mandatory requirements to protect information of an appropriate degree of secrecy. It is quite logical, since the State Secret is regulated separately and the requirements there are also separate.

There is another important caveat about signing documents containing restricted access information (including personal data): ES tools should not violate the confidentiality of such information. As far as I understand, here we are talking about the fact that for such information it is impossible, for example, to use cloud-based electronic signature services that are not protected in accordance with the requirements of the law.

If an electronic signature tool is used to automatically create and (or) automatically verify electronic signatures in an information system, then the requirements for it end. Automatic generation, for example, can be used when rendering public services. Then the certificate may not indicate a specific individual, and the creation of an ES is carried out, say, by a reporting acceptance system (to confirm the fact that the reporting was received on time, for example).

In cases of non-automatic creation and verification of an electronic signature, the ES means are presented with Additional requirements.

When creating an electronic signature, the ES tools must:

1) show independently or using software, software, hardware and technical means necessary to display information signed using these means to the person who creates an electronic signature, the content of the information that is being signed;

2) create an electronic signature only after the person signing the electronic document confirms the operation to create an electronic signature;

3) unequivocally show that the electronic signature has been created.

The first requirement means that by itself, for example, a token cannot be an ES Tool - some kind of strapping around it, which will show the document being signed. The second requirement prohibits the creation of a signature without human verification. Finally, the third requirement specifies that it must be made clear that the signature has been created.

When verifying an electronic signature, the ES Tool must:

1) show independently or using software, software and hardware and technical means necessary to display information signed using these means, the content of an electronic document signed with an electronic signature;

2) display information about making changes to an electronic document signed with an electronic signature;

3) indicate the person using whose electronic signature key electronic documents are signed.

It should be clearly visible and understandable - what is signed, whether changes have been made and who signed.

These are, in a nutshell, the main requirements for ES Tools in 63-FZ. However, it also contains an article about the powers of federal executive bodies in the field of using an electronic signature, which states:

Federal executive authority in the field of security:

1) establishes requirements for the form qualified certificate;
2) sets requirements for electronic signature means and means of the certification center;
3) confirms the compliance of electronic signature means and means of a certification center requirements established in accordance with this Federal Law and publishes a list of such funds;
4) in agreement with the authorized federal body, establishes additional requirements for the procedure for the implementation of the functions of an accredited certification center and the performance of its duties, as well as for ensuring information security accredited certification authority.

Such an authority is the FSB of the Russian Federation, which on December 27, 2011 issued Order No. 796 “On Approval of the Requirements for Electronic Signature Tools and the Requirements for Certification Center Tools”.

First of all, this order of the FSB establishes requirements for the development, production, sale and operation of ES tools:

there are requirements enshrined in the Regulation on the development, production, sale and operation of encryption (cryptographic) information security tools (Regulation PKZ-2005), approved by order of the FSB of Russia of February 9, 2005 N 66 (as amended by order of the FSB of Russia of April 12 2010 N 173 for encryption (cryptographic) means of protecting information with limited access that does not contain information constituting a state secret.

PKZ-2005 is a fundamental regulation for all developers of cryptographic tools, which is not surprising, since ES tools are, first of all, an encryption tool. By the way, in PKZ-2005 there is the following definition for electronic digital signature means:

means of electronic digital signature - hardware, software and hardware-software tools that provide, on the basis of cryptographic transformations, the implementation of at least one of the following functions:
— creation of an electronic digital signature using private key electronic digital signature,
— confirmation using the public key of the electronic digital signature of the authenticity of the electronic digital signature,
— creation of private and public keys of electronic digital signature.

Yes, we are talking about EDS tools here, not EDS, but we have already decided not to be casuists =)

Let's return to the requirements for the ES tools, to which the entire section II is devoted in the FSB order (articles 8 to 39). Articles 8-10 duplicate what is in 63-FZ in terms of the requirements for creating and verifying an ES in non-automatic work.

Article 11 specifies that:

Article 11 software tools with the aim of violating the security of the information protected by the ES tool or in order to create conditions for this (hereinafter referred to as the attack).

In subsequent articles 12-18, the classes of ES Tools KS1, KS2, KS3, KB2, KA1 are defined depending on their ability to withstand such attacks.

In further articles 19-39, even more detailed requirements are formulated for the composition of the ES Tools for different classes and for the features of their work, of which I will highlight articles 20, 22 and 38:

Article 20

Article 22. In the ES tool, only the algorithms for the functioning of the ES tool specified in the ToR for the development (modernization) of the ES tool should be implemented.

Article 38 key information ES tools must be implemented directly in the ES tool.

The meaning here, simplified, is that only cryptographic GOST algorithms can be used in the ES Tool, while they must be implemented in itself (you cannot use, for example, any external tools) and no other cryptographic algorithms and protocols in the ES Tool should not be implemented.

The final table with the basic requirements for ES tools in 63-FZ and FSB order No. 796 looks like this:

Thus, to use a simple ES, you can use any means, for an enhanced unqualified ES (or simply an unqualified ES) - only ES tools, the basic requirements for which are defined in 63-FZ, and, finally, for an enhanced qualified ES (or simply a qualified ES) - only ES funds that have confirmation of compliance with the requirements established in accordance with Federal Law 63-FZ and Order of the FSB No. 796. Confirmation of such compliance is a certificate of conformity issued by the FSB of Russia, in which such compliance is explicitly mentioned.


(EDS) is an attribute of an electronic document designed to protect this electronic document from forgery, obtained as a result of cryptographic transformation of information using the private key of an electronic digital signature and allowing to identify the owner of the EDS key certificate, as well as to establish the absence of information distortion in the electronic document.

Regulatory documents related to EDS

The use of EDS when concluding transactions is regulated by the Federal Law of January 10, 2002 N1-FZ "ON ELECTRONIC DIGITAL SIGNATURE". The law proclaims general provisions"rules" on electronic markets regarding the issues of recognition of an EDS in an electronic document as equivalent to a handwritten signature in a document on paper.


    • Timestamp Service

      The validity period of any EDS certificate is limited to a certain period of time. After the expiration of its validity period, all documents created using this EDS lose their legal force, because. it is impossible to determine whether the certificate was up-to-date at the time of signing this document or not? This automatically means the invalidity of the document in accordance with the Federal Law "On Electronic Digital Signature".

      The time stamp service allows you to prove the fact of the existence of a document at a certain point in time.

      The Time Stamping Service can be a Certification Authority that has an accurate and reliable time source and provides time stamping services.

      The time stamp is analogous to the date on the signed document. It also confirms that the certificate was valid at the time the document was signed. This means that it is still possible to use a revoked certificate for EDS checks created before the revocation. This problem is relevant for all systems. electronic document management. The timestamp can also be used to confirm the receipt or dispatch of a document when needed.

      What else allows you to use a digital signature?

      An electronic digital signature is one of the most important elements for organizing a full-fledged electronic document management, because serves as an analogue of a person's handwritten signature. In addition, the use of a digital signature allows you to:

      * Integrity control of the transferred document: in case of any accidental or intentional change of the document, the signature will become invalid, because it is calculated based on the initial state of the document and corresponds only to it.
      * Protection against changes (forgery) of the document: the guarantee of forgery detection during integrity control makes forgery impractical in most cases.
      * Impossibility of refusal of authorship. Since it is possible to create a correct signature only if the private key is known, and it should be known only to the owner, the owner cannot refuse his signature on the document.
      * Evidence of document authorship: Since it is possible to create a correct signature only if the private key is known, and it should be known only to the owner, the owner of the key pair can prove his authorship of the signature under the document. Depending on the details of the document definition, fields such as “author”, “changes made”, “timestamp”, etc. can be signed.

      What needs to be done to work with EDS?

      To work with EDS you need:

      • ensure the availability of a PC in accordance with the requirements;
      • ensure the availability of specialized software for working with EDS;
      • determine the person to whom the EDS certificate is issued;
      • choose the method of obtaining an EDS;
      • conclude a CA agreement and pay for services for issuing a signature key certificate.

      Leave your comment!

Federal Law of the Russian Federation "On Customs Regulation in Russian Federation» No. 311-FZ dated November 27, 2010, it was established that the declaration for goods is submitted in electronic form (Article 204). An exception to this rule is made only for a certain list of goods, customs procedures, as well as some cases that are established by Decree of the Government of the Russian Federation No. 1154 of December 13, 2013.

The declaration for goods, as well as all related documents submitted in electronic form, are signed (certified) by an electronic signature (ES), the type of which is determined by the federal executive body authorized in the field of customs, in accordance with the legislation of the Russian Federation. The procedure for checking the ES is established by the federal executive body authorized in the field of customs (Article 204 of the Federal Law No. 311-FZ of November 27, 2010).

The type of electronic signature that must be used for electronic customs declaration is established by clause 5 of the Order of the Federal Customs Service of Russia No. 2187 dated October 25, 2011, which, in particular, states:

"To confirm belonging and immutability electronic documents a qualified electronic signature is used in the information system of the customs authorities. Information in electronic form transmitted in the process of information exchange and signed with a qualified electronic signature is recognized as an electronic document equivalent to a paper document signed with a handwritten signature.

Thus, all documents transmitted in electronic messages must be certified by an electronic signature. Messages that contain a document that is not certified by the electronic signature cannot be accepted by the electronic declaration system.

Order of the Federal Customs Service of Russia No. 1761 dated September 17, 2013, which regulates the procedure for using the ED system, establishes that the interaction of declarants with customs authorities during customs declaration and release of goods is carried out through electronic method exchange of information using enhanced qualified electronic signatures in the manner prescribed by Federal Law No. 63-FZ of 04/06/2011 "On Electronic Signature".

In accordance with Federal Law No. 63-FZ of April 6, 2011 (Art. 5, Clause 4), an enhanced qualified electronic signature is an electronic signature that meets the following requirements:

  • obtained as a result of cryptographic transformation of information using an electronic signature key;
  • allows you to uniquely identify the person who signed the electronic document;
  • allows you to detect the fact of making changes to an electronic document after the moment of its signing;
  • created using electronic signature tools.
  • the electronic signature verification key is specified in the qualified certificate (KSKP ES);
  • to create and verify an electronic signature, electronic signature tools are used that have received confirmation of compliance with the requirements established in accordance with Federal Law No. 63-FZ.

Paragraph 6 of the Order of the Federal Customs Service of Russia No. 1761 dated September 17, 2013 also establishes that:

“The information reflected in the electronic documents specified in paragraph 3 of the Procedure, declared by the declarant to the customs declaration authority, is the information necessary for customs purposes, and is certified by the electronic signature of the person who compiled the EDT.”

The person who draws up and signs the declaration for goods (whose details are indicated in column 54) and is the owner of the ES key. This is explicitly stated in paragraph 6 of the Order of the Federal Customs Service of Russia No. 2187 dated 10/25/2011:

“The owner of the qualified certificate of the electronic signature verification key and the key carrier corresponding to it is an authorized representative Interested person

It should be noted that the enhanced qualified electronic signature itself is not stored on key media, it appears at the time of signing the document as a result of the use of ES tools, is its integral part and serves three main purposes:

  1. Provides unambiguous identification of the person who put the ES on the electronic document;
  2. Ensures the impossibility of making any changes to the electronic document after its signing;
  3. Ensures the non-repudiation of the person who put his signature on the authorship of the electronic document.

Federal Law No. 63-FZ gives the following definition of ES:

"Electronic signature - information in electronic form that is attached to other information in electronic form (signed information) or otherwise associated with such information and which is used to identify the person signing the information."

2. Means of electronic signature

To create and verify an ES, create an ES key and an ES verification key, electronic signature tools should be used that allow you to establish the fact that a signed electronic document has changed after the moment of its signing, and also ensure the practical impossibility of calculating the ES key from the ES itself or from its verification key.

EP tools include:

  1. Electronic signature key- this is a unique sequence of characters designed to create an ES. The electronic signature key (also called the private key) must be kept secret by the owner and used exclusively for the formation of an ES in the process of creating an electronic document. The ES key is also used to generate the ES verification key at the stage of its generation.
  2. Electronic signature verification key is a unique sequence of characters uniquely associated with the key of the electronic signature and designed to verify the authenticity of the electronic signature. The ES verification key (also called the public key) is not secret and is designed to verify the DS by the recipient of the signed electronic document.
  3. Cryptographic information protection system (CIPF)- it's special software package, designed to encrypt data. In the electronic declaration system for the purposes customs clearance CIPF "CryptoPro CSP" developed by the company "Crypto-Pro" is used. The CIPF software product "CryptoPro CSP" must be installed on all working computers and transport servers on which an ES is generated or checked.

In the process of creating an ES, the electronic signature means must show the person signing the electronic document the content of the information that he signs, create the ES only after confirmation by the person signing the electronic document, and also clearly show that the electronic signature has been created.

When verifying an ES, the electronic signature means must show the content of the electronic document signed by the ES, show information about making changes to the document signed by the ES, and also unambiguously identify the person using whose ES key the electronic documents were signed.

3. Certification authority

You can obtain ES funds for working with the electronic declaration system for the purposes of customs clearance by contacting one of the Certification Centers (CA) accredited by the federal body for compliance with the requirements of Federal Law No. Order of the Federal Customs Service No. 2187 of October 25, 2011.

A certification authority is a body that confirms the legitimacy of using an electronic signature.

To do this, in accordance with Article 15 of Federal Law No. 63-FZ:

"1. An accredited CA must keep the following information:
1) details of the main document proving the identity of the holder of a qualified certificate - an individual;
2) information about the name, number and date of issue of a document confirming the right of a person acting on behalf of the applicant - a legal entity, to apply for a qualified certificate;
3) information about the names, numbers and dates of issue of documents confirming the powers of the holder of a qualified certificate to act on behalf of third parties, if information on such powers of the holder of a qualified certificate is included in the qualified certificate.
2. An accredited CA must store the information specified in part 1 of this article during the period of its activity, unless a shorter period is provided for by regulatory legal acts of the Russian Federation. Information must be stored in a form that allows checking its integrity and reliability.
3. An accredited certification center is obliged to provide any person with free access using information and telecommunication networks to the qualified certificates issued by this certification center and to current list revoked qualified certificates at any time during the period of activity of this certification center, unless otherwise provided by federal laws or regulatory legal acts adopted in accordance with them.
4. In the event of a decision to terminate its activities, an accredited certification center is obliged to:
1) inform the authorized federal body about it no later than one month before the date of termination of its activities;
2) transfer to the authorized federal body in the prescribed manner the register of qualified certificates;
3) transfer for storage to the authorized federal body in accordance with the established procedure the information to be stored in an accredited certification center.

4. Qualified certificate of the electronic signature verification key

Qualified certificate of the ES verification key (QSKP ES) - an electronic document or a document on paper issued by an accredited CA or an authorized representative of an accredited CA, or a federal executive body authorized in the field of ES use and confirming that the electronic signature verification key belongs to the owner of the certificate of the electronic verification key signatures.

The Certification Authority, which is part of the system of trusted CAs of the customs authorities, creates the ES CSRS in accordance with the Applications for the ES CSCS of the Interested Parties in accordance with the CA Regulations and issues them to the owners in the form of an electronic document. The owner of the ES KKP, issued in the form of an electronic document, is also entitled to receive a copy of the ES KSKP on paper, certified by a certification center.

KSKP EP in without fail must contain the following information (Article 17 of the Federal Law No. 63-FZ):

  • a unique number of a qualified certificate, the start and end dates of its validity;
  • surname, name and patronymic (if any) of the holder of a qualified certificate - for an individual, or name, location and main state registration number of the owner of a qualified certificate - for a legal entity;
  • the insurance number of the individual personal account (SNILS) of the owner of a qualified certificate - for an individual or the taxpayer identification number of the owner of a qualified certificate - for a legal entity;
  • electronic signature verification key;
  • the names of the electronic signature means and the means of the accredited certification center that were used to create the electronic signature key, the electronic signature verification key, the qualified certificate, as well as the details of the document confirming the compliance of these means with the requirements established in accordance with this Federal Law;
  • the name and location of the accredited certification center that issued the qualified certificate, the number of the qualified certificate of the certification center;
  • restrictions on the use of a qualified certificate (if such restrictions are established);
  • other information about the owner of the qualified certificate (at the request of the applicant).

Termination and revocation of the KSKP EP

In accordance with the Order of the Federal Customs Service No. 2187 dated November 25, 2011:

“KSKP EP terminates due to:
1) with the expiration of the established period of its validity;
2) based on the application of the owner of the certificate of the electronic signature verification key;
3) on the basis of an application for revocation of a qualified certificate of the electronic signature verification key;
4) in case of termination of the activities of the certification center without the transfer of its functions to other persons;
5) upon receipt, in accordance with the legislation of the Russian Federation, of information about circumstances that may lead to negative consequences for the customs authorities of the Russian Federation or the Interested Party or affect the accuracy of the information sent to the customs authorities;
6) in other cases established by agreement between the certification center and the owner of the certificate of the electronic signature verification key.

In the event of a need to revoke the ECSC EP, the Application for revocation of the certificate must be sent to the CA no later than the next day after such a need arises.

The need to withdraw the UPC EP may be due to the following reasons:

  1. Changes in the information contained in the KSKP EP, that is, inconsistency with the actual data (for example, changing the name of the owner of the KSKP EP, dismissal of the owner of the KSKP EP from the organization, etc.);
  2. ES key compromise.

Good afternoon, dear readers! This article is dedicated to business owners, regardless of its size and organizational form and ordinary citizens of our country. It will be equally useful and interesting, both for simple individual entrepreneurs and for the owners of large enterprises. commercial enterprises. What do they have in common? The answer is simple - document flow and the need to interact with various government agencies! Therefore, let's talk about a tool that will greatly simplify the movement of documentation, both within the enterprise and beyond! Today we will consider in detail how to obtain an electronic signature (EDS)!

Let's start with the essence of the electronic signature and the mechanism of its functioning, then we will consider the scope and unconditional usefulness, after which we will discuss how to obtain it for individual entrepreneurs, individual entrepreneurs and legal entities, and also talk about the necessary documents. We have collected the most complete information on how to get an EDS! By the way, if necessary, with its help you can close the IP. The article describes how to do it!

What is an electronic digital signature: the simple essence of a complex concept!

Each document at the enterprise must be signed authorized person. The signature gives it legal force. Modern technologies transferred paperwork to electronic format. Which turned out to be extremely convenient! Firstly, electronic documents have simplified and accelerated the exchange of data in the enterprise (especially with international cooperation). Secondly, the expense associated with their turnover has been reduced. Thirdly, there has been a significant increase in security commercial information. Despite the electronic format, each document must be signed, so the EDS was developed.

What is an electronic digital signature? This is an analogue of traditional painting in digital format, which is used to give legal effect to documents on electronic media. The word "analogue" should be understood as a sequence of cryptographic symbols generated randomly using special software. It is stored on electronic media. Usually flash drives are used.

There are two important concepts associated with ES: a certificate and a key. A certificate is a document that certifies that an electronic signature belongs to a specific person. It comes in normal and enhanced. The latter is issued only by some accredited certification centers or directly by the FSB.

The electronic signature key is the same sequence of characters. The keys are used in pairs. The first is the signature, and the second is the verification key that certifies its authenticity. For each new signed document, a new unique key is generated. It is important to understand that the information received on a flash drive in a certification center is not an ES, it is just a means for creating it.

An electronic signature has the same legal weight and effect as a paper document. Of course, if there were no violations during the application of this parameter. If a discrepancy or any deviation from the norm is detected, the document will not become valid. The use of EDS is regulated by the state with the help of two laws FZ-No. 1 and FZ-No. 63. They affect all areas of application of the signature: in civil law relations, in interaction with municipal and state bodies.

How did the idea of ​​using the EPC come about: let's remember the past!

In 1976, two American cryptographers Diffie and Hellman suggested that electronic digital signatures could be created. It was just a theory, but it resonated with the public. As a result, already in 1977, the RSA cryptographic algorithm was released, which made it possible to create the first electronic signatures. Compared to the present, they were very primitive, but it was at this moment that the foundation was laid for the future rapid development of the industry and the ubiquity of electronic document management.

The millennium brought significant changes. In the United States, a law was passed according to which a signature on paper was equal in legal force to an electronic one. Thus, a new rapidly growing segment of the market appeared, the volume of which, according to the forecasts of American analysts, by 2020 will amount to $30 billion.

In Russia, the first EPs began to be used only in 1994. The first law that regulated their application was adopted in 2002. However, it was distinguished by extreme vagueness of wording and ambiguity in the interpretation of terms. The law did not give an unambiguous answer to the question of how to obtain an electronic signature and use it.

In 2010, a large-scale project was developed to create a virtual environment for the provision of public services in electronic format, which in August of the same year was submitted for consideration to the President of the Russian Federation. One of the key areas of the project is the opportunity use of EDS. The regions were obliged to create conditions for free access of individuals and legal entities to the possibilities of electronic document management, so that everyone can get an ES. Since then, the “electronic state” has been actively developing in Russia.

In 2011, the President ordered the executive authorities to switch to electronic document management within the structures. By June of that year, all officials were provided with EDS. The program was financed by federal budget. In 2012, electronic document management began to work in all executive authorities of the Russian Federation without exception.

After these transformations, two questions were acute. First, EP was not universal. For each goal, a new signature had to be obtained. Secondly, some crypto providers were not compatible with others, which put their clients in a difficult position. Therefore, since 2012, a global process of unification in the field of electronic document management has begun. Thanks to what we have modern universal signatures and software.

EDS Signature: 5 Benefits and 6 Uses!

Many entrepreneurs do not yet apply in their economic activity EPC. In many ways, the reason for this is elementary ignorance of all its capabilities and advantages. Using an electronic format to sign documents, subjects entrepreneurial activity(IP, LE) receive the following benefits:

  1. Documents are maximally protected from falsification.

Since the computer is very difficult to deceive. In this case, the human factor is completely excluded. After all, you can simply not notice that the signature under the document is different from the original. An electronic signature cannot be forged. This requires very large computing power, which is almost impossible to implement at the current level of development of devices, and a lot of time.

  1. Optimization, acceleration and simplification of workflow.

Complete exclusion of the possibility of data leakage or loss of important papers. Any copy certified electronic identifier, is guaranteed to be received by the addressee in the sent form: no extraordinary circumstances can cause damage to it.

  1. Reduction of costs due to refusal of paper carriers.

For small firms maintaining documentation in paper form was not burdensome, which cannot be said about large enterprises. Many of them had to rent separate premises, warehouses for storing documents for 5 years. In addition to the cost of paper, printers, ink, stationery, rent was added! In addition, depending on the field of activity, some companies could reduce costs by reducing the number of employees who were involved in documents: receiving, processing, etc. The need to recycle paper has also disappeared: for certain types organizations whose activities are related to confidential information, even this line of expenses turned out to be significant. The process of destroying documents under the EDS is a few clicks with a computer mouse.

  1. The format of papers signed by ES fully complies with international requirements.
  2. There is no need to obtain a separate signature to participate in bidding or submit reports to regulatory authorities.

You can get an ES, which will allow you to use it at all necessary sites.

Before proceeding to the consideration of the question of how to obtain an electronic signature, we list all possible options its use:

  1. Internal document flow. It implies the transfer of commercial information, orders, instructions, etc. inside the company.
  2. External document flow. It's about on the exchange of documents between two organizations partners in the B2B system or between an enterprise and a B2C client.
  3. Submission of reports to regulatory authorities:
  • Federal Tax Service,
  • Pension Fund,
  • social insurance fund,
  • customs service,
  • Rosalkogolregulirovanie,
  • Rosfinmonitoring and others.
  1. To gain access to the "Client-Bank" system.
  2. To participate in auctions and bidding.
  3. For public services:
  • Website of the State Service,
  • RosPatent,
  • Rosreestr.

How to get an electronic signature: step by step instructions!

Having appreciated all the advantages of using an electronic signature, you have decided to get it. And, of course, faced with a natural question: how to do it? We will answer this question with a detailed step by step instructions, which will help you quickly and easily get an EDS signature!

There are 6 steps in total.

Step 1. Selecting the type of ES.

Step 2. Choosing a certification authority.

Step 3. Filling out the application.

Step 4. Payment of the invoice.

Step 5. Collecting a package of documents.

Step 6. Obtaining an EDS.

Now let's talk about each step in more detail!

Step 1. Choice of view: to each his own!

The first step to obtaining an electronic signature is choosing its type. According to federal laws, the following types of EDS are distinguished:

  1. Simple. It encodes data about the owner of the signature, so that the recipient of the paper is convinced who the sender is. It does not protect against forgery.
  2. Reinforced:
  • unqualified - confirms not only the identity of the sender, but also the fact that no changes were made to the document after signing.
  • qualified - the most secure signature, the legal force of which is 100% equivalent to that of an ordinary signature! It is issued only in those centers that are accredited by the FSB.

IN Lately more and more customers want to get an enhanced qualified signature, which is quite reasonable. Like any other “keys” that provide access to private information or financial transactions, fraudsters of various categories hunt for EDS. Analysts believe that over the next 10 years, the first two species will simply become obsolete. The choice depends on the use of the EDS. To make it easier to make a decision, we have compiled the data in a table, it will help you make a choice and stop at a specific necessary and sufficient form.

Scope of application Simple Unskilled qualified
Internal document flow + + +
External document flow + + +
Arbitration court + + +
Website of the State Services + - +
Supervisory authorities - - +
Electronic auctions - - +

If you are going to get an EDS signature for the convenience of reporting, you will have to apply for a qualified one. If the goal is document flow at the enterprise, then it is enough to get a simple or unqualified signature.

Step 2. Certification Authority: TOP-7 largest and most reliable companies!

A certification authority is an organization whose purpose of functioning is to generate and issue electronic digital signatures. A CA is a legal entity whose charter specifies the relevant type of activity. Their functions include:

  • issuance of EDS;
  • providing a public key to everyone;
  • blocking the electronic signature, in the event that there is a suspicion of its unreliability;
  • confirmation of the authenticity of the signature;
  • mediation in case of conflict situations;
  • provision of all necessary software for clients;
  • technical support.

On this moment About a hundred such centers operate on the territory of the Russian Federation. But only seven are industry leaders:

  1. EETP is the market leader electronic trading RF. The company's activities are highly diversified, which does not prevent it from occupying leading positions in each segment. In addition to organizing and conducting auctions, he is engaged in the sale of property that is not selling well, teaches the features of participation in auctions, forms and sells EDS.
  2. Electronic express is the official operator of electronic document management of the Federal tax service. It has a full set of licenses (including the FSB license).
  3. Taxnet - develops software for electronic document management. Including is engaged in the creation and implementation of EDS.
  4. Sertum-Pro Kontur - the company deals with certificates of electronic signatures. In addition, it offers many convenient additional services for its customers, which will significantly expand the possibilities of ES.
  5. Taxcom - the company specializes in external and internal document management of companies and reporting to various regulatory authorities. For this, appropriate software is being developed and electronic signatures are being created. It is on the list of official data operators from cash registers.
  6. Tenzor is a giant in the world of document management in telecommunications networks. It provides a full range of services: from the development of complexes for automating the workflow at enterprises to the creation and implementation of electronic signatures.
  7. National certification center - develops and sells various EDS certificates, offers customers software for generating and submitting reports to all government bodies.

Choose a CA depending on your capabilities and location. It is important to check whether there is a point of issue of ready-made electronic signatures in your city. This is fairly easy to find out by visiting the official websites of the companies.

If for some reason you are not satisfied with the centers from our TOP-7 list, then you can use the services of other companies. A complete list of accredited CAs can be found on the website www.minsvyaz.ru in the "Important" section.

Step 3. How to get an electronic signature: fill out an application!

The choice is made, now you know exactly what you want, so it's time to apply to the certification center. This can be done in two ways: by visiting the company's office or by filling out an application on its website.

Sending an application remotely will save you from a personal visit. The application contains a minimum of information: full name, contact phone number and e-mail. Within an hour after sending, an employee of the CA will call you back and clarify the necessary data. In addition, he will answer all the questions that interest you and advise which type of EDS to choose for your case.

Step 4. Paying the bill: money in advance!

You will have to pay for the service before you receive it. That is, immediately after the application is accepted and the details are agreed with the client, an invoice will be issued in his name. The cost of an EDS varies depending on the company you applied to, the region of residence and the type of signature. It includes:

  • generating a signature key certificate,
  • software necessary for creating, signing and sending documents,
  • customer technical support.

The minimum price is about 1500 rubles. The average is 5,000 - 7,000 rubles. The cost of one ES may be lower than 1,500 rubles, only if signatures are ordered for a large number employees of one company.

Step 5. Documents for obtaining an EDS: we form a package!

When forming a package of documents, it is essential which subject civil law acts as a customer: an individual, a legal entity or an individual entrepreneur. Therefore, we will consider documents for obtaining an EDS separately for each category.

Individuals must provide:

  • statement,
  • passport plus copies
  • individual taxpayer number,
  • SNILS.
  • Receipt of payment.

Submit documents to the CA confidant the recipient of the electronic signature. To do this, you need to issue a power of attorney.

To obtain an EDS, a legal entity will have to prepare:

  1. Statement.
  2. Two certificates of state registration: with OGRN and TIN.
  3. Extract from the register of legal entities. Important! The extract must be "fresh". Each certification authority has its own requirements for this.
  4. Passport plus a copy of the person who will use the ES.
  5. SNILS of the employee who will use the EDS.
  6. If the signature is issued for the director, then you need to attach an order of appointment.
  7. For employees who are lower in the hierarchical ladder of the company, you will have to issue a power of attorney for the right to use the EPC.
  8. Receipt of payment.

Documents for obtaining an EDS by individual entrepreneurs:

  1. Statement.
  2. Registration certificate with OGRNIP number.
  3. Certificate with TIN.
  4. Extract from the register of entrepreneurs, issued no earlier than 6 months ago, or a copy certified by a notary.
  5. Passport.
  6. SNILS.
  7. Receipt of payment.

Confidant individual entrepreneur can pick up an electronic digital signature in the presence of a power of attorney and a passport. When submitting an application in electronic form, documents are sent to the CA by mail, and during a personal visit, they are submitted simultaneously with the application.

Step 6. Getting a digital signature: the finish line!

Documents can be obtained at numerous points of issue, which are located throughout the country. Information about them can be found on the official website of the UC. Usually, the term for obtaining a signature does not exceed two to three days.

Delay is possible only on the part of the customer, who did not pay for the services of the certification center on time or did not collect all the necessary documents. Please note that you need to get an extract from the unified state register Individual entrepreneur or legal entity, as this process takes 5 working days! Some CAs provide the service of urgent issuance of EDS. Then the whole procedure takes about one hour. Now you know how to get an electronic signature.

Important! The EP is valid for one year from the date of its receipt. After this period, it will need to be renewed or a new one obtained.

Do-it-yourself digital signature: the impossible is possible!

In fact, creating an electronic signature on your own is quite realistic. If you have the appropriate education, you can thoroughly understand what an electronic digital signature is and stock up with invincible enthusiasm. True, we should not forget that we will not only have to generate a cryptographic sequence, we also need to develop and write the appropriate software. A natural question arises: why do this? Moreover, the market is full of ready-made solutions! For large companies it is also not profitable to “mess around” with the independent development of an electronic signature, since you will have to hire a staff of new employees in the IT department. And in the article

Popular
Categories

2023
newmagazineroom.ru - Accounting statements. UNVD. Salary and personnel. Currency operations. Payment of taxes. VAT. Insurance premiums