BlognebulaSUITEproductivity

Everything you need to know about qualified digital certificates

By 24 January, 2018 No Comments
everything-need-know-qualified-digital-certificates

Often, many attendees of fares like the Mobile World Congress, RSA or European Banking Forum ask to know more about digital signature solutions. Nevertheless, they show unfamiliarity with the concept of a digital certificate, even though it is a fundamental element of these solutions.

It is true that it is easy to explain what a digital signature is and what its applications are since the term leads to thinking about documents and bureaucratic or administrative procedures. However, talking about digital certificates (which digital signatures are based on) inevitably involves doing so with cryptography and algorithms, a field unknown to many.

Multiple organizations, including financial institutions and banks, use Digital Certificates. Perhaps the most obvious of all is the Secure Socket Layer (SSL), which appears on web pages to ensure the protection of user data by encryption. We can see it next to the navigation bar, in the form of a padlock, to indicate that the website we are visiting is safe and that it can be trusted.

We know how valuable trust is for every organization, especially for financial institutions. However, why are digital certificates so important?

The key is in the encryption

Digital certificates are computer files that are used to provide a digital identity to a person, organization or electronic device. They are issued by recognized certification authorities (CA) and are based on asymmetric cryptography; therefore, they contain a public key and a private key. The first is available to everyone, while the second is only known by the certificate holder. Thus, the privacy of the information exchanged between two users is guaranteed.

A digital certificate contains a series of data associated with the user it identifies, such as its name, the expiration date of the certificate, a copy of the public key and the digital signature of the CA. With all these elements a digital identity is generated, which will be associated, as previously stated, with a person or a device.

The digital certificates are applied to digital signature, thus securing the identity of the signatory and protecting the information contained in the document. In addition, they can carry out authentication operations and encryption (emails, transactions, etc.).

By using digital certificates, the risk of fraud and identity theft is significantly reduced, threats that can pose a severe risk to the reputation of an organization, with significant economic losses. Repudiation is also avoided.

The high cost of expired certificates

Although digital certificates are increasingly being used, surprisingly there is a high percentage of organizations that lack control over them and ignore how many they own, when they expire, how many copies of them have been distributed or who manages them.

This lack of control can be paid dearly: according to a study by the prestigious Ponemon Institute, expired certificates can cost organizations a whopping € 21,400,000 in compliance failures, and € 12,800,000 in business continuity.

Qualified digital certificates for banks and financial institutions

nebulaSUITE enables financial organizations to issue their own qualified certificates through its CA, vinCAsign, developed in accordance with Regulation (EU) No 910/2014 of the European Parliament and the Council of July 23, 2014, on electronic identification and trusted services for electronic transactions in the internal market (eIDAS Regulation).

Through vinCAsign, organizations can create their own qualified digital certificates and seals, with the highest degree of security and legal recognition. In this way, when issuing their own certificates and managing them through nebulaCERT, banks and financial institutions gain in comfort and see their economic costs reduced.

In addition, vinCAsign allows organizations to establish a Registration Authority (RA),  issue, control, manage and revoke digital certificates. This means online product sales with legal guarantees, with the ability to close more deals in less time.

nebulaSUITE, through its CA vinCAsign, allows the issuance of different types of certificates, among others:

  • Certificate of a linked individual
  • Electronic body seal certificate for public administration
  • Certificate of physical person public employee
  • Company electronic seal certificate
  • Representative individual certificate
  • Electronic seal certificate for IoT

With nebulaSUITE it is also possible to find out how many first and third-party certificates the organization owns and monitor them through its certificate management system based on the cloud, to renew them on time and avoid economic damages and losses. The certificates are stored in a centralized system, so the renewal, revocation, and management of them are done centrally.

Besides, nebulaSUITE offers the complete digital identity cycle, providing digital signature and robust authentication, to facilitate and increase the volume of financial transactions.

Do you need more info?

If you wanted to know more about qualified digital certificates or want a better understanding of how nebulaSUITE can help banks and financial entities with the full digital identity cycle, we invite you to download our industry brief. We are sure that you will find all the information you are looking for.

Also, if you want to talk more about nebulaSUITE or request a demo to check for yourself the benefits it brings, contact us. We will be happy to assist you.

Follow us on Twitter and LinkedIn!

Leave a Reply