In the age of electronic business transactions, digital signatures are supposed to be equal to human signatures. For an electronic transaction to be secure and traceable, electronic signatures are used, individually or in combination, in three areas:

• Verification of the identity of the author of information: ‘Am I who I claim to be?’
• Verification of data integrity, in order to detect manipulation; and
• Confidential transmission of data (encryption), so that only the recipient can read it

These objectives are realized in technical terms by means of a ‘public key’ procedure with pairs of keys: the holder of a certificate receives one public and one private key. Using the private key, he ‘signs’ his own data. Data previously encrypted with the public key can be decrypted with the private key.

Essentially, anyone with the right technology can generate such pairs of keys. But if you want to make sure that the pairs of keys are trustworthy and valid, a neutral authority, a ‘Trust Center’, must be involved. It creates such pairs of keys using a highly secure procedure and the public key of a certificate. The private key, together with a secure unit to generate a signature - as a rule, a ‘SmartCard’ - is sent to the certificate holder. In addition, the Trust Center administers black lists where invalid or blocked private keys, such as, for example, those that have been stolen, are published. This way, the validity of an electronic signature can be verified via the Trust Center at any time.

Electronic signatures in document processing
The key function of electronic signatures in document processing is to ensure the integrity of data already created. If just 1 bit of original data is modified, any such manipulation can be uncovered by means of the signature. What used to be accomplished in the past with ‘write-once storage media’ can now be implemented in a smart way without any special storage media. The clear advantage of this is fairly obvious: whenever the momentary state of an electronic file is to be ‘frozen’, this can be achieved by signing the file. This meets the requirement of electronic archiving that files should be locked for modification. Another important benefit is the fact that a signed file can be copied as many times as necessary - thanks to the signature, the original will always be preserved.

Electronic signatures in Interact solutions
Interact Consulting was among the first companies to use this technology and integrate electronic signatures into its solutions by default. Such integration supports the use of SmartCards as well as high-speed devices, ‘Hardware Security Modules’ (HSM), which require a special certification procedure. Once installed, the devices are fully automated with respect to the intended purpose.

Process documentation
Any technology is only as good as the intended purpose for which it is used. This is also true of electronic signatures. This is why Interact has developed a standardized procedure, in addition to the technical solution, for deploying this technology in organizations. Together with our customer, we analyze the processing operations used to process documents - ranging from incoming mail to legally compliant archiving. Our standard documentation will help you define the procedures in a tamper-proof manner and render deployment transparently. What is more, our solutions generate detailed logs which document the individual processing steps of the documents during the processing operation in a legally compliant manner - of course they are also signed electronically.

Do you want to know more about this modern technology? Contact us, we will gladly advise you further.

back