It seems nothing new and everyone has been using it for a long time, but when you try to get it, the certification centers give you a list of 30 possible digital signatures. And what you need is a big question.
That's all we'll try to figure out today.
And we will start with Federal Law No. 63 "On Electronic Signature", which will introduce such a concept as an electronic digital signature and what types of it (EDS) exist.
Let's run through it quickly (Electronic digital signature).
There are three types of digital signatures.
The first is a simple electronic signature (PEP).
What is it?
These are essentially PIN codes, these are any SMS messages with bank codes, including the username and password when logging in to mailboxes and on any other
The second is a non-qualified electronic signature (NEP).
This is already a signature generated programmatically, but it is used for internal or external electronic document management with an additional
agreement of the parties that both parties agree to the use of these signatures.
The third option is a qualified electronic signature, or CAP, as it is called. This is a software-generated signature that has a certificate, and this signature is legally valid without any additions.
It is this signature that we will be interested in, and we will talk about it further.
The first two are simply discarded.
What types of qualified electronic signature exist on the market at all?
There are two of them: The CAP can be generated as a file - it will be an archive that will be sent to you by email, or in some other way you will receive it, and the second option is on the token.
What's the difference?
When you have a generated file in the form of an archive, you can write it to any USB flash drive, to any medium, and thus copy your digital signature without any problems, distribute it to the masses.
In the second case, when you have it all on the token, you will not be able to copy it just like that.
And the only difference between these two options is that the digital signature on the token is slightly more secure than just a file.
So why do certification centers offer me as many as 30 types of digital signatures?
But it's not so scary.
Let's try to understand all this.
It makes sense.
What does a qualified electronic signature actually consist of, for example, for any platform?
It consists of the same CEP generated by the certification center and additionally authorized on the site, that is, you can not generate your digital signature in the certification center, and then register it on the site, so do not work. Initially, the key is issued by the bid code from the site.
The question is, is it possible to create an electronic digital signature that would work on all sites?
Potentially yes, but each site will take money for authorization from them. In other words the price may vary from site to site,
some will take a thousand rubles, and others will take two thousand rubles, and your price of an electronic digital signature will simply grow depending on the input costs that the sites will ask for - this is one time. And the second point - it does not make sense to do this for one simple
reason, that the number of sites is constantly changing. There are just more of them, new sites are created for different needs, and you will never
get a universal key "for all doors". In other words: you can get a universal key, but it will be an extremely expensive digital signature and in principle it will still not be universal. Some sites will still not be included in it.
So where can I get an electronic digital signature?
An electronic digital signature can be made exclusively at the certification center accredited by the Ministry of Communications of the Russian Federation and nowhere else.
Of course, you can order it from our partners. For example, we also have a contractual relationship with the certification authority and can issue this digital signature to you. Another question is in what form to do it. If you do it on a token, then according to 63 Federal Law, you are obliged as the CEO to come and get it yourself. If it is in the form of a file, then there is a loophole in the Federal Law that this signature can be sent to the personal mailbox of the general director, which will be specified when making the application. And in this case, it is not necessary for the general director to go to the certification center to get this electronic digital signature on purpose.
What kind of digital signature is still needed?
It all depends on your situation.
If you clearly understand what platforms you are working with, whether they are trading platforms or government platforms, then you can take a
universal key by collecting authorization for all these platforms in it.
And if you do not understand this, but you are a participant in foreign economic activity. then we recommend that you do not spend a lot of money on a universal key, but simply make an electronic digital signature authorized only on ALTA-SOFT (on the site of ALTA-SOFT).
What does this give you?
You can electronically submit your declarations (customs declarations - meaning), you can submit reports, you can use public services using this EDS and you can also register your own declarations on the website of the Federal Accreditation Service.
And that's all I have.
Choose your digital signature wisely.
Subscribe, like and share this video, it is not difficult for you, but it will be useful for someone.
All the best, bye!