Enhanced qualified electronic signature - how to get it. Differences between a qualified electronic signature and other digital signatures

It cannot be said that electronic signature has become some kind of mass phenomenon. But recently, its convenience and significant time savings have attracted the attention of many Russians. Besides new law significantly expanded the scope of use of electronic signatures.

Meaning

It is considered a set of characters attached to a document to identify the sender. The Law “On Electronic Signature”, which came into force at the beginning of 2011, allows you to use it for signing contracts, tax reporting, tax returns, etc. There is no need to stand in line at the tax office. You just need your qualified electronic signature, which is now equivalent to a handwritten signature on a legislative basis. And now company managers, officials and ordinary citizens can send documents via e-mail. We’ll talk about how to get a qualified electronic signature a little later. In the meantime, let's look at its types.

Simple signature

These are confirmation codes, passwords, logins and other means of identification. Let's look at this with an example. To use it, you must have a login and password. To make money transfers, you usually need to enter another password. That is, you identify yourself twice: when you enter your wallet and when you transfer funds. Of course, this is not the same as a qualified electronic signature, but the dominant number of Internet users use it. Go ahead.

It is practiced in cases where no special document execution is required (for example, when a lease agreement does not require a seal). The most important thing is that it is possible to verify the authenticity of this document. If it had a qualified electronic signature, then such a problem would not arise. And so you need to pay close attention to this. This type of signature is obtained by transforming information using cryptography (hashing) and allows you to identify the person to whom it belongs. Also, this type of signature using a cryptographic key should make it possible to check for changes to an already signed document. If, of course, there were any.

Enhanced Qualified Electronic Signature

To obtain it, you will need to go to a certification center accredited by the state. Only government certification confers qualified status on a signature. This signature must meet the criteria for being unqualified. In addition, a qualified certificate is required, which will indicate the verification key. This allows us to equate this type of signature to a handwritten one. The algorithm of actions in case of loss of a signature is the same as in case of loss bank card. You need to call the certification center where it was issued and ask for blocking. A qualified electronic signature is valid until the court rules otherwise.

In Russia, three types of signatures can be used in electronic document management: simple, enhanced unqualified and enhanced qualified. Let's see how they differ from each other, under what conditions they are equivalent to handwritten documents and give the signed files legal force.

Simple electronic signature, or SES

A simple signature is the familiar access codes from SMS, codes on scratch cards, login-password pairs in personal accounts on websites and via email. A simple signature is created by means of the information system in which it is used, and confirms that the electronic signature was created by a specific person.

Where is it used?

A simple electronic signature is most often used in banking transactions, as well as for authentication in information systems, for certification of documents within corporate electronic document management (hereinafter referred to as EDI).

A simple electronic signature cannot be used when signing electronic documents or in an information system that contains state secrets.

Legal force

A simple signature is equivalent to a handwritten one if this is regulated by a separate legal act or an agreement has been concluded between the EDF participants, which stipulates:

• rules by which a signatory is determined by his simple electronic signature.
• the user’s obligation to maintain the confidentiality of the private part of the PES key (for example, the password in the “login-password” pair or the SMS code sent to the phone).

In many information systems, the user must first confirm his identity during a visit to the system operator in order for his PEP to have legal force in the future. For example, to receive a confirmed account on the State Services portal, you need to personally come to one of the registration centers with an identity document.

Unqualified electronic signature, or NEP

Strengthened (hereinafter referred to as NEP) is created using cryptographic programs using the private key of the electronic signature. The NEP identifies the owner and also allows you to check whether changes were made to the file after it was sent.

A person receives two electronic signature keys from the certification center: private and public. The private key is stored on a special key medium with a PIN code or on the user’s computer.

Using the private key, the owner generates electronic signatures with which he signs documents. The public key of the electronic signature is associated with the private key of the electronic signature and is intended to verify the authenticity of the electronic signature. The public key is available to everyone with whom its owner conducts EDF.

The correspondence of the public key to the owner of the private key is specified in the electronic signature certificate, which is also issued by the certification authority. The requirements for the structure of a non-qualified certificate are not established in Federal Law No. 63-FZ “On Electronic Signatures”. When using NEP, you do not need to create a certificate.

Where is it used?

NEP can be used for internal and external EDI if the parties have previously agreed on this.

Legal force

EDI participants must comply with additional conditions so that electronic documents certified by NEP are considered equivalent to paper documents with a handwritten signature. The parties must necessarily enter into an agreement between themselves on the rules for using the NEP and the mutual recognition of its legal force.

Qualified electronic signature, or CES

Strengthened is the most regulated type of signature by the state. Just like NEP, it is created using cryptographic algorithms and is based on a public key infrastructure, but differs from NEP in the following:

• Must have a qualified certificate in paper or in electronic format, the structure of which is determined by order of the FSB of Russia No. 795 dated December 27, 2011.
• The software for working with CEP is certified by the FSB of Russia.
• CEP can only be issued by a certification center that is accredited by the Russian Ministry of Telecom and Mass Communications.

The law provides for two types of electronic signatures: simple and enhanced. The latter has two forms: qualified and unqualified.

A simple electronic signature is a combination of login and password and confirms that the electronic message was sent by a specific person.

An enhanced unqualified signature not only identifies the sender, but also confirms that the document has not been changed since the moment it was signed. A message with a simple or unqualified electronic signature can (by prior agreement of the parties and in cases specifically provided for by law) be equated to a paper document signed personally.

An enhanced qualified electronic signature is confirmed by a certificate from an accredited certification center and in all cases is equal to a paper document with a “living” signature.

In order for an electronic document to be considered signed with a simple electronic signature, one of the following conditions must be met:

1. a simple electronic signature is contained in the electronic document itself;
2. a simple electronic signature key is used in accordance with the rules established by the operator of the information system using which the creation and (or) sending of an electronic document is carried out, and the created and (or) sent electronic document contains information indicating the person on whose behalf it was created and/or an electronic document has been sent.

At the same time, the law does not specify who exactly can be the owner of a simple electronic signature key, but establishes restrictions on its use. A simple electronic signature clearly cannot be used when signing electronic documents containing information constituting a state secret, or in an information system containing information constituting a state secret.

Regulatory legal acts and (or) agreements between participants in electronic interaction establishing cases of recognizing electronic documents signed with a simple electronic signature as equivalent to paper documents signed with a handwritten signature must provide, in particular:

1. rules for determining the person signing an electronic document by his simple electronic signature;
2. the obligation of the person creating and (or) using the simple electronic signature key to maintain its confidentiality.

In turn, enhanced unqualified and enhanced qualified electronic signatures are obtained as a result of cryptographic transformation of information using the electronic signature key,

allow you to identify the person who signed the electronic document,

allow you to detect the fact of making changes to an electronic document after its signing,

are created using electronic signature tools.

A qualified electronic signature, along with the above characteristics, must meet the following additional characteristics:

1. the electronic signature verification key is specified in the qualified certificate;
2. To create and verify an electronic signature, electronic signature tools are used that have received confirmation of compliance with the requirements established in accordance with the Electronic Signature Law.

At the same time, the main difference between a qualified electronic signature verification key certificate is that it must be issued by an accredited certification center or an authorized representative of an accredited certification center.

Information in electronic form signed with a qualified electronic signature is recognized as an electronic document equivalent to a document on paper signed with a handwritten signature, except if federal laws or regulations adopted in accordance with them establish a requirement for the need to draw up a document exclusively on paper.

Quite often, current legislation establishes requirements for certain types of electronic signatures for different cases. In this regard, the choice of digital signature is very important, especially if there are some time limits or you simply don’t want to overpay for the registration of a new key. Before you receive an enhanced qualified electronic signature, you need to know exactly for what purposes it is suitable, because now there is no universal digital signature suitable for absolutely all tasks. Even a reinforced qualified ED, the most reliable and expensive to maintain, is not suitable for a number of cases.

What is the reason?

The lack of a universal electronic signature is explained as follows: it does not matter whether the document is signed with an enhanced qualified electronic signature or any other, in any case Information system must confirm the authority of the person specified in the certificate. This is only possible if it has its own identifiers. The project now has a single register, which will contain all electronic signature certificates, so that through it it will be possible to easily check whether the signature is genuine and whether the person has the necessary authority. A model of such a system already exists, but, according to experts, it is still impossible to implement it due to the technical complexity of maintaining the relevance and completeness of the registry. It depends not only on quality work specialists, but also from the conscientious work of each certification center. They must not only promptly update information, but also be responsible for its accuracy. The only way out is to obtain an enhanced qualified electronic signature with a certificate containing identifiers of all information systems.

Public services

Where can I get an enhanced qualified electronic signature? Almost all the necessary information is available on the government services portal. This electronic signature is generated using cryptography tools, which must be confirmed by the FSB Russian Federation. A special certificate is the only guarantor of its authenticity; it is issued only by accredited certification centers. If an electronic document is signed by UKEP, it has the same legal force as a paper document certified by a seal and a personal signature.

CA check

A list of accredited CAs is available on the government services website. You won’t be able to get such a certificate for free; you will have to at least buy an annual service, but the price does not exceed five thousand per year.

The state provides an equal opportunity for all citizens to obtain an enhanced qualified electronic signature. Individuals registered as individual entrepreneurs can use it to participate in bidding on electronic trading platforms along with legal entities.

Simple electronic signature

A simple electronic signature required to apply for government services can be issued by a municipal or state body, as well as organizations subordinate to them. To do this, a citizen who contacts the organization must submit an application - in person or in electronic form. The key for such a signature consists of a password that is used on the public services portal and an identifier corresponding to the pension certificate number. Such an electronic signature can only be used for free receipt public services and does not require any additional software for its use. To obtain a simple electronic signature, any citizen of the Russian Federation only needs a passport, and a representative of any organization needs, in addition to an identification document, also a document that can confirm his authority. If the application is made in person, the electronic signature is issued within one day.

UKEP

However, before you receive an enhanced qualified electronic signature, you need to contact a certification center. It must be accredited by the Ministry of Telecom and Mass Communications. This service, unlike receiving a simple electronic signature, is always paid. The cost varies from one thousand to five thousand rubles. As a rule, key maintenance is paid for immediately for a year, and after this period it must be renewed, otherwise the signature is invalid. However, documents signed using a certificate before its expiration do not lose their legal force even if stored in an electronic archive. The list of certification centers where you can obtain an enhanced qualified electronic signature is publicly available on the government services portal.

Advantages

The main advantage of this form of electronic signature is the ability to use it to receive any government services that can only be provided in electronic form. A nice bonus for UKEP owners is quick registration on the State Services portal, since you don’t have to wait for a letter with an activation code, which is usually sent through Russian Post and can take a very long time. As a rule, after it is possible to obtain an enhanced qualified electronic signature, the owner also receives a special software is a crypto provider, so purchasing and installing additional software on your computer is not required.

Possibilities

An organization can realize many useful and cost-effective capabilities once it receives an enhanced, qualified electronic signature. "Government services", submitting documents to the arbitration court, participating in auctions and, of course, electronic document management. For small companies where the transfer of documents is carried out between several persons, it is possible to use free digital signatures; many programs, including Microsoft Outlook, are equipped with this function, however, such documents do not have legal force, since it will be difficult to establish the identity of the signatory and eliminate forgery.

Before you receive an enhanced qualified electronic signature, you should know that it is a necessary attribute for working with the government services portal, submitting reports to the tax service, for the system of electronic interdepartmental interaction and sending via the Internet any documents that must have legal force. If you have the UKEP, you can also organize an electronic archive, while the papers retain their legitimacy for a long time.

Extract from the tax authority

An enhanced qualified electronic signature is used by the tax service for processing various documents: certificates and statements. Such a document is analogous to a paper version, certified by a seal and signature. You can order an extract equipped with an electronic signature on the official website of the tax service. It should be remembered that a document signed by UKEP loses legal force if it is simply printed on paper. There is no point in printing such a record. The document has legitimacy only in its original form, in which it was sent by the tax service. You can save the statement under any name in PDF format. To transfer such a document, it must be copied to a disk, flash card, uploaded to cloud storage, or sent by email.

An enhanced qualified electronic signature confirms the authenticity of the document, so such an extract can be used for accreditation on electronic trading platforms, and can also be provided to notaries if verification of the legal capacity of legal entities is required. However, most often notaries make such a request on their own.

About document flow

After receiving an enhanced qualified electronic signature, the organization is able to conduct electronic document management. Of course, key maintenance requires an annual investment, but many companies have already appreciated the convenience of this method of transmitting documents, and it also allows you to save much more money than is spent on keys and certificates.

Firstly, electronic document management is a guarantee that no forgery will be committed in documents. If checking a regular signature on paper requires a lengthy and labor-intensive examination, then checking the authenticity of a UKEP certificate is much easier. Secondly, it saves time. The faster documents are signed, the faster transactions are completed and, therefore, the work of the entire structure speeds up, and revenue increases. In addition, the organization's costs for paper and maintenance of copiers and printers are reduced by an order of magnitude.

Statutory

Legally significant electronic document flow can be carried out both within one organization and between different organizations. When carrying out these activities, the areas of use of each type of electronic signature should be taken into account.

Article 6 of the Federal Law on Electronic Signatures establishes that all documents certified by the UKEP have legal force and are equivalent to a paper document signed in person and certified by a seal. However, there are still documents for which, in principle, there is no electronic version, therefore, in some cases, the law stipulates that the written form of the document is mandatory. Arbitration procedural legislation also establishes several exceptions to the use of electronic signatures.

Certificate issuance

Without a special certificate, the operation of the enhanced qualified electronic signature key becomes impossible. Where can I get such a certificate? This is what certification centers do.

When processing an application for a certificate, the CA is required to establish the identity of the applicant. If this is a legal entity, the CA must request documents confirming the right of this person to apply for an electronic signature certificate.

When applying to an accredited CA, the applicant must indicate the restrictions on the use of the certificate, since they will not be able to be installed later - you will have to order another certificate. The applicant also submits documents or notarized copies.

List of documents

Where can I get an enhanced qualified electronic signature? This can be done in person at an accredited certification center. It is also possible to submit documents via the Internet; in this case, copies must be notarized. The applicant must provide an identification document. For an individual, an insurance certificate from the state government will be required. pension insurance(SNILS) and INN. And for legal entities, these two documents are replaced by the main state registration number. For an individual entrepreneur You will need a registration number for the entry in the state register, as well as a certificate of registration with the tax authorities. In some cases, a power of attorney or other document is needed that can confirm that the applicant has the authority to act on behalf of another person.

Arbitration court

Introduced on January 1, 2017 new order submission of electronic documents to the arbitration court. Firstly, the method of user authorization has changed. If previously this took place directly on the “My Arbitrator” website, now the process goes through the Unified Identification and Authentication System (the so-called Unified Identification and Authentication System). Now, to submit documents electronically, each user must have access to the ESIA. Registration can be done on the website of the State Services portal. Then in the “My Arbitrator” system you need to use the login function through the government services portal. In the window that appears, you must enter the new login and password used when registering with the ESIA. It is not necessary to obtain an enhanced qualified electronic signature for the court, since users have the opportunity to send scanned copies of paper documents, but an enhanced qualified electronic signature is required if it comes to filing claims and complaints that contain an indication of interim measures. Until January 1, 2017, such documents could only be submitted in person and only in paper form.

All changes, according to the explanation of Alexander Sarapin, the project manager, are aimed at achieving maximum identification of the user who sends documents to the court. This will eliminate the possibility of forgery in submitting documents.

An electronic digital signature is an analogue of a manual signature on a document, only in the form of a digital code. It is created using a special computer program and is used to sign documents electronically. The signature is intended to confirm the authenticity of the document and its ownership by a specific person.

For example, now it is not necessary to go to the tax office and stand in line to register an online cash register. To do this, it is enough to obtain a qualified electronic signature and issue Required documents online.

In all cases when you need to sign a document remotely and send it to government agencies, a commercial organization or an individual, an electronic digital signature is used.

Types of electronic digital signature

According to 63-FZ, three types of electronic digital signature are defined:

• simple electronic signature (SES);
• enhanced electronic signature (ESS);
• qualified electronic signature (CES).

Signatures are classified according to their security level.

Can be used in electronic document management Various types signatures, depending on the requirements of the parties.

Simple electronic signature (SES)

PEP is the least secure signature, which is formed without the use of cryptographic programs. Examples of such signatures: login-password pair, SMS code. Most often, this type of signature is used when performing banking transactions, when it is necessary to identify the owner of a bank card.

Enhanced electronic signature (ESS)

The UEP is created using a cryptographic program, without introducing additional restrictions and requirements to the cryptographic system. The use of UES is limited to the scope of a specific agreement between the parties.

For example, representatives of two organizations agreed to conduct electronic document management and use a simple enhanced signature as a signature supporting the document. The UEP is formed, for example, by a cryptographic device built into Windows. To do this, the parties wrote down an agreement in which they agreed to use this cryptographic program and established the legality of the documents signed in this way.

When interacting with government agencies, an electronic signature certificate is used as an electronic signature. For example, to participate in government electronic auctions, a certificate is issued by a certification center (CA) that has received accreditation on federal trading platforms.

Qualified electronic signature (QES)

The EPC is an analogue of a “live” paper signature and in all cases confirms the authenticity of the document.

The CEP is formed by a cryptographic program, which requires special requirements from the state:

1. The cryptographic algorithm for creating a signature must comply with established standards - the adopted GOST. Requirements for the algorithm, electronic signature certificate and its structure are formed by the FSB of Russia.
2. Only certification centers (CAs) can issue CEPs and signature certificates. Such CAs satisfy a number of rather serious requirements that guarantee their reliability, and undergo an accreditation procedure by the Russian Ministry of Telecom and Mass Communications. The list of accredited certification centers is presented on the website:http://minsvyaz.ru/ru/activity/govservices/certification_authority/ .

When interacting with government agencies, as a rule, only EPC can be used. It is precisely this that meets the requirements specified in legislation at the level of federal industry-wide norms and state standards.

The CEP is also applied when registering an online cash register. Before you start working with the online cash register, you must register on the Federal Tax Service website and enter into an agreement with the fiscal data operator (FDO). To carry out these procedures, it is necessary to purchase a CEP. The requirements for obtaining are the same:

1. issued to a manager or individual entrepreneur (the signature of a deputy or accountant will not work);
2. issued by an accredited center for one year.

After you have received the CEP, you can begin registering the online cash register on the Federal Tax Service website. This can be done either independently or by contacting specialists. The registration process is quite labor-intensive and if you make a mistake, you can waste time and additional funds to buy a new one fiscal storage. As practice shows, there are always a lot of questions about connecting an online cash register, and it makes sense to outsource this to a specialist.

Formation and receipt of an electronic digital signature

In order for the user to generate digital signatures for signing documents, a special tool is issued. Depending on the type of signature, the tool for creating it varies.

In the case of PEP, everything is simple: it can be a login and password. For example, to log into online banking, this link is issued by the bank itself.

The CEP has a high degree of security and is formed as a result of cryptographic transformation of document information into a hash - a unique description that identifies the document. Using a private key issued in a single copy, the hash is converted into an electronic digital signature (digital code). The private key is issued to the user and allows him to be identified as the owner of the document. The signed document cannot be changed and has full legal force.

The private key for generating the CEP is stored on a special medium (etoken, rutoken, jacarta. Its safety must be ensured by the user.

Verification of the authenticity of the document and signature is carried out using a signature certificate, which confirms the authorship and authenticity of the document. Attached to the certificate public key– a software algorithm that allows you to open a document signed with a private key.

Thus, obtaining a CEP includes:

1. private key CEP for creating digital signature;
2. public key CEP to identify the owner of the document;
3. KEP key certificate;
4. set of additional software - certified CIPF (usually CryptoProCSP);
5. secure carrier of signature keys (JaCarta, eToken, ruToken, etc.).

Please note that different EPCs need to be purchased for different government agencies. To do this, the application for obtaining a CEP must indicate the scope of its application.

To obtain the CEP you need:

1. Select a CA based on territoriality, because CEP is received on site upon presentation of original documents.
2. Fill out and send the application to the CA.
3. Make payment according to the invoice.
4. Provide the necessary scans of documents.
5. Get CEP

What documents are required to obtain a CEP?

For an individual:
application for issuance of electronic signature;
passport of a citizen of the Russian Federation (copies of the photo page and registration page;

insurance certificate state pension insurance (SNILS).

For individual entrepreneurs:

• application for issuance of a CEP;
• certificate of state registration IP;
• certificate of registration with the tax authority (TIN);
• an extract from the Unified State Register for a period of no more than six months from the date of its receipt;
• passport (copies of the photo page and registration page);
• insurance certificate of state pension insurance (SNILS).

For legal entities:

• application for issuance of electronic signature;
• certificate of state registration legal entity(OGRN);
• certificate of registration with the tax authority (TIN);
• extract from the Unified State Register of Legal Entities;
• passport of the owner of the electronic signature (copies of the photo page and registration page;)
• insurance certificate of state pension insurance (SNILS) of the owner of the electronic signature.

The EPC is issued to the director of the organization or another person on whose behalf electronic documents will be signed.

Additionally:

If the right to sign is transferred to an authorized person, then when submitting an application to receive a CEP, a power of attorney to represent the interests of the CEP holder by an outsider is attached.

If the owner of the CEP transfers all functions for its receipt to his authorized representative, then the list necessary documentation The identity card (passport) of this authorized representative is also included.

Let's sum it up

If you plan to conduct electronic document management, then you need to sign documents using a digital signature. Which type of digital signature to use depends on the scope of application and the requirements of the parties participating in the document flow.