ID Certificates (SMIME)



Similar documents
How to check if I care for the safety of my Clients?

Certum QCA PKI Disclosure Statement

Guide to Obtaining Your Free WISeKey CertifyID Personal Digital Certificate (Personal eid) WISeKey 2010 / Alinghi 2010 Smartcards

Extended SSL Certificates

User guide. procertum SmartSign 6.0 Version Unizeto Technologies SA -

BEGINNERS GUIDE BEGINNERS GUIDE TO SSL CERTIFICATES: MAKING THE BEST CHOICE WHEN CONSIDERING YOUR ONLINE SECURITY OPTIONS

Secure User Guide

Securing your Online Data Transfer with SSL


Guide to Obtaining Your Free WISeKey CertifyID Personal Digital Certificate on Aladdin etoken (Personal eid)

Using etoken for Securing s Using Outlook and Outlook Express

Securing your Microsoft Internet Information Services (MS IIS) Web Server with a thawte Digital Certificate thawte thawte thawte thawte thawte 10.

Setting up secure communication with Ericsson. Guideline for Ericsson partners

Receiving Secure from Citi For External Customers and Business Partners

Extended Validation SSL Certificates

The system is available to the holders of Medicover cards entitled to examinations and consultations in Medicover Centres.

SSL Certificates: A Simple Solution to Website Security

HOW IT WORKS E-SIGNLIVE 1 INTRODUCTION 2 OVERVIEW

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

Personal Secure Certificate

Understanding Digital Certificates & Secure Sockets Layer (SSL): A Fundamental Requirement for Internet Transactions

Options for encrypted communication with AUDI AG Version of: 31 May 2011

beginners guide Beginners Guide Certificates the best decision when considering your online security options.

Best prac*ces in Cer*fying and Signing PDFs

Future directions of the AusCERT Certificate Service

ENTRUST CLOUD. SSL Digital Certificates, Discovery & Management entrust@entrust.com entrust.com

Secured Signing for Documents

BEGINNER S GUIDE TO SSL CERTIFICATES: Making the best choice when considering your online security options

SECURE USER GUIDE OUTLOOK 2000

Secure FAQs for External Stakeholders

Remember, this is not specific to your address alone... the METHOD you retrieve your is equally important.

U.S. Bank Secure Mail

10 Tips for Selecting the Best Digital Signature Solution

PrivaSphere Gateway Certificate Authority (GW CA)

Online Banking Security Guide Internet-based version

Gain a New Level of Trust with Extended Validation SSL Certificates

Beginner s Guide to SSL Certificates

Evaluate the Usability of Security Audits in Electronic Commerce

Digital signature Solution for the Secure Electronic invoicing application

Appendix A: Encrypting a File and / or Message

Guide for Securing With WISeKey CertifyID Personal Digital Certificate (Personal eid)

Secure Frequently Asked Questions

Installing your Digital Certificate & Using on MS Out Look 2007.

The Impact of Extended Validation (EV) Certificates on Customer Confidence

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

Guidelines Related To Electronic Communication And Use Of Secure Central Information Management Unit Office of the Prime Minister

Digital Signatures for Form 8879 and Engagement Letters. Revealing the Truth about Client Portals and File Sharing Systems

SSL Certificates 101

Realfax Service User Manual Version 4

Requiring Digital Signatures and Certificates

WHITE PAPER. The latest advancements in SSL technology

HomeConvenience.com. Creating Trust Online CASE STUDY. Comodo Identity and Trust Assurance Suite. Content Verification Certificate.

Secure Data Exchange Solution

BEGINNERS GUIDE TO SSL CERTIFICATES: Making the BEST choice when considering your online security options

Quick Start Guide to Logging in to Online Banking

User Guide May Using Certificates in Outlook Express

Understanding Digital Certificates & Secure Sockets Layer A Fundamental Requirement for Internet Transactions

PKI Contacts PKI for Fraunhofer Contacts

DIGIPASS CertiID. Getting Started 3.1.0

Frequently Asked Questions. Frequently Asked Questions SSLPost Page 1 of 31 support@sslpost.com

HMRC Secure Electronic Transfer (SET)

GlobalSign Malware Monitoring

Understanding Digital Certificates and Secure Sockets Layer (SSL)

Inside Electronic Signature APIs

How To Validate a Digitally Signed PDF document. [7 th September 2006] SECURITY TRUST COMPLIANCE REGIONALITY

The Benefits of SSL Content Inspection ABSTRACT

Using Voltage Secur

FREQUENTLY ASKED QUESTIONS (FAQs) on BARODA CONNECT

EMA esignature capabilities: frequently asked questions relating to practical and technical aspects of the implementation

Business Issues in the implementation of Digital signatures

Creating Trust Online TM. Identity & Trust Assurance in a changing standards environment. *(Extended Validation)

Realize Greater Profits As An Authorized Reseller Of Network Solutions nsprotect Secure SSL Certificates

Web Presence Security

You re FREE Guide SSL. (Secure Sockets Layer) webvisions

Welcome to ECBuzz.com! Please go through this document carefully to make the experience of owning and using a website an enjoyable one.

White paper. How to choose a Certificate Authority for safer web security

Certification Practice Statement of CERTUM s Certification Services

User Guide Using Certificate in Microsoft Outlook Express

Sending s without the risk! Secure Communications with Rohde & Schwarz

SecureStore I.CA. User manual. Version 2.16 and higher

GlobalSign Digital IDs for Adobe AIR Code Signing

Adobe PDF for electronic records

Malware Monitoring Service Powered by StopTheHacker

Ships & Offshore Structures

Instructions Microsoft Outlook Express Page 1

Why Use Electronic Transactions Instead of Paper? Electronic Signatures, Identity Credentialing, Digital Timestamps and Content Authentication

Understanding Digital Signature And Public Key Infrastructure

Security Digital Certificate Manager

Chapter 6 Electronic Mail Security

Guidance for the verification of qualified digital signatures following Swiss signature law

6. Is it mandatory to have the digital certificate issued from NICCA? Is it mandatory for the sender and receiver to have a NIC id?...

Wakefield Council Secure and file transfer User guide for customers, partners and agencies

Information Security

Transcription:

ID Certificates (SMIME) Reliability on the Internet Technology, security and usage www.certum.eu

CONTENTS Introduction I. ID Certificates in a nutshell... 1. What is an ID Certificate?... 2. What is a non-qualified certificate?... 3. ID certificate types... 4. ID certificate characteristics - reliability and security guaranteed... II. ID Certificates step by step... 1. How to choose an appropriate ID Certificate... 2. How and where to buy it... 3. How to activate it... 4. How to renew an ID Certificate... III. Usage of ID Certificates... 1. How to use ID Certificates... 2. Recognition of certificates in Adobe programs... IV. ID Certificates mean security and reliability... 1. Be trustworthy on the Internet, take care of your identity... 2. Why are ID Certificates worth using?... 3. Benefits of ID Certificates... V. Additional information... CERTUM security... WebTrust SM/TM... About Unizeto Technologies... 3 4 4 4 4 4 5 5 6 6 7 7 7 8 9 9 9 10 11 11 11 12 2 www.certum.eu

Introduction The belief about remaining anonymous on the Internet has become universal. As much as it has its advantages in terms of promoting freedom of speech, however, everyday business electronic correspondence should represent the highest level of reliability. Official business contacts or even a matter-of-fact Internet discussion require verification of the author s identity. Moreover, lack of it translates into actual financial and image loss resulting from cyber attacks or typical fraud activities. The said belief about remaining anonymous on the Internet is an exaggeration to a great extent, and does not translate into reality. Today s web-specialists are able to track computers and authors of specific content. The whole procedure, however, requires huge financial and logistical input. Everyday email correspondence cannot be subject to such verification procedures. Therefore, we tend to trust the person at the other end, while their intentions quite often happen to be unfair. How can we protect ourselves against them? The answer is quite simple. It s enough to take advantage of available technology, e.g. non-qualified certificates issued by trusted Certification Authorities, such as CERTUM. If public administration bodies appreciated such solutions, there would be no slip-ups with e-mail scamming. Another example is the media. They could benefit from this technology and prevent mistakes, as well as the subsequent questioning of their competence by the public. However, the greatest benefits of ID Certificates are for enterprises. They become trusted business partners and can freely conduct negotiations with no doubts from the other party, and no necessity to further verify their identity. With ID Certificates being more and more common, the below funny image by an American graphic artist could be thrown onto the rubbish heap. On the Internet no one knows that I m a dog (P. Steiner, The New Yorker 1993) www.certum.eu 3

I. ID Certificates in a nutshell 1. What is an ID Certificate? An ID Certificate (SMIME) is a trusted non-qualified certificate. This solution constitutes a kind of electronic identity card, comprising a set of specific identity data certified by a reliable third party and aligned with a specific pair of cryptographic keys. Not only does a certificate of this type confirm the sender s reliability, but it also ensures the authenticity of transmitted data and its unchanged form. 3. ID Certificate types CERTUM offers three types of ID Certificates: Basic ID Basic certificate for signing and encrypting e-mails and files. It is issued automatically within 15 minutes of e-mail address verification. Professional ID This certificate is used for e-signing of trade and business documents (e.g. bids and contracts) and authentication of e-invoices. Enterprise ID This certificate is used for signing documents of special importance for the company by senior executives and management. 4. ID certificate characteristics reliability and security guaranteed Each of the available ID Certificates guarantees: 1 2 3 confidentiality Integrity Reliability Data protection against disclosure to unauthorised persons Data and electronic document protection against changes Identity authentication in the digital world ID Certificates constitute the foundations of secure business relationships on the Internet. 4 www.certum.eu

II. ID Certificates step by step 1. How to choose an appropriate ID Certificate A wide range of ID Certificates is available. When choosing a specific solution one should take into account the key factor, i.e. the verification level and application the certificate will be used for. Basic ID Certificate Professional ID Certificate Enterprise ID Certificate Target users natural persons sole proprietorships small businesses Medium-sized businesses public administration offices corporations electronic banking e-health financial and insurance institutions Usage sender s reliability information certainty electronic mail encryption electronic mail signing access to on-line systems via WWW login to applications reliable authentication of the certificate holder on the Internet The Professional ID certificate is applied in the same manner as the Basic ID Certificate. Additionally, the application of the Professional ID certificate has been extended with: advanced electronic signature signing of PDF documents possible installation in HSM devices The Enterprise ID Certificate is applied in the same manner as the Professional ID Certificate. Additionally, the application of the Enterprise ID certificate has been extended with: electronic signature as a part of the e-invoice services Holder's details in the certificate E-mail address E-mail address Name and Last Name and/or company s name E-mail address Name and Last Name and/or company s name www.certum.eu 5

2. Where to buy it? You can buy an ID Certificate: Directly from the CERTUM on-line store In Regional Registration Centres In Partner Centres Purchasing from the CERTUM on-line store is very easy. Select the Order option on the www.certum.eu website (Product menu/id Certificates option) and you will be directed to the store s website. You can also take up the available offer with a chosen partner. Each product in the CERTUM on-line store is appropriately described. For verification purposes you need to read detailed information on specified product capabilities, applications and technical requirements. Then you need to select a desired certificate expiry period. Once it s done, proceed and place an order. This requires having a store account. Lack of one is not a problem as the system guides the user throughout the registration process. 3. How to activate it? In the case of placing the order at the on-line CERTUM store, the information on this fact is sent to the e-mail address provided in the order form, and the Activation Code is available in your account: Your account / certificate activation. Then select the Certificate activation option from the list and click: Activate. The next step is proceeding to the ID Certificate generation process, which consists of: choosing a delivery method for the keys for the certificate generating a key pair recommended option (creating a pair of keys within the browser store or operating system) CSR (Certificate Signing Request) request for signing the certificate generated by the software which the ID Certificate will be installed on entering certificate data in the form verification of data entered in the form (Note: after activation changing data in the issued certificate will not be possible) confirmation of the declaration authentication of access to e-mail account by clicking the authentication link, which is sent during the certificate activation procedure to the e-mail address indicated by the client in the on-line form. sending of documents confirming identity / corporate documents; depending on ID Certificate type After successful verification of all information sent to CERTUM a message about the issue of the certificate will be sent to the e-mail address provided in the order form. 6 www.certum.eu

4. How to renew an ID Certificate In the ID Certificate renewal process it is possible to use the same channels as when certificates were purchased, guided by tips on the www.certum.eu website. Renewal takes place before the Certificate s expiry date. Non-qualified certificate renewal enables the prolonging of the certificate s expiry period with all the data included in the Certificate being maintained. You can renew a certificate that has not yet passed its expiry date. III. Usage of ID Certificates 1. How to use ID Certificates Electronic mail ID Certificates can be used to sign and encrypt electronic correspondence. This guarantees the reliability and security of emails sent. A recipient has certainty as regards the email s origin, and its contents will be protected against cyber criminals. The list below presents email programs that recognize certificates issued by CERTUM PCC as trusted: Email programs Microsoft Outlook 2003, 2007, 2010 Mozilla Thunderbird 1.0+ Apple Mail Microsoft Outlook Express Windows Live Hotmail The Bat 1.62+ www.certum.eu 7

Signing of documents: An electronic signature based on non-qualified CERTUM certificates can be added via free-of-charge tools: procertum SmartSign - software installed on the user s PC. WebNotarius - application available on-line; popular solution for e-signature in the cloud. WebNotarius offers the following advantages: Verification - immediate verification of electronic signatures and public key certificates issued by all Certification Authorities within the European Union. Signing - a safe environment for adding electronic signatures, available via Web browsers without the installation of additional software. The free-of-charge WebNotarius service has certain limitations compared to the commercial version. Unizeto Technologies also offers a tool for free signing of documents up to 2 MB, saved in PDF files. https://www.webnotarius.eu E-signatures are compliant with the PadeS standard, meaning that the signature is visible after opening the document in standard PDF file readers (e.g. Adobe Reader). 2. Recognition of certificates in Adobe programs Documents with an electronic signature are most often sent in PDF files, and the Adobe software is used to handle them. The Adobe Reader and Adobe Acrobat producer, in order to allow users easy verification of the electronic signatures contained in documents, maintains the Adobe Approved Trust List (AATL) of trusted Certification Authorities. Based on the list, a message about the validity of the signature is displayed with a green assessment symbol, contrary to information on an unknown certificate issued by a supplier outside of the group of verified Certification Authorities. CERTUM is the first Polish company added to the exclusive AATL list of trusted certificate suppliers. All e-signatures made by Certum clients are automatically recognized and displayed as trusted in PDF files read by Adobe programs. Therefore, the recipients of such documents all over the world are provided with a clear and explicit message in the upper address bar of the document stating that the electronic document meets the highest quality and security standards. 8 www.certum.eu

IV. ID Certificates mean security and reliability 1. Be trustworthy on the Internet, take care of your identity Be trustworthy on the Internet, take care of your identity. Use electronic ID. An ID Certificate is similar to a traditional document confirming your identity, proving your identity on the Internet and simplifying many of the usual activities performed on-line. Each certificate contains a set of identification data - confirmed by a Trusted Third Party and linked to a specified pair of cryptographic keys. In other words, the ID Certificate is your ID card on the Internet. It allows you to do the following: send e-mails without any risk log in to the on-line systems via WWW electronically sign business and trading documents that are of significant value to the company For your clients this will be proof of your business reliability. 2. Why are ID Certificates worth using? To answer the question Why are ID Certificates worth using? we can use only two words: reliability and cost-effectiveness. Reliability Today, reliability is the basis of all business and development of market relationships. This is one of those things that cannot be bought. It is worth remembering that the increasing popularity of the Internet means a growing number of threats which can damage your meticulously-built reputation for reliability. One careless moment, or an attack by a hacker can destroy everything in a matter of seconds. Cost-effectiveness This term encompasses the money that a company can lose in the event of interception of its confidential data or deterioration of the company s image, as well as money saved on business trips. Verified electronic correspondence can decrease the need for business trips. www.certum.eu 9

ID Certificates are worth using because: Our e-mail address can be taken over by a virus or a spammer, or even by a malicious friend. E-mail scamming has become common, and you cannot be sure that a message has come from a genuine sender. However, a digitally signed letter cannot be forged. A digitally signed message is treated more seriously by the recipient. If you are running any business activity on the Internet, a digital signature is essential. A digital signature also allows for easy message encryption. No need to install any additional applications, like PGP, or download keys from web pages. If the sender has a certificate and sends a message signed with this certificate to you, you can then encrypt messages sent back to them. That s all. This means that if you have a digital signature, all of your contacts can send encrypted messages to you simply by clicking the Encrypt button in the e-mail program. This is a global solution. An e-signature verified by means of the non-qualified CERTUM certificate will be recognized as trusted throughout the world. It ensures document and e-mail encryption, meaning that confidential data can be accessed only by specified people. It facilitates using single sign-on systems. It ensures reliable authentication over the Internet 3. Benefits of ID Certificates Thanks to the ID Certificate you get: safe electronic correspondence, guaranteed by a known sender reliable identification on the Internet protection of your and your company s reputation protection of intellectual property trust of clients guarantee of safety for sent messages possibility to authorize PDF documents and e-invoices possibility to access the application and on-line systems via WWW 10 www.certum.eu

V. Additional information CERTUM security CERTUM Certification Authority, being a part of Unizeto Technologies S.A. guarantees the highest level of all offered certificates. We are an Internet security leader in Poland. CERTUM is the largest Certification Authority in Poland, operating for the longest period of time. We serve clients from over 50 countries. As the only ones in Poland, we are among the major worldwide- trusted Certification Authorities (CA) and Adobe Approved Trusted List (AATL) providers. We employ state-of-the-art technologies. We build reliability all over Europe. Our WebNotarius service is employed, among others, by Norway, which verifies in the cloud e-signatures and certificates from other countries, especially from the European Union. WebTrust SM/TM Our products guarantee our clients the highest level of security. CERTUM has WebTrustSM/TM seals for all its services related to e-signatures:»» WebTrust SM/TM seal for qualified services and certificates,»» WebTrust SM/TM seal for ordinary (non-qualified) services and certificates,»» WebTrust SM/TM Extended Validation seal for EV SSL certificates. For qualified certificates For EV SSL certificates For non-qualified certificates The WebTrustSM/TM seal, recognized worldwide, is awarded to trustworthy certification authorities which have passed a rigorous audit control. Therefore, users can be sure that the highest standards of Internet security, confidentiality of data processed, as well as safety of communication and e-commerce operations are met. www.certum.eu 11

About Unizeto Technologies Unizeto Technologies S.A. is the owner of the CERTUM brand. We have been operating in the IT sector since 1965. The Unizeto offer products, services and solutions dedicated for the public administration, social insurance, healthcare, business and private sectors. Main segments of business activity oscillate between: Electronic signature, (leader in the market of certification services and solutions related to the electronic signature and PKI), Database Centre (gathering, archiving and processing confidential data and documents provided by clients) and Mass Correspondence Centre, aimed at improving, streamlining and reducing the costs related to corporate correspondence, both in paper and electronic forms. Our company also includes the Software Factory, designing Web&Mobile applications. SZCZECIN KOSZALIN Office in Warsaw ul. Krzywickiego 34 02-078 Warszawa phone +48 22 5258 601 fax +48 22 5258 620 warszawa@unizeto.eu Unizeto Technologies SA ul. Królowej Korony Polskiej 21 70-486 Szczecin phone +48 91 4801 201 fax +48 91 4801 220 info@unizeto.eu Service Center ul. Bajeczna 13 71-838 Szczecin szczecin@unizeto.eu WARSZAWA LUBLIN KATOWICE Registration points Partner Points Office in Lublin ul. Kowalska 5 20-115 Lublin phone +48 81 5366 901 fax +48 81 5366 920 lublin@unizeto.eu Office in Katowice ul. Modelarska 12 40-142 Katowice phone +48 32 6069 801 fax +48 32 6069 820 katowice@unizeto.eu Office in Koszalin ul. Morska 35 75-212 Koszalin phone +48 94 3419 701 fax +48 94 3419 720 koszalin@unizeto.eu 12 www.certum.eu

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information