What is a centralised signature?

Among our digital signature services, Docuten supports using a centralised signature (that can sometimes be executed with a one-time password).

Centralised electronic signature involves centrally managing the electronic certificates used in an organisation so that the certificates operate from a single, controlled, secure repository.

Practically speaking, this means that electronic certificates are generated and stored on the server, and can used from any computer or mobile device.

Is a centralised signature legal?

Yes, with the entry into force of European Regulation No. 910/2014 on electronic signature (eIDAS), centralising keys is permitted.

Complete security is guaranteed since the certificate remains in the custody of the signatory and can only be accessed with the password with which it was encrypted.

At the time of signing, a one-time password (OTP) is sent to the signatory’s mobile device, which must be entered to complete the process.

 

What are the advantages to a centralised signature?

There are many advantages to using a centralised key:

  • Device freedom: users will always have access to electronic certificates regardless of the computer or mobile device they use.
  • Centralised control of permissions: you can limit the number of certificates to which a user has access, as well as the pages or services they can engage with.
  • Monitoring and traceability: key centralisation allows you to monitor time and location, and two-factor authentication. In addition, it offers a record of all operations carried out with electronic certificates in an organisation.
  • Fewer losses: you avoid losing certificates since they are not stored on the user’s machine.
  • Revoked, expired or destroyed certificates: handling these issues is the responsibility of the organisation since the certificates are centralised.

 

Types of centralised signatures

With a centralised signature both qualified and non-qualified certificates can be used:

  • Qualified certificates are issued by a qualified certification authority. In this case, the signature would be a qualified signature.
  • Non-qualified certificates are issued by the electronic signature platform itself. In this case, the electronic signature would be an advanced electronic signature.

With Docuten it’s possible to use both formats, but to use qualified certificates you must have our Enterprise Service (contact us to clarify any questions you have about this plan).