Poland
Germany
France
RussiaComarch SOPEL
Comarch SOPEL (Electronic Signature Support System) provides complete implementation for secure qualified electronic signature verification equipment and secure electronic signature submission software. Both comply with the Law on Electronic Signatures.
Implementing the system delivers all the benefits of electronic contact with customers and partners while providing the following security features:
- Undeniability – the addressee cannot deny that the message or information has been sent
- Consistency and Correctness – it is easy to detect any changes made by unauthorized people to messages or information.
The electronic signature is especially useful where there are large numbers of anonymous or occasional electronic contacts, or where it is necessary to store documents as evidence.
The signing component’s separation from the cryptographic key storage
Comarch SOPEL System Features
- Full compliance with the legal requirements for electronic signatures
- Full compliance with the technical requirements arising from the orders pursuant to the Law on Electronic Signatures
- Can work with cryptographic hardware devices (HSM – Hardware Security Modules)
- Has interfaces for the most popular programming languages: C/C#/Java
- Supports a variety of cryptographic key and certificate formats (X.509v3, PGP).
The main task performed by the system modules is to support employee document and form signing. Employees achieve this by using their private keys with optional time stamping. The model is implemented in such a way that it can sign information using private keys connected with any certificate of the x.509v3 standard stored in the Certificate System Store in Windows. Basing the module on the Windows CryptoAPI library makes it independent of the place and mode of storing the private key that is linked to the certificate’s signatory. This means that, provided the hardware is compatible with Microsoft CSP (Cryptographic Service Provider) technology, the modules can use any hardware token or microprocessor card that is storing the user’s private key. The components are implemented as ActiveX (Internet Explorer) or as plug ins (Netscape, Mozilla, Firefox).
The system also enables the use of private keys located in the Hardware Security Module for signing.
Electronic Signature Verification
Two operations are performed – always in the same order – on every document reaching the system: the signature check and, if this is passed successfully, the CRL list check (Certificate Revocation List). If the tests involved in these two operations are completed successfully, the integrity of the electronic signatures supporting the documents is guaranteed.
The aim of checking the signatures is to establish the following:
- Is the signature correct according to a mathematical check?
- Was the certificate within its expiry date when it was used?
If any irregularities whatever are detected during these tests, an attempt has been made to compromise the correctness and completeness of the data processed by the system.
To ensure that the legal consequences of the declaration of will expressed using the electronic signature are certain, it is necessary to check whether the certificate (the certificate’s private key) used to execute the signature was valid at the moment of signing. Was it suspended or annulled at that moment? Is it suspended or annulled now?
Electronic Signature Verification
Follow our updates on Twitter
Watch us on YouTube
Save to AddThis.com
Connect with us on LinkedIn
