23
June
2016

eIDAS, online transactions and electronic signature

Léonie CAPOBIANCO
0 commentaires
Avis d’expert

The dematerialization of business processes is a long-term technological revolution that national and European legislators are trying to facilitate, without always being able to keep pace. The entry into force on July 1st, 2016 of the European Union’s eiDAS regulation could mark the beginning of a new era of digital trust and a harmonized online market at European level.

But concretely, at the scale of companies’ life, what will be affected by this regulation ?

As early as 1999, the European Parliament focused on securing and harmonizing the electronic market. It was at this time that a directive was issued to the Member States to legislate. Then each State transposed the directive’s end goals into his own rules. All thoses transpositions have resulted to the creation of the basis for a complete heterogeneity in the way of “making the electronic signature” and thus the value conferred. The lack of legal value of new tools such as timestamps, electronic signatures and server certifications have therefore begun to creat issues such as : security, opposability of dematerialized acts or the mutual recognition of other Member States.

A transnational legal value

In cross-border transactions, the value attributed to the electronic signature and the timestamp was determined on the basis of a completely harmonized application. In many cases, each contractor defends the specific rules of his territory, or the one that considers the most practical, financially advantageous or the most secure, while applying itself to the realization of evidentiary conventions and enforcement clauses because of the absence of homogeneous regulation. So many legal risks that could weigh heavily in the balance : in the event of disputes, if the value of an electronic signature is not recognized in one of the two countries concerned, the financial impact can be extremely important. To avoid negotiations and eliminate the legal risk, many contracts are still on paper, with all the constraints that this entails : storage, management, risk of losses, loss of productivity, less commitment of clients in B2C, etc.

3 level of signature

In response to the obligation of harmonized European markets, eiDAS (Electronic Identification, Authentication and Trust Services) clearly defines the statue of trusted services. Each trusted service provider is therefore subject to checks in order to be recognized on an European scale. The regulation also defines three levels of signatures: simple, advanced and qualified. Each level meets specific normative requirements.

Behind these three levels of signature, one of the main issues is the identification of the signatory. The eiDAS regulation determines the technical specifications and procedures that ensure a valid identification scheme and attain complete electronic dematerialization of these electronic identification processes. The text also makes it possible to manage remotely or in the Cloud by the PSCo the cryptographic keys necessary for the identification of each, which can be activated, for example, by sending authentication codes by telephone (activation of the keys by SMS code at Disposable). The management of those keys is a particularly sensitive task, trusted services must be defined and certified according to the criteria laid down in the Regulation (establishment of a confidence label).

Recognition of the server cache

The other major change brought about by this regulation is the recognition of the electronic stamp. This tool is a form of signature for legal entities, like the ink stamps that have always been used in companies. A cachet server that had, until now, no validity and whose value is already recognized for the dematerialization of invoices.

By harmonizing and securing electronic exchanges in the union, the eiDAS regulation accelerates their use, thus enabling European companies to gain competitiveness and introduce a major breakthrough by introducing remote management of qualified signing devices . For individuals, this evolution translates into an improved customer experience and a further step towards the complete dematerialization of identification processes and documents.

Faten Zerelli – Head of Legal

Leave a Reply

Your email address will not be published. Required fields are marked *

Test Universign