Archive for category Trusted third party

Added functionality in Noticeman Webservices integration

The Noticeman registered email platform generates electronic evidence both when the last mile delivery is done digitally and when delivered through a postal medium.

EADTrust contributes to the digital transformation of companies with electronic tools that facilitate the processes of the entities and reduce friction in the user experience of managing the digital evidence. In the process of continuous improvement of EADTrust, backed by its ISO 9001, ISO 20000-1 and ISO 27001 certifications, new functionalities have been added to the Noticeman trustworthy notification systems integrated by webservices, especially aimed at companies with high volumes of notifications.

With the option of “Massive Upload” and “Mail Fusion”, multiple delivery is facilitated, leaving the platform the task of merging the personalized messages with the information of the recipient database. Attachments can consist of identical documents (so you only need to upload them once) or different ones, or combinations of them.

With the same idea of ​​multiple delivery, templates are customized with parameterizable data that are obtained from the recipient database and that the platform is responsible for individualizing every message.

Templates allow the incorporation of images to make more attractive the messages to be sent . EADTrust even offers a template design service that works directly with the staff of the entity.

The tool “backoffice” collects all the information of the shipments and through its menus allows to apply filters, perform searches with several criteria and view or download the selected information (for example, according to the progress status of the notification ).

For more information contact +34 91 716 0555

How to get access to biometric information in a digitized signature

EADTrust provides Secret Key Escrow Services for biometric, digitized or graphometric electronic signatures in several specialized platforms.

The fact of the existence of this custody implies that the institution using the platforms adopts measures in order to guarantee that the biometric information is ciphered (with the public key) and included in the signed electronic documents, in a way  that ensures that this information is not freely available for the entity that uses the platform, and, therefore, cannot use it to associate it to any other document.

Thus, both the entity promoting the digitized signature system that makes use of the platform and the signers themselves are in equal conditions to exercise the right to proof  if any signature belongs to a certain person. To  verify  if any digitized signature is associated to a certain person, the litigants hire the services of a forensic document examiner that compares signatures (or other forensic computer expert analisys report  assisted by a biometric forensic analysis software).

The process begins with the suspected PDF file that includes the controversial signature, so this file must be easily available for the entity and for the signer. It will be required to identify the  Compliance Officer, Data Privacy Officer, Litigation Support or Computer Security departments in the company who know about the case and can get the file or files in which are included the questioned  signature, and request the file through the appropriate channels.

It is highly recommended to analyze the convenience of a litigation or if, on the contrary, it would be better to make any check or negotiation just in case the litigation can be avoided. Once the PDF file that includes the biometric signature is available, it is possible to carry out the following steps:

  • Prepare a mandate or a Power of Attorney of a person with legal powers within the organization, appointing the person of the entity or the expert (or document examiner) so that he/she can reach out the Trust Service Provider that custodies the private keys (EADTrust) on behalf of the organization. Likewise, if the signatory himself is the interested party he may appoint a representative, a mandatary or an expert to contact the Trust Service Provider.
  • Make a copy of the Power of Attorney and of the cititzen ID card (or any other foto ID card) of the proxy.
  • Prepare a submission in letter format that briefly describes the problem and that requests the intervention of the entity that holds the private keys (EADTrust) including the identification data of the person who will contact the entity. It is usually signed by the proxy.
  • Those who reach the entity that cutodies the private keys (EADTrust), usually do it in person or through an agreed secure digital communications procedure.
  • It is important to verify that the entity that custodies the private keys (EADtrust) holds the latest version of the software delivered by the platform developers to decrypt the biometric information using the PDF document.
  • The entity that custodies the private keys (EAD Trust) never delivers them.  It makes use of the key to decrypt the document and extract the biometry that is delivered to the applicant, but the private keys do not leave its custody.

Once the biometry is decrypted, adequate specimen of known signatures is also needed. If the evidence will be presented in court, the expert’s request is described in the Statement of Claim or in the Statement of Defence, so that in due course, the specimen of known signatures are made in presence of the pertinent Chief Court Clerk or Court officer.

If it is desired to carry out the comparative annalisys of signatures with the help of the document examiner, without proceeding with a litigation, the signer has to be contacted to create several signatures (5 or 10, as many as the expert witness recommends) in a digitizer tablet similar to the one used originally to sign, with the support of the forensic software for expert’s use.

It is possible to contact EADTrust, on the telephone +34 91 7160555 (or 902 365 612 from Spain) where they will guide you more precisely according to the entity that has managed the signatures in the PDF documents of your interest.

“Cartulary” Digital document custody service

Cartulary is a multiuser platform developed under the model SaaS and available as a “Cloud Computingg” service, and allos a fast integration with existing document management systems, to deploy Digital Trust Services.

This way, document exchange security and Records Trustworthiness are guaranteed while allowing electronic evidence management, even to the point to help present electronic records before court.
De esta forma, garantiza la seguridad de los intercambios, la confianza del archivo y la gestión de la prueba jurídica.

The technology behind Cartulary allow forensic examination of electronic documents, back Digital Evidence as a enterprise resource, help in Regulation Compliance and preserve secure document interchange and archive.

Among features, some worth mention:

  • Autentication,
  • Encryption,
  • Registry,
  • Recordability,
  • Audit tracking,
  • Integrity records,
  • Tmestamping (both as internal service or provided by a Trusted Service provider).
  • Metadata as a master record (electronic original) to provide Completness, Obliterability, Transferability

Different management levels allow to offer digital document preservation services to all kind of companies, banks, government agencies, municipalities, in a flexible and scalable way.

Can be invoked through its specific webservice to store and retrieve documents and manages a simple access method for users and citizens to compare paper copies with electronic “original” documents stored in the repository trough CSV (Código Seguro de Verificación) or SVC (Secure Verifcation Code).

Contact EADTrust calling +34 91 716 0555 to get additional information.

ISO/TR 17068:2012. Information and documentation – Trusted third party repository for digital records.

  • ISO/TR 17068:2012. Information and documentation  - Trusted third party repository for digital records.
    This standard establishes the requirements to be fulfilled by a third party service that both parties considered the guarantor of the authenticity of the documents . It is an option that is being used in other jurisdictions to exchange documents. This standard is very useful for companies which provide custodial services of electronic documents and for their customers.
  • The spanish version of the standard is UNE-ISO/TR 17068:2013 Información y documentación. Repositorio de tercero de confianza para documentos electrónicos.
  • EADTrust is the first spanish company to comply with the above mentioned standard

Key generation for handwritten electronic signature systems

EADTrust is one of the few trust service providers that has designed a special key generation and key scrow system focused in handwritten electronic signature systems.

The system allows that the signer can request in a future moment the signature verification through a method of electronic document examination and forensics, ready for court presentation.

Contact calling +34 91 716 0555