Contact

1. Registration: Fill in the standard form to send a digital certificate request. We guarantee that your data will be received and kept in highly secure conditions.
2. Requesting the digital certificate: After filling in all the required fields, you will have the opportunity to review to request, change your options, and confirm the finished request.
3. Accepting the digital certificate: The requested certificate will be issued by AlfaSign. You can accept the certificate or ask for changes of certain data if the information provided initially does not match the information in the certificate.
4. Uploading on the cryptographic device or in PKCS #12 software version
After checking and accepting the certificate, it should be uploaded on the cryptographic device or into a PKCS #12 software file, then imported into the operating system.
5. Publishing the digital certificate: After the digital certificate is accepted and uploaded into the operating system, your public key will be published and available online.
This way, the partners with which you will exchange electronically signed or encrypted documents will be able to use this key to send you secure messages that can only be decrypted using the private key that you have. Furthermore, your partners will be able to check the status of your certificate.

A digital certificate can be used to digitally sign documents, for secure online authentication, message and file encryption, and for identity checking in electronic transactions.

A qualified certificate can be obtained by filling in the request, after an identity check and, following approval, after downloading and installing the certificate on a cryptographic device or in software form.

A qualified electronic signature is a type of electronic signature that has the same legal status as a handwritten signature. It is created using a qualified electronic signature generating device and a qualified digital certificate issued by an authorised trust service provider. This guarantees the authenticity and integrity of the signed document.

A cryptographic device is a piece of hardware used to secure data using cryptographic processes such as encryption, decryption, generation and storing of cryptographic keys. These devices are key for protecting sensitive information and guaranteeing data authenticity, integrity, and confidentiality. A frequent example is the USB token or the smart card used for electronic signatures and authentication.

The validity period of a digital certificate varies with the service provider and the type of certificate, and can range from one to three years. After the expiry of this period, the certificate needs to be renewed in order to continue using it for electronic signatures and other cryptographic services.

A server certificate can protect against phishing attacks in the following ways:
1. Authentication and trust: The SSL/TLS validates the authenticity of the website, guaranteeing that the users connect to the legitimate website, not to a false website created for phishing purposes.
2. Encryption: User-server communications are encrypted, which makes it difficult for the attackers to intercept or change the communicated data.
3. Displaying security seals: Browsers display a padlock icon and “https” in the address bar in the case of websites that are protected by valid certificates, informing the users that the connection is secure.
These measures contribute to preventing data interception and ensuring that users interact with authentic websites, thus reducing the risk of phishing attacks.

A qualified electronic time stamp is an electronic record that confirms the existence of a document or a dataset at a specific moment in time. It is generated by a qualified time stamping service provider, and it has the following characteristics:
Authenticity and integrity: It guarantees that the document was not changed after applying the time stamp.
Certified time source: It uses a time source that is synchronised and checked by a trustworthy authority.
Legally valid: It has the same legal value as written proof, according to the laws in force (e.g. European Regulation 910/2014 e-IDAS).

The time stamp works by associating a time information package to an electronic document; this process is carried out by a time stamping service provider. Here is how this process works:
1. Creating the document stamp: A unique hash (digital stamp) of the document is created. This hash is a cryptographic representation of the document content, ensuring that any change in the document will change the hash.
2. Sending the hash to the provider: The document hash is sent to the time stamping service provider.
3. Generating the time stamp: The time stamping service provider encloses a time stamp to the document hash, based on a secure, synchronised time source. The time stamp includes the exact time and date when the hash was received.
4. Electronic signing of the time stamp: The provider electronically signs the time stamp, thus guaranteeing its authenticity and integrity. The provider’s electronic signature guarantees that the time stamp cannot be changed.
5. Returning the time stamp: The signed time stamp is returned to the applicant, who can then attach it to the original document.
6. Checking of the time stamp: Anyone can check the time stamp to confirm that the document existed in a specific form at the time indicated by the time stamp, and that it has not been changed since.