If you lose the token on which your digital certificate is stored, signing documents will no longer be possible, which can lead to delays in your company’s activity.
Below, you’ll find the steps to follow and some recommendations that will help you solve the problem easily and quickly, and avoid repeating this unpleasant situation in the future.
Steps to follow after losing a token
As soon as you notice that you lost the key device that enables you to use the token signature, please follow these steps:
1. Examine any potential places where you could recover your toke
The first step you need to do is to try and recover the token. First look for it in the places where you usually store it: the desk, drawers, your briefcase.
Also examine all the spaces around the computer (or computers, if you sign from multiple devices), ask your colleagues, and do everything that is needed to recover it.
2. File a request to have the associated certificate revoked
If you don’t recover the hardware electronic signature device, you need to initiate the process to revoke the digital certificate associated with the lost token.
Revoking the certificate means that the certificate will no longer be valid, thus preventing any fraudulent use. This process is regulated under the Code of Practice and Procedures of AlfaTrust Certification, and is conducted according to the legal provisions in force.
Important: The form must be filled in using the same e-mail address where the certificate was issued.
A certificate will be revoked within no more than 24 hours, after successful authentication of the applicant.
The certificate revocation does not affect any previous transactions, and the legal and contractual obligations associated with using the certificate remain valid.
3. File a request to have a new token issued
After the old certificate is revoked as a result of a security incident such as a token loss or theft, you can file a request with AlfaSign to have a new certificate and a new token issued.
The request can be sent online or offline to the Registration Authority (AlfaSign), which will process your request and send the details to the Certification Authority.
Choose a new kit from our portfolio!
After the previous certificate is revoked, you can ask for a new certificate to be issued. The process implies the following steps:
1. File a new request
Fill in a new certificate issuing request, starting here by filling your data, selecting the type of certificate (token or cloud) and the validity period.
2. Identity verification
The user identity verification process is a necessary step, both for the initial issuing and for the signature renewal service, the certificate renewal or the issuing of a certificate after losing the token.
You can opt for remote video identification, according to the e-mail instructions received after registration.
3. Issuing the certificate
After your identity is confirmed, the Certification Authority will issue a new certificate, which will be associated to a new token.
Upon expiry of the validity period, you may opt for renewing the certificate by paying a smaller amount than for the initial issuing.
4. Receiving the new kit and installing the token software
After receiving the new AlfaSign kit, which includes a SafeNet E-token 5110 cryptographic device and a qualified digital certificate with your desired validity, you will need to:
- Insert the device into the computer’s USB port;
- Install the appropriate drivers;
- Check the functionality by signing a test document.
What can you do if you recover the old token?
If, after revoking the old certificate, you recover the token associated with it, you can contact us to have a new digital certificate issued by AlfaSign installed on the device.
Security measures to avoid losing the token in the future
To make sure that you will not lose the token, you can consider these prevention measures:
Opt for a cloud certificate
The cloud electronic signature offers the same benefits as a token, while eliminating the need for a physical token. The AlfaCloud solution is more accessible, and it can be used to sign all documents, including documents required in the relationships with the state (virtual private space – SPV, NAFA, electronic invoice system e-Invoice, public tenders system SEAP, etc.).
Store the device somewhere safe
Always keep the electronic signature USB stick in the same safe place, such as a desk, a sleeve or a secure box. Avoid keeping it in sight, in a place that is accessible to anyone or in your pockets.
Avoid pointless transportation
Do not take the cryptographic device everywhere, unless you know you will need it. Otherwise you can leave it at home or at the office, in a protected place, away from children and unauthorised persons.
Establish a checking routine
Establish a daily routine for checking the location of the token, so that you can make sure that you did not accidentally leave it in a place other than its usual place.
For example, before leaving the office, make a habit of checking the location where you keep the token.
Conclusion
Losing the e-signature token may seem a stressful situation, but with the right steps, the problem can be solved quickly and efficiently.
Contact the AlfaSign team for support, invest in a new kit, and take preventive measures to avoid such incidents in the future. The electronic signature is a valuable tool, and with proper management, you will be able to continue your business with no delay.
