Remote signatures with qualified seals have hardly been an issue so far. Companies used large card readers that allowed seal cards to be inserted in shifts and confirmed with a personal PIN. Each shift removed these cards again and the new shift introduced new seal cards again.
With the solution from SecCommerce and Swisscom Trust Services, it is now possible for the first time to issue qualified remote seals in accordance with eIDAS and ZertES. For this purpose, the onboarding of designated company representatives who want to seal in the future takes place. These are identified, they sign their application for remote signature with a personal qualified signature and a permanent secure two-factor authentication between the company seal application and Swisscom Trust Services is established. SecCommerce uses its own PKI, which secures the communication channel with bidirectional TLS certificates. The operation of seal card readers and the associated “shift operation” is no longer necessary.
Documents, e.g. outgoing mail or invoices, are automatically fed into a seal or individual documents can be sealed. Since no cards are used, the previous throughput limits per card are also no longer applicable. As with the personal signature, Swisscom Trust Services only receives a hash of the document and cannot view the document itself.