Elektronische Siegel

Electronic seals

Qualified or regulated and advanced seals

Contact us

Digitization of the company or authority stamp

Digitization of the company or authority stamp

What is an electronic seal?

In the analog world, the company or authority stamp of organizations is now being transferred into the digital age with the help of the electronic seal. Sealing companies can use electronic seals to ensure proof of origin, time, integrity, and authenticity of the content of a digital file at any time. In this context, electronic seals are technically based on the same procedure as an electronic signature. In other words, an electronic seal is the digital signature of a company (public legal entity) or public authority.

Types of electronic seal

As with electronic signatures for private individuals, electronic seals for companies meet the regulatory requirements of the EU Regulation eIDAS and the Swiss federal law ZertES. Accordingly, an electronic seal is also based on an electronic certificate, contains the identity of the official company representative, and guarantees authenticity. By affixing electronic seals, it is also possible to prove that a digital document has no longer been altered (protection against alteration). Based on the legislation of eIDAS and ZertES, two types of electronic seals have been established.

Qualified or regulated seal

A qualified electronic seal is a qualified electronic signature of a legal entity and is regulated in detail in the EU regulation eIDAS and the Swiss federal law ZertES. It is electronic proof that an authority or company issued a digital document. It guarantees the authenticity of the origin and the document's integrity (protection against alteration). In the Swiss federal law ZertES, one speaks of regulated electronic seals instead of qualified ones.

Qualified seals or seals defined in the ZertES have a very high probative value, and the trust service provider assumes total liability. In addition, qualified electronic seals can be verified with the help of a validator in Switzerland and the EU.

According to ETSI regulations, qualified electronic seals must comply with the "QCP-I" standard and fulfill the exact technical requirements of qualified electronic signatures. The QCP-I standard describes a certificate policy for qualified certificates that are issued publicly and require secure signature creation devices.
 
Further information can be found in our repository.

They are offered in the Swisscom Trust Services product portfolio.

Advanced seal

An advanced electronic seal is an advanced electronic signature of the legal person. It is electronic proof that an authority or company issued a digital document. It guarantees the security of the origin and integrity of the document (protection against alteration). While advanced seals are not defined in the Swiss Federal Law ZertES, the EU Regulation eIDAS describes more precise requirements in Article 36.

Advanced electronic seals are generally approved for use and have a high evidential value. However, as the definition in the legislation needs to be completed, advanced seals cannot be checked for correctness via validators.

Swisscom Trust Services' advanced electronic seals comply with the highest "NCP-I" standard according to ETSI regulations and are thus indicated with a green tick in Adobe.
 
The NCP-I standard describes a policy for advanced certificates issued publicly.
 
You can find further information on this in our repository.

They are offered in the Swisscom Trust Services product portfolio.

Qualified or regulated seal

A qualified electronic seal is a qualified electronic signature of a legal entity and is regulated in detail in the EU regulation eIDAS and the Swiss federal law ZertES. It is electronic proof that an authority or company issued a digital document. It guarantees the authenticity of the origin and the document's integrity (protection against alteration). In the Swiss federal law ZertES, one speaks of regulated electronic seals instead of qualified ones.

Qualified seals or seals defined in the ZertES have a very high probative value, and the trust service provider assumes total liability. In addition, qualified electronic seals can be verified with the help of a validator in Switzerland and the EU.

According to ETSI regulations, qualified electronic seals must comply with the "QCP-I" standard and fulfill the exact technical requirements of qualified electronic signatures. The QCP-I standard describes a certificate policy for qualified certificates that are issued publicly and require secure signature creation devices.
 
Further information can be found in our repository.

They are offered in the Swisscom Trust Services product portfolio.

Advanced seal

An advanced electronic seal is an advanced electronic signature of the legal person. It is electronic proof that an authority or company issued a digital document. It guarantees the security of the origin and integrity of the document (protection against alteration). While advanced seals are not defined in the Swiss Federal Law ZertES, the EU Regulation eIDAS describes more precise requirements in Article 36.

Advanced electronic seals are generally approved for use and have a high evidential value. However, as the definition in the legislation needs to be completed, advanced seals cannot be checked for correctness via validators.

Swisscom Trust Services' advanced electronic seals comply with the highest "NCP-I" standard according to ETSI regulations and are thus indicated with a green tick in Adobe.
 
The NCP-I standard describes a policy for advanced certificates issued publicly.
 
You can find further information on this in our repository.

They are offered in the Swisscom Trust Services product portfolio.

Structure of a sealing solution

To set up a digital seal solution, a permanent encrypted connection, the so-called Transport Layer Security (TLS) protocol, is needed between a signature application and a trust service provider, such as Swisscom Trust Services. The private key is the person responsible for the organization. This person controls the establishment and duration of the connection for the document hash values to be sealed.

The sealing process

Document selection for sealing

1. Choice of digital documents for seals

A legal entity or company would like to provide many digital documents with electronic seals in a digital seal solution with integrated trust service, e.g., acknowledgments of receipts, invoices, laboratory reports, certificates, or testimonials.

Identification of the representatives of the company

2. One-time identification of the legal person

For the use of an electronic seal, the authorized representative of the company is identified once with an identification solution so that this person can sign the seal application with a qualified electronic signature.
 
The trust service provider checks the sealing company based on public register entries or certified register extracts (e.g., commercial register) and verifies the authorization of the company representative. Afterward, the trust service provider creates a long-term certificate for the company, containing the organization's name and registered office.
 
The sealing solution ensures that the identified and registered representatives of the company have access to the private key of the access certificate, which secures the connection between the application and the trust service provider. For this purpose, the sealing solution has an implementation concept checked and approved by an auditor.
Seal request and hash creation

3. Request for the electronic seal

Document compressions are transferred as a so-called hash in a batch process in the sealing solution. Approval is not necessary for this.

Sealed documents with electronic time stamps and certificate

4. Authorization means, time stamp, and electronic seal

As a legal entity, the company has authorized access to the private key with the access certificate included by the organization and confirmed the batch transfer. The trust service provider applies an electronic seal and a qualified time stamp to the compressed digital documents and then sends this back to the sealing solution. In this way, the company ensures the authenticity, integrity, and timing of the sealed record in the digital world.

Fields of application of electronic seals

Fraud prevention
Fraud prevention

Protect your organization from fraudsters on the internet by adding an electronic seal to your digital documents, e.g., invoices, policies, certificates, diplomas, or attestations. This way, your customers can be sure that the digital documents originate from your organization and that there is no forgery.

Digital archiving
Digital archiving

Use electronic seals in the area of business records archiving. Scanned paper documents can be archived in an audit-proof manner after applying a qualified electronic seal and time stamp.

Digital Inbox
Digital Inbox

Use electronic seals when digitizing your incoming and outgoing mail. You can automatically seal and time-stamp mail, making your business mail evidence-proof and showing authenticity.

Evidential value before authorities
Evidential value before authorities

Provide courts with electronically sealed documents, e.g., as evidence, or quickly and easily seal your organization's applications for participation or expressions of interest for government authorities.

Our product portfolio for your sealing solution

With our embedded seal platform, we offer our partners a comprehensive platform of electronic seals and time stamps, meticulously crafted to meet the specific requirements of Switzerland and Europe. These can be seamlessly and precisely integrated into your e-sealing workflow, tailored to your use case.

Our partners with ready-made sealing solutions

Cyberfish logo
Deepcloud logo
Logo Glaux pos
intarsys
SecCommerce logo
Skribble-colour-RGB-transparent
XiTrust
SwissSign Logo