eSignature tools to support cross-border access to eServices for businesses
TSL and eSignature creation/verification tools
Software solutions to foster adoption of eSignature in the public sector
ISA action 1.9 provides Member State Public Administrations with two tools to fulfil their legal obligations with regard to the Services Directive:
- Digital Signature Services software (SD-DSS)
- Trusted Lists management software (TL Manager)
All Member States now have a Point of Single Contact, to facilitate the free establishment of service providers and the free provision of services in the European Union. Under the Services Directive (2006/123/EC), service providers from any Member State willing to create and run a business in another Member State are entitled to carry out all the relevant administrative procedures and formalities via the Points of Single Contact andby electronic means, including across borders.
The use of electronic signatures is a means to support the implementation of the Services Directive. Service providers may submit documents through the electronic channels of the Points of Single Contact, which were issued and signed digitally by the competent national authorities of another Member State. Likewise, the document submitted may have been signed electronically by the service providers themselves.
Electronic signatures must therefore be accepted and technically supported across Member States. Pursuant to legal requirements arising from European Commission Decisions*:
- where an electronic signature is required, Member States must accept advanced electronic signatures based on a qualified certificate, with or without a secure signature device, for the completion of the formalities and procedures via the Points of Single Contact;
- each Member State must establish, maintain and publish a Trusted List of certification service providers issuing qualified certificates to the public who are supervised/accredited by them;
- Member States must put in place the necessary technical means allowing them to process electronically signed documents issued by competent authorities that service providers submit in the context of completing procedures and formalities through the Points of Single Contact.
(*Decision 2009/767/EC and Decision 2011/130/EU)
In this context, ISA action 1.9 aims to make it easy for Member States and their eGovernment managers to comply with these obligations by providing them with the necessary technical tools to manage Trusted Lists and to create and verify the so-called “advanced eSignatures”.
What are these tools for and who will benefit from them?
Two open source software were developed and made available to Public Administrations under the present action:
- SD -DSS allows for the creation and validation of eSignature in interoperable EU formats. The validation relies on Member States' Trusted Lists.
- TL Manager enables the creation, editing and maintenance of such Trusted Lists and therefore facilitates their management.
Both tools are free for Member States’ use, with TL Manager being a user-friendly interface, whereas SD-DSS needs to be adapted and implemented by Member States depending on their purpose. Both tools rely on common formats and specifications, in compliance with the aforementioned Commission Decisions. The usage of these common tools will therefore increase cross-border interoperability.
SD-DSS will prove particularly useful to the managers of Points of Single Contacts and eGovernment portals, who receive electronically signed documents from service providers applying from other Member States.
SD-DSS in practice
SD-DSS is a library whose use is flexible:
- Deployed as an applet, SD-DSS can create an eSignature simply from your desktop.
- Alternatively, you can choose to deploy SD-DSS as a web service to be integrated in an eGovernment application for automated eSignature creation and/or validation.
- Member States’ Public administrations are free to select one or more of the SD-DSS modules (e.g. use it for validation purposes only).
In order to validate an eSignature in a document through SD-DSS, you simply need to click on "verify document signature", select and attach the signed file you want to verify. In just one click a PDF report is generated that provides the required information, including the Trusted List information.
Generic-use, sustainable tools
The use of SD-DSS is not limited to a type of user or sector of activity. Any organisation is welcome to try it in order to create and/or validate an eSignature on a document.
SD-DSS is continuously updated and undergoing maintenance. Since both software are available for download on ISA’s collaborative platform Joinup, users follow their development, report bugs or propose new features. As such SD-DSS and TL Manager are sustainable tools. ISA stakeholders are invited to take part in their improvement.
Where can I download the software to start using it?
SD-DSS can be downloaded from Joinup at https://joinup.ec.europa.eu/software/sd-dss/release/all. A guidance document for implementing the software (cookbook) is available at the same address.
The associated tool, TL Manager, can be downloaded from the same platform, at http://joinup.ec.europa.eu/software/tlmanager/release/release201.
Summary of the action’s objectives
- Facilitating the work of the Points of Single Contacts;
- supporting the implementation of the Services Directive ;
- promoting the use and interoperability of cross-border eSignatures.