Data publikacji: Monday June 24th, 2024

Digitalization of business processes in companies and institutions is becoming increasingly common. The ideal tool that enables contract signing and handling many formalities online is a Qualified Electronic Signature. If you don’t have one yet, check out the procedure for getting an e-signature with a qualified certificate.

Table of Content:

How to get a Qualified Electronic Signature? – step by step

A Qualified Electronic Signature is a type of digital signature issued to an individual that has the same legal power as a handwritten signature and supports a range of activities that can be performed without leaving home. In Poland, this type of service can be obtained from Qualified Trust Service Providers who have been officially accredited by the relevant national authorities and adhere to strict security standards defined in the European eIDAS Regulation.

This tool is also useful in dealings with offices and in communication with public administration units. Thanks to the signature, you can confirm your identity, authenticate yourself on state platforms, submit a tax declaration, sign a financial report, or participate in an auction or online tender.

To get a Qualified Electronic Signature, you need to follow a few steps:

1. Choose a Trust Service Provider – choose a Qualified Trust Service Provider authorized to issue qualified trust services such as a Qualified Electronic Signature in accordance with the requirements of the Ministry of Digitization Act on trust services and electronic identification and the eIDAS Regulation.

2. Choose the type of signature – choose a Qualified Electronic Signature on a card (cryptographic card + reader) or a Qualified Electronic Signature in the cloud (access using your smartphone and an authorizing application with one-time OTP codes), and then pay for the order with the selected provider.

3. Identity verification and issuance – go through the identity verification process, which includes, among others, checking the correctness of data based on your ID card, passport, or residence card (this process is necessary to obtain a qualified certificate from all providers).

Depending on the variant, the verification process can be carried out based on:

  • online verification (100% remotely without leaving home)
  • stationary visit to one of the authorized sales points
  • visit of a mobile verifier who will come to your office on a set date (VIP service)

In selected cases, it is possible to conduct verification without personal contact by signing a subscription agreement at a notary, e.g., for people residing outside the country.

After successful identity verification, the provider issues a qualified certificate and the necessary software to handle the signature in the selected variant.

4. Installation and activation – install the software according to the provider’s instructions, and then start using electronic document signing with the provider’s software or applications that allow adding a Qualified Electronic Signature to a document, e.g., Adobe Reader.

This article may interest you:

How to get a Qualified Electronic Signature? – choosing a provider

Before making the final purchase of a Qualified Electronic Signature, make sure that the provider is authorized to issue qualified certificates by the Ministry of Finance and is listed on the list of eIDAS Regulation providers.

It is also worth checking if the company offers a full range of services – a wide range of flexible solutions on a card, in the cloud, or API integration capabilities will indicate the quality of the selected services.

When purchasing services from companies and third parties (e.g., at a stationary point), check if the point is listed on the provider’s authorized list of companies on the provider’s website.

Another important aspect is technical support. Good support includes assistance with the installation and configuration of the electronic signature and the availability of technical help in case of problems (paid or free within a specified range). Make sure that the service costs are transparent and include all necessary components.

How to get a Qualified Electronic Signature? – choosing the signature

The choice of a Qualified Electronic Signature variant in the cloud (also known as mobile) or on a card with a reader depends on several key factors.

Qualified Electronic Signature on a card:

  • Requires physical access to the card and reader, which may be less convenient but is often considered safer,
  • Physical storage of keys on the card can be considered more secure as the keys are less exposed to online attacks,
  • May be less convenient due to the need to have a reader and card with you, but is easier to use for people accustomed to traditional methods,
  • Requires a one-time purchase of a card and reader, which may be more cost-effective in the long run but involves higher initial costs.

Qualified Electronic Signature in the cloud:

  • Allows signing documents from any place and device, which is ideal for people who frequently work remotely or travel,
  • Usually secured by advanced authentication methods such as two-factor authentication (2FA). It is important that the provider ensures strong data protection measures,
  • More convenient to use as it does not require additional devices and can be easily integrated with various platforms and applications,
  • May involve regular subscription fees but does not require the purchase of additional hardware.

How to get a Qualified Electronic Signature? – identity verification

Identity verification is simply confirming the authenticity of the identity of the person applying for a Qualified Electronic Signature, e.g., using an ID card or passport. In the context of getting a Qualified Electronic Signature, identity verification is necessary to issue a qualified certificate. This process minimizes the risk of fraud and abuse, ensuring that only authorized individuals can use a Qualified Electronic Signature.

In general classification, identity verification can be divided into stationary and online. Among the available options, the following methods are distinguished:

  • Online video verification – a completely remote process, which involves sending scans or photos of identity documents during video verification, where the data is checked for consistency and the identity of the person is confirmed in a strictly defined procedure,
  • Visit to an authorized point or provider’s headquarters – personally appearing at a stationary point, where an employee verifies identity documents during a meeting and issues the signature on the spot,
  • Visit by a mobile verifier – a VIP service (with selected providers) where the verifier comes to the office or another specified place at a set time to conduct identity verification on-site along with issuing the signature,
  • Verification by a law notary – personal confirmation of the identity of the person applying for the signature at a notary by signing a subscription agreement for the delivery of the signature and sending the documents to the provider.

Before choosing the appropriate option, make sure you can use the selected method and ensure that the provider clearly outlines all stages of the process and the costs of additional identity verification.

After successful identity verification, the Trust Service Provider issues a qualified certificate and the necessary software to handle the signature in the selected variant, allowing for secure and legally compliant use of the electronic signature.

How to get a Qualified Electronic Signature? – installation and activation

When installing and activating a Qualified Electronic Signature, pay attention to whether you have the appropriate equipment, such as a USB token, cryptographic card, or card reader, and that the software is compatible with your operating system (Windows, macOS, Linux).

Carefully read the installation instructions provided by the provider and follow them. Install all required components, such as drivers, certificate management software, and document signing applications.

Prepare the activation keys, PINs, and codes provided by the provider. Make sure to enter this information carefully to prevent unauthorized access, and store it in a safe place.

After installing and activating the certificate, perform a test document signing to ensure everything is working correctly. If you encounter any problems, contact the provider’s technical support.

Regularly check for software updates and ensure that the certificate is renewed on time to avoid interruptions in using the Qualified Electronic Signature.