If you need to sign (many) automated documents such as contracts and invoices, use a digital signature on an HSM.
- The certificate is stored on a Hardware Security Module
Hardware Security Modules (HSM) offer reliable protection for applications, transactions and information by securing cryptographic keys. An HSM is secure hardware in which sensitive (key) material is stored. The stored information cannot leave the HSM and is used to perform high-speed calculations; this is the second function of an HSM. The largest advantage of storing on an HSM instead of on a USB token for example, is the much larger capacity an HSM provides in terms of volume and speed.
- The certificate identifies a department of an organization
Signing documents with this certificate guarantees their origin and content. The certificate is included in Adobe's AATL program. Therefore, the certificate is automatically trusted by Adobe Reader. The signature complies with PAdES. Ensured e-Sign is an ‘advanced electronic signature’ (AES) as described in article 3 sub 10 and article 26 of the eIDAS regulation. The departmental Ensured e-Seal is similar to an electronic signature, but is used by legal persons rather than by an individual.
- Including the addition of timestamps for longer storage
For some documents, the signature must remain valid even after the signature expires in order to prevent error messages. By adding a timestamp while signing a document, an irrefutable timestamp is added based on the current date and time of an independent timestamping server.