DIGITAL SIGNATURE

Frequently Asked Questions

About Digital Signatures

 

1.  What is an electronic signature?

It is a set of data attached to an electronic communication whose purpose is to identify the sender of the communication or message as legitimate of this author, as if it were an original signature.

 

 

2.  What is the difference between an electronic signature and a digital signature?

An electronic signature can be any data set that is incorporated into an electronic message through technological means to refer to the signing of an operation.

A digital signature is a type of electronic signature that uses cryptographic means and is distinguished for his safety, because it allows to reliably identify a sender (authentication and non-repudiation) further providing the ability to validate that a message has not been altered from its creation (integrity) and allowing the confidentiality of information.

See UNCITRAL Model Law on Electronic Signatures

www.uncitral.org/pdf/spanish/texts/electcom/ml-elecsig-s.PDF

 

 

 

3.  How are digital signatures called in Mexico?

Diverse acronyms are used to identify digital signatures issued by government entities in Mexico. Among the most common ones are: FIEL, FEA, FIREL, FIABLE, Certified Electronic Signature, and Certified Signature.

 

 

4.  How does a digital signature work?

It works through a public key infrastructure (PKI) where two key or keys for sending messages are used:

 

  1. Public Key: Available on the Internet to query all users of electronic services, with which data is decrypted; and
  2. Private Ke is only known by the owner of the Faithful, used to encrypt data.
  3. The technology used prevents decrypt a message using a key that does not correspond.

 

 

5.  What are the benefits of using a digital signature in a data message?

Due to its characteristics, a digital signature provides maximum security in electronic transactions. According provision 8th of the Advanced Electronic Signature Law, the following principles of digital signatures that represent benefits for end users:

  • Functional Equivalence
  • Authenticity
  • Integrity
  • Technological Neutrality
  • Non-repudiation
  • Confidentiality

 

 

6.  Can a digital signature be faked?

 

No. Digital signatures cannot be faked because the technology used to create the digital certificates.

 

 

 

 

 

Technology

 

1.  What happens when a data message is signed with a digital signature?

 

  • Using a hash, the message content is converted to a fixed length.
  • The issuer, using the public key of the recipient, encrypts the message.
  • The issuer, using its private key, signs the message.
  • The receiver validates the message signature using the sender’s public key.
  • The receiver “decrypts” the message using its own private key.

 

 

2.  What is encryption?

Encryption refers to the process by which an algorithm is used to convert information to a group of unreadable characters. To perform encryption, a digital certificate is required.

 

 

3.  What does the advanced electronic signature of graphical representation of a data message?

This is an example of an advanced electronic signature:

 

 

4.  ¿Qué es una Infraestructura de Clave Pública?

Es el conjunto de hardware, software, políticas y procedimientos definidos para crear, administrar, distribuir, utilizar, almacenar y revocar certificados digitales.

 

 

5. Who are the main entities involved in the issuance and management of digital signatures?

Root Certificate Authority:

has an auto issued certificate that distinguishes itself as root authority and issues the certificates of Certification Authorities that will be subordinated to its hierarchy.

 

Certifying Authority:

Manages the creation of end-user certificates, attesting to the identity of the holder.

 

Registration Authority:

Manages the association between the end user that holds a certificate and its public key, administrating the lifetime of the certificate and, if applicable, the revocation.

 

Certificate Holder:

Individual or legal entity for whom the digital certificate is issued.

 

 

6.  In Mexico, who are the federal government entitites that currently issue digital signatures to citizens and corporations?

  • SAT, Mexican Taxing Authority, which is the largest issuer of digital certificates in Mexico.
  • The Ministry of Economy (Secretaría de Economía) for public registry of commerce matters, issues certificates to through the Certification Service Providers,
  • The Ministry of Public Service (Secretaría de la FUnción Pública) is recognized by the Advanced Electronic Signature Law as a Certifying Authority, although now no longer issues certificates,
  • There are other Certification Authorities operating in their particular field such as the Mexican Social Security Institute (IMSS, Instituto Mexicano del Seguro Social).

 

 

The contents of the Digital Signature section of our website were developed with the special support of the Commercial Regulation Department of the Ministry of Economy. (Dirección General de Normatividad Mercantil, Secretaría de Economía).

 

Copyright  © 2017 AMEXIPAC, A.C.  |   Legal Notice  |  Privacy

Design by HELLOID

Torre Diana, Río Lerma 232, Piso 23, Col. Cuauhtémoc, Del. Cuauhtémoc, Ciudad de México, C.P. 06500

Phone (55) 8000 6575.