Solutions by Technology
/ Automated Bulk Invoice Signing
For many years large corporations have seen the benefits of using electronic message exchange with their suppliers. Traditionally this was done using EDI and VANS.
The Internet has seen the use of electronic documents accelerate to include small and medium enterprises using techniques such as e-Invoicing. The drive to stop paper use has led to use of e-Billing and e-Statements even with consumer end-users.
Studies have shown that total cost of manual paper invoicing can be as much as €30/invoice and that e-Invoicing can save up to 80% of this cost. Looking just at the European market, it has a volume of about 30 billion invoices per year and more than 12 million trees could be saved if electronic methods were used to replace the vast majority of paper based invoices! The benefits of e-invoicing/e-billing and e-statements compared with paper-based system include:
Manual Paper-based Process
Automated Electronic Process
Expensive to handle and transfer
Up to 80% cheaper
Extended delivery times
Immediate delivery
No proof document was received (assumes no recorded delivery for bulk documents)
Document can be emailed OR downloaded from website and noted as read. Signed receipts can be provided
Recipient may reject document many weeks later because of missing information
15% of recipients require reminders to process document
Automated validation of key data as soon as document is sent
Auto reminders to recipients based on configured policies
Requires large scale, expensive storage space to archive many millions of documents
Difficult to search through archive
Difficult to back-up or duplicate the archive and requires even more storage!
Automated archiving after documents sent (or received)
Easy to find the original document using metadata searches
Easy to back-up and maintain resilient copies of archive
Able to protect the authenticity and integrity of archived data using digital signatures and timestamps
Easy to re-evidence for long-term preservation
Able to archive millions of documents on a single hard-disk!
Separate manual workflow (e.g. payment of invoice)
Integrated workflow for straight-through-processing of document (e.g. automated validation of signed e-invoice and transfer to accounts payable system)
Requires expensive paper and transport with a negative impact on environment
Green alternative with a positive impact on the environment
SOLUTION DESCRIPTION
Any business application can send out e-documents in place of paper, however in order to ensure authenticity and trust, it’s important to digitally sign the documents before they are sent externally. The organisation’s reputation and brand protection can also be better protected if fraudulent documents are easy to detect. Legislation such as the EU VAT Directive also provide a business driver. There are several ways in which digital signatures can be applied to outgoing documents. Typically the signature format will be XML DSig (including XAdES) and/or PDF Signatures (including PAdES).
For such use cases an automated server-side solution is required as illustrated:
Signing thousands or millions of documents is not something that can be done manually by administrators.
ADSS Server can be easily integrated with any business document production environment using our Watched Folder application called ADSS Auto File Processor, or our high-level Java and .NET ADSS Client SDKs or via direct XML/SOAP web service calls or even email integration using ADSS Secure Email Server. Signed documents can be archived by making calls to the Ascertia ADSS Archive Server.
Sending out signed documents is only half of the story, for automated verification of incoming signed documents (e.g. received e-invoices) the following solution is offered:
ADSS Server can verify many different digital signature formats, similarly, it can validate certificates from any registered Certificate Authority (CA) in real-time or using a historic signature validation service. The business application can also securely archive the signed document and the verification process data using Ascertia ADSS Archive Server.
WHY ASCERTIA?
There are many reasons for choosing Ascertia’s digital signature products for financial projects. These include:
Apply electronic (digital) signatures to any type of document
Ascertia’s products offer the widest support for digital signature formats and standards and the greatest flexibility in how to implement these. The products support PDF, XML, PKCS#7, CMS, S/MIME and PKCS#1 signatures as required to sign business documents. German and other country qualified certificates can be used to provide advanced electronic signatures.
Long-term signatures
Ascertia is a clear leader in creating long-term signatures – these can be verified many years in the future, an essential requirement for most government related data. ADSS Server supports ETSI XAdES and CAdES as well as the latest PAdES (PDF format) profiles.
Multiple Signing Options
Different applications have different needs for how signatures are created. Some require server-side batch-signing features, some require signatures to be created locally by users that have eID smartcards or secure USB tokens. Others even want key and certificate roaming solutions that offer virtual “smartcards”. Ascertia’s ADSS Server and Go>Sign Client already provide all these options and more.
Authorising Server-Side Signatures
Many organisations feel uncomfortable about performing corporate (or department) signatures using keys held on the server and not under the control of a particular individual employee. To relieve this concern Ascertia has implemented its unique authorising mechanism for server-side signatures which allows one or more authorisers to apply a personal signature to a document which is verified first by ADSS Server before applying a corporate signature. For further details see this white paper.
Multiple Integration Options
ADSS Enterprise Server can be easily integrated with any business document production environment using our Watched Folder application called Auto File Processor, or our high-level Java and .NET ADSS Client SDKs or via direct XML/SOAP web service calls or even email integration using Secure Email Server.
High Performance, Scalability & Security
ADSS Server can be run in load-balanced configuration to sign millions of documents in an automated manner. All signature operations can be conducted in a secure Hardware Security Module (HSM) and multiple HSMs can be connected for performance and resilience purposes. All signing operations are securely logged in ADSS Server database.
More than just digital or electronic signatures
Digital signature creation is only one part of the solution – there are also requirements for signature verification, trust anchor management, key management, certification, real-time certificate validation, time-stamping and secure long-term archiving. ADSS Server is unique in being able to address all these requirements in one multi-function server. All these services are based on leading industry standards including OASIS DSS & DSS/X (singing, verification and encryption), RFC 3161 (timestamping), IETF LTANS (archiving), RFC 6960 (OCSP validation), RFC 5055 (SCVP validation), W3C XKMS (validation), etc.
Ascertia is a global leader in high-trust PKI and digital signature products, delivering essential trust services that keep citizens secure and business flowing. Ascertia’s products are easy to integrate and use across a range of business scenarios.
Ascertia is a global leader in high-trust PKI and digital signature products, delivering essential trust services that keep citizens secure and business flowing. Ascertia’s products are easy to integrate and use across a range of business scenarios.