Solutions by Technology
/ e-Invoicing, e-Billing, e-Statements
The Internet has seen the use of electronic documents accelerate to include small and medium enterprises using techniques such as e-Invoicing. The drive to stop paper use has led to use of e-Billing and e-Statements even with consumer end-users.
Studies have shown that total cost of manual paper invoicing can be as much as €30/invoice and that e-Invoicing can save up to 80% of this cost. Looking just at the European market, it has a volume of about 30 billion invoices per year and more than 12 million trees could be saved if electronic methods were used to replace the vast majority of paper based invoices! The benefits of e-invoicing/e-billing and e-statements compared with paper-based system include:
Manual Paper-based Process
Automated Electronic Process
Expensive to handle and transfer
Up to 80% cheaper
Extended delivery times
No proof document was received (assumes no recorded delivery for bulk documents)
Document can be emailed OR downloaded from website and noted as read. Signed receipts can be provided
Separate manual workflow (e.g. payment of invoice)
Integrated workflow for straight-through-processing of document (e.g. automated validation of signed e-invoice and transfer to accounts payable system)
Requires expensive paper and transport with a negative impact on environment
Green alternative with a positive impact on the environment
Any business application can send out e-documents in place of paper, however in order to ensure authenticity and trust, it’s important to digitally sign the documents before they are sent externally. The organisation’s reputation and brand protection can also be better protected if fraudulent documents are easy to detect. Legislation such as the EU VAT Directive also provide a business driver. There are several ways in which digital signatures can be applied to outgoing documents. Typically the signature format will be XML DSig (including XAdES) and/or PDF Signatures (including PAdES).
Signing thousands or millions of documents is not something that can be done manually by administrators.
ADSS Server can be easily integrated with any business document production environment using our Watched Folder application called ADSS Auto File Processor, or our high-level Java and .NET ADSS Client SDKs or via direct XML/SOAP web service calls or even email integration using ADSS Secure Email Server. Signed documents can be archived by making calls to the Ascertia ADSS Archive Server.
Sending out signed documents is only half of the story, for automated verification of incoming signed documents (e.g. received e-invoices) the following solution is offered:
ADSS Server can verify many different digital signature formats, similarly, it can validate certificates from any registered Certificate Authority (CA) in real-time or using a historic signature validation service. The business application can also securely archive the signed document and the verification process data using Ascertia ADSS Archive Server.
Ascertia’s products offer the widest support for digital signature formats and standards and the greatest flexibility in how to implement these. The products support PDF, XML, PKCS#7, CMS, S/MIME and PKCS#1 signatures as required to sign business documents. German and other country qualified certificates can be used to provide advanced electronic signatures.
Ascertia is a clear leader in creating long-term signatures – these can be verified many years in the future, an essential requirement for most government related data. ADSS Server supports ETSI XAdES and CAdES as well as the latest PAdES (PDF format) profiles.
Different applications have different needs for how signatures are created. Some require server-side batch-signing features, some require signatures to be created locally by users that have eID smartcards or secure USB tokens. Others even want key and certificate roaming solutions that offer virtual “smartcards”. Ascertia’s ADSS Server and Go>Sign Applet already provide all these options and more.
Many organisations feel uncomfortable about performing corporate (or department) signatures using keys held on the server and not under the control of a particular individual employee. To relieve this concern Ascertia has implemented its unique authorising mechanism for server-side signatures which allows one or more authorisers to apply a personal signature to a document which is verified first by ADSS Server before applying a corporate signature. For further details see this white paper.
ADSS Enterprise Server can be easily integrated with any business document production environment using our Watched Folder application called Auto File Processor, or our high-level Java and .NET ADSS Client SDKs or via direct XML/SOAP web service calls or even email integration using Secure Email Server.
ADSS Server can be run in load-balanced configuration to sign millions of documents in an automated manner. All signature operations can be conducted in a secure Hardware Security Module (HSM) and multiple HSMs can be connected for performance and resilience purposes. All signing operations are securely logged in ADSS Server database.
Digital signature creation is only one part of the solution – there are also requirements for signature verification, trust anchor management, key management, certification, real-time certificate validation, time-stamping and secure long-term archiving. ADSS Server is unique in being able to address all these requirements in one multi-function server. All these services are based on leading industry standards including OASIS DSS & DSS/X (singing, verification and encryption), RFC 3161 (timestamping), IETF LTANS (archiving), RFC 6960 (OCSP validation), RFC 5055 (SCVP validation), W3C XKMS (validation), etc.