0
This article is a comprehensive guide, delving into the nature, operating mechanism and legal value of digital signatures, clearly distinguishing them from electronic signatures. The report will professionally present the most popular types of digital signatures today, analyze the advantages and disadvantages and optimal users for each type. More importantly, the article will provide detailed instructions from the registration process, installation, to digital signature operations on popular platforms such as office documents and e-Tax portals. Finally, we will analyze potential security risks and provide expert advice on how to safely manage digital signatures and key criteria for choosing a reputable supplier, helping businesses and individuals feel completely secure in electronic transactions.
A digital signature is a form of electronic signature, created using an asymmetric cryptographic system consisting of a private key and a public key. Basically, it plays the same role as an individual's handwritten signature or a business seal on paper documents, but is used in an electronic environment to confirm the rights and responsibilities of the signer.
The legal value of digital signatures is clearly stipulated in Article 8, Decree 130/2018/ND-CP. Specifically, when the law requires a document to have a signature or seal, this requirement is considered to have been met if the document is signed with a digital signature and the signature ensures the prescribed safety conditions. This affirms the legality and indispensable role of digital signatures in commercial transactions, tax declarations, customs and electronic social insurance.
To be legally valid, a digital signature must meet three main security conditions:
Created during the validity period of the digital certificate and verifiable by public key
The private key is only under the control of the signer at the time of signing.
Issued by one of the organizations providing public digital signature certification services licensed by the Ministry of Information and Communications
Although often confused, digital signatures are a subset of electronic signatures and have important differences in terms of security, legal value, and operating mechanism.
Below is a detailed comparison table:
| Criteria | Digital Signature | Electronic Signature |
| Nature | Electronic, encrypted "fingerprint" | Any symbols, images attached to show approval |
| Standard | Use cryptographic encryption methods | Standards independent, no encryption used |
| Legal value | Has the same legal value as a handwritten signature and seal, verified by competent authorities. | Not legally invalid, but authentication is more complex and has a high risk of forgery |
| Authentication mechanism | Using asymmetric key cryptography | Almost no strong authentication mechanism, easy to fake |
| How to create | Required documentation and registration with service provider | Can be easily created using software like Word, Excel, or scanned photos |
| Expense | Higher cost due to high security and legality, about 1,800,000 VND/year depending on package | Can be free or low cost |
The mechanism of digital signature is based on an asymmetric key pair.
Private Key: This is a key that is controlled only by the signer and is used to create a digital signature. This key must be kept secure to ensure the authenticity of the signature.
Public Key: This key is generated from the corresponding private key and is used to verify and verify the validity of the digital signature. The public key is attached to a Digital Certificate to identify the signer.
When you sign a document, the system uses the private key to generate a digital signature string. The recipient then uses the corresponding public key to authenticate the signature and check the integrity of the document. If there are any changes to the document after signing, the public key cannot be authenticated, ensuring the non-repudiation of the transaction.
In the market today, there are four popular types of digital signatures classified based on storage method and security technology.
This is the traditional and most widely used type of digital signature. The secret key is stored on a small, USB-like hardware device, called a USB Token.
Advantage:
High security: The secret key is protected in the hardware device, only the owner of the USB Token and PIN code can use it
Easy to use and reasonable price: Simple operation, just plug it into the computer and you can sign digitally. Low initial investment cost, suitable for small and medium enterprises
Disadvantages:
Device dependent: A physical USB Token is required to perform digital signature.
Limitation: Each USB Token is usually only for one user, cannot sign in large quantities at the same time
HSM is a dedicated hardware device, integrated into the enterprise's server or network system.
Advantage:
High speed and mass signing: Capable of signing up to 1200 times/second, ideal for high volume transactions such as issuing thousands of e-invoices
Absolute security: Using hardware devices that meet high security standards (FIPS 140-2), ensuring data cannot be cracked, copied or counterfeited.
Flexible: Can sign digitally anytime, anywhere via the network system
Disadvantages:
High cost: Due to the use of advanced technology and specialized equipment, the initial investment cost is very high, only suitable for large businesses and organizations with large number of digital signature needs and good infrastructure.
Access Limitation: Some providers may limit the number of digital signature access points, which can be inconvenient in some cases.
This is the most modern form of digital signature, no physical hardware is required. The secret key is stored on the service provider's cloud platform. For SmartCard, the signature is integrated directly into the phone SIM.
Advantage:
Flexible: Can sign digitally anytime, anywhere, on multiple devices (phones, tablets) with just one OTP code or biometric authentication
Cost savings: Low usage costs and no need to invest in physical devices such as USB Tokens
Disadvantages (of SmartCard):
Low security: Relying on SIMs and phone signals can lead to potential security risks
Location restrictions: SmartCard requires internet or phone signal to sign, cannot be used when abroad or in places without signal.
To start using it, you need to perform two important steps: registering for the service and installing the software.
Registration documents and procedures:
For businesses: It is necessary to prepare a notarized copy of the Business License, Tax Registration Certificate and ID Card/Passport of the legal representative. If the registrant is not the legal representative, an additional Power of Attorney is required.
For individuals: Only need a notarized copy of ID card/CCCD/Passport
After preparing the documents, you can submit them directly at the transaction counter or register online on the supplier's website.
USB Token Installation Instructions:
Step 1: Plug the USB Token into the computer's USB port
Step 2: Open the "My Computer" or "This PC" folder, find the digital signature icon (eg FPT-CA) and double-click to open
Step 3: Run the installation file, select language and follow the instructions on the screen
Step 4: Click "Finish" to complete the installation process. This process only needs to be done once.
Once successfully installed, you can start signing on various platforms.
Digitally sign text documents and PDF files:
Step 1: Plug the USB Token into the computer
Step 2: Open the document or PDF file that needs to be signed. You can use supporting software such as Foxit Reader.
Step 3: Find and select the digital signature function on the application
Step 4: Enter the USB Token PIN to authenticate and complete the digital signature
Digital signature on the General Department of Taxation's Electronic Tax Portal:
Step 1: Plug the USB Token into the computer
Step 2: Access the website http://thuedientu.gdt.gov.vn/ and select "Business"
Step 3: Enter the tax code and necessary information, then select "Read CKS" and click "Continue"
Step 4: Enter the USB Token PIN, select "Accept" and "Continue"
Step 5: After the system displays the declaration, check the information again and select "Sign and send" to complete.
Using digital signatures brings convenience, but comes with serious security risks if users are not careful.
Risks from users: Many people are still negligent in managing USB Tokens, do not change the default password or give the device to others. This is a loophole for criminals to take advantage of impersonation and conduct illegal transactions.
Provider Risk: Some less reputable service providers may violate subscriber authentication regulations, leading to identity fraud to conduct high-value transactions.
Technical errors: Users may encounter errors such as Java installation, incompatible software, or file structure errors when filing taxes.
To protect your digital signature, you need to take strict and professional management measures.
Change PIN and protect USB Token: Immediately after receiving the digital signature, change the default PIN. The new PIN should be different from personal information and should be changed periodically. After use, the USB Token should be stored safely in a locked cabinet.
Check and renew digital certificates: You need to check the validity of the digital certificate periodically to renew it in time, avoiding interruption of electronic transactions. Renewal can be done by contacting the switchboard or going directly to the supplier's agent.
Choosing a reputable supplier is key to ensuring safety and efficiency when using digital signatures.
Legal conditions: The provider must be a legally established enterprise in Vietnam and have a License to provide public digital signature services issued by the Ministry of Information and Communications.
Personnel capacity: The company must have at least two people holding an Auditor Certificate or an Accounting Practice Certificate issued by the Ministry of Finance. The Director must have at least two years of professional experience.
Experience and reputation: Prioritize suppliers with many years of experience, trusted by many large enterprises and received industry awards.
Technical support: A professional provider will have a dedicated technical support team that can answer questions and troubleshoot problems 24/7.
Pricing policy: Businesses should not be greedy for services that are too cheap because they may come with poor quality, lack of security and support. Choose a supplier with a clear price list and service commitments stated in the contract.
Using digital signatures is an important step in the digital transformation journey of every business and individual. However, to optimize benefits and avoid potential risks, users need to equip themselves with solid foundational knowledge, understand the types of digital signatures, and strictly implement security measures. More importantly, choosing a reputable service provider with full legal and professional criteria will be the deciding factor to ensure that all electronic transactions take place safely, effectively and in compliance with the law.
