Translated by
2020/05/21 15:47:22

Certification centers

Certification center (Certificate authority) (engl. Certification authority, CA) — the organization issuing certificates of keys of the electronic signature.


Electronic signature

Main article: Electronic signature

Services UTs

The certification center is the component of a global directory service which is responsible for management of cryptographic keys of users. Public keys and other information on users it is stored by certification centers in the form of digital certificates. As UTs enter:

  • issue of electronic signatures;
  • providing public keys (certificates) EDS to any interested persons;
  • suspension of action of the EDS, in case of their compromise;
  • certificate of correctness of the signature of electronic documents;
  • analysis of conflict situations.

For obtaining the EDS it is necessary to address to Certification center, or its representation.

Certification centers in Russia


2020: New requirements to certification centers

On May 21, 2020 it became known of the draft resolution of the government prepared by the Ministry of Finance of the Russian Federation in which additional requirements are provided to the certification centers (CC) issuing the qualified electronic signature.

The first Deputy Minister of Finance Tatyana Nesterenko directed this document in the Ministry of Telecom and Mass Communications, FTS, FSB and ANO Tsifrovaya ekonomika. Vedomosti studied the copy of the letter. 

Only the largest Russian banks will be able to issue the qualified electronic signature

Follows from the resolution of the Ministry of Finance that to issue electronic signatures to legal entities and individual entrepreneurs the organizations having the banking license and branches, representations or structural divisions in the territory of not less than 60% of regions of Russia will be able. Sberbank and VTB conform to this requirement. Alfa-Bank and Post Bank also have the developed branch network, but yet they have no UTs.

In Tinkoff Bank consider these requirements excessive, they do not give the chance to certification centers to service clients far off and also enter the conflict with provisions of the law "About the Electronic Signature".

Also the president of Association of developers and operators of the systems of electronic services Yury Malinin holds the same opinion. According to him, at such scenario will be able to issue KEP at most two state Banks.

The competition will not be that will negatively affect development of the IT industry, – he concludes.

In addition, according to the project of the Ministry of Finance, UTs  should not is in  process of reorganization or  liquidation. Also  it  should have  no tax arrears, charges, penalties , etc. The resolution should  become effective on July 1, 2020.

By May 21, 2020 have the right to issue the qualified electronic signature about 500 certification centers accredited by the Ministry of Telecom and Mass Communications. The most part (95%) of such signatures is issued to legal entities, the others – physical.[1]


As amendments in the law on the electronic signature changed the UTs system

The State Duma adopted the bill making amendments to the federal law on the electronic signature in the third reading. We tell about the main changes[2].

Issue order

Electronic digital signatures to legal entities will issue certification centers to FTS, and credit institutions — UTs of the Central Bank. Officials of state agencies and local government authorities and organizations subordinated to them and also notaries will be able to receive keys only in certification centers of Federal Treasury. Individuals will receive keys in the accredited commercial certification centers.

Signature of the legal entity

In legal relationship of legal entities signatures will be used:

  • CAP of the legal entity, released only on the legal entity for application at automatic signing or verification of the signature in the electronic document.
  • CAP of the legal entity, released on the head.
  • CAP of the individual with inclusion of the power of attorney of the legal entity in a packet of electronic documents when signing by the employee of the company. The power of attorney is signed by KEP of the legal entity which is released on the head of the organization. The power of attorney should be included.

Cloud signature

The accredited certification center will be able to store a key of the electronic signature now and to use it at the request of the certificate holder of this signature.

Accreditations of certification centers

  • For receiving accreditation of UTs the amount of the capital should be not less than 1 billion rubles or 500 million in the presence of branches not less than in three quarters of the subjects of the Russian Federation.
  • UTs should have not less than 100 million rubles of insurance coverage.
  • Accreditation will be provided for 3 years.

Identification of the applicant

There were set methods of identification of the applicant on obtaining the certificate, including by means of providing data from a single biometric system.

The entrusted third party

The new concept — the entrusted third party will be published in the law. It will check validity of the EDS, compliance of certificates and powers of participants of electronic interaction and also to perform documentary confirmation of results of such check.

The State Duma enters state monopoly for issue of the electronic signature for legal persons

On November 8, 2019 it became known that the State Duma adopted the bill of amending the Law "About the Electronic Signature" in the first reading. The document was developed by a number of senators and deputies and assumes serious reform of certification centers of the electronic signature.

Acting since 2011. The law "About the Electronic Signature" enters three types of signatures: simple, strengthened and qualified. The simple signature is any technology about which use the parties agreed. The strengthened signature is the signature issued by certification center.

The qualified signature is the signature issued by the accredited certification center. Is engaged in accreditation the Ministry of Telecom and Mass Communications. Such signature is recognized as an analog autographic.

The bill adopted in the first reading increases the minimum size of net assets of the accredited certification center from 7 million rubles to 1 billion rubles, and the minimum amount of financial provision – from 30 million rubles to 200 million rubles. If the certification center has branches in at least two thirds of Russian regions, then the minimum size of net assets can be reduced to 500 million rubles.

The term of accreditation of certification centers is reduced from five to three years. The administrative responsibility is imposed for violations in work of certification centers of technical character. And criminal liability also is imposed for deliberate actions of staff of certification centers, in addition to administrative.

On it requirements do not come to an end. Legal entities will be able to use only the qualified electronic signatures issued by certification center of the Federal Tax Service (FTS). In addition at the conclusion of transactions the qualified electronic signatures of the individuals authorized to work on behalf of the relevant legal entities will be applied.

In cases with credit institutions, non-credit financial institutions and payment systems the qualified electronic signatures issued by certification center of the Central Bank will be applied. In cases with public authorities and local government and also their officials will apply the qualified electronic signatures issued by certification center of Federal Treasury.

So actually the state enters monopoly for issue of electronic signatures to legal entities. In case of approval of the bill regulation about obligatory obtaining signatures in FTS certification centers and the Central Bank will become effective in two years.

The certificates of the qualified electronic signatures and accreditation of certification centers issued before publication of this law will be valid up to the end the term of their action, but no more than two years. The government supported the offered bill.

At the same time the bill adopted by the State Duma in the first reading gives an opportunity of use of the cloud electronic signature. For this purpose certification centers will be able to store keys of verification of electronic signatures and, at the request of their owners, to create electronic signatures with their help.

Also the concept of the entrusted third party is entered. It will verify authenticity of the electronic signature in electronic documents at the specific moment and to verify authenticity of the electronic signatures issued abroad. The entrusted third parties will have to undergo accreditation in the Ministry of Telecom and Mass Communications. It is expected that in Russia about 20 such persons will appear.

With respect thereto one more concept – a tag of the entrusted time is entered. It is the reliable information electronically about date and time of signing of the electronic document the electronic signature created and checked by the entrusted third party, certification center or the operator of an information system[3].


The Ministry of Telecom and Mass Communications entered the bill of verification of powers of the person using the electronic signature to the Government

On September 12, 2017 the director of Legal department of the Ministry of Telecom and Mass Communications of the Russian Federation Roman Kuznetsov told about activity of the ministry of creation of common trusted area of the electronic signature and plans for regulation of this sphere.

In Russia more than 400 large and small certification centers from which more than 200 are the commercial organizations work. According to Roman Kuznetsov, the market is competitive: service prices are defined by a supply-demand balance and yet are normative regulated by nobody.

The Ministry of Telecom and Mass Communications of the Russian Federation developed and introduced the federal law draft which contains the provisions directed to regulation of procedures of establishment and verification of powers of the person using the electronic signature in different information systems and also to ensuring reliability of identification of the person using the services providing electronic interaction to the Government of the Russian Federation.

Mechanisms of confirmation of powers of the persons addressing in the state information systems which are offered by the bill answer modern business processes. Acceptance and implementation of the bill will allow departments to refuse use of additional powers in the qualified certificates.

There is a possibility of creation of common trusted area and a different way which provides complete centralization of procedures and mechanisms of creation and issue of keys and certificates of the strengthened qualified electronic signature, use to five entrusted state certification centers and also the translation of procedures of creation and issue of the qualified certificate in discharge of public services. It will lead to increase in trust of society to electronic document management which will be provided with guarantees from the state. The procedure of creation and issue of the electronic signature will be unified, and the service fee will become uniform as the state fee. The possibility of commission of very popular type of fraud — fraudulent activity for the purpose of transfer of pension savings of these persons in non-state pension funds will be at the same time excluded.

"We plan introduction of amendments to the legislation governing the relations in the field of the electronic signature regarding the bases for failure in accreditation of certification center which accreditation was ahead of schedule stopped in view of non-compliance with requirements of the legislation, during a certain period earlier. The interval in 3–5 years is considered. Also can be the basis for failure similar with deprived of accreditation the head of certification center, or the similar workers authorized in deprived of accreditation certification center on implementation of functions on creation and issue of the qualified certificates. It will allow to perform cleaning of the market of the accredited certification centers of unfair participants" — Roman Kuznetsov reported.

Bills are at different stages of readiness, part of them is already entered to the Government of the Russian Federation.

The Central Bank and the Ministry of Economic Development against state monopoly for issue of UKEP

The Ministry of Economic Development prepared in July, 2017 the negative conclusion on the amendments drafted by the Ministry of Telecom and Mass Communications in the law "About the Electronic Signature" which suppose to transfer functions of issue of the strengthened qualified electronic signature (SQES) from private companies to the state, follows from the data placed on the federal portal of projects normative legal [4].

"The Ministry of Economic Development of the Russian Federation notes inexpediency of acceptance of the offered regulation in connection with the considerable volume of budgeted expenses, existence of the administrative and other risks capable to influence negatively market development on creation and issue of the qualified certificates, keys of verification of the electronic signature and also allied industries of economy", said in the conclusion signed by the Deputy Minister of Economic Development Savva Shipov.

In the document it is also mentioned that the regulation offered by the Ministry of Telecom and Mass Communications can lead to liquidation of the market of services in issue of UKEP as such together with loss of all created infrastructure, to closing of the relevant organizations, dismissal of qualified employees of certification centers. "Centralization of the mechanism of issue of UKEP, transfer of issue of UKEP to discharge of public services, the increased amount of the state fee for issue of UKEP will interfere with wide circulation of modern technologies of electronic document management among citizens and legal entities that does not answer the purposes of informatization of economy, will lead to complication of an order of interaction of economic entities and the states", the document says.

Experts oppose state monopoly for issue to the qualified electronic signature

The Ministry of Telecom and Mass Communications is going to limit number of certification centers which have the right to issue the qualified electronic signature, two government institutions. The relevant bill is entered entered at the beginning of 2017 by department. In an explanation to it it is told that the accredited certification centers assume numerous violations that arouses mistrust to them from users. The initiative of the Ministry of Telecom and Mass Communications is designed to set uniform standards of providing service[5].

In Russia more than 440 certification centers (CC) and 5000 points of issue of electronic signatures in which not less than 15 thousand highly qualified specialists work are opened. The existing UTs annually bring to the budget not less than ₽6.5 mlrdv a type of tax. The cost of the qualified electronic signature (QES) for individuals begins from ₽1400. Except its issue, UTs offer still a number of services, for example, the software allowing to sign electronic documents and to send them to departments.

According to participants of a round table "Sphere of electronic services of the Russian Federation. Ways of development and threat", the carried-out CNews together with ROSEU association on April 20, 2017, the new initiative of the Ministry of Telecom and Mass Communications undermines confidence to the regulator, promotes decrease in the competition and, as a result, quality degradation of services of certification centers. In 2 years after entry into force of the amendments proposed the Ministry of Telecom and Mass Communications 15 thousand people will be brought to labor market. Costs of the state for creation of new infrastructure will make not less than ₽5 billion Besides, in the explanatory note to the bill is told that the cost of KEP will increase to ₽2500.

The bylaws defining an operating procedure of UTs, control for their activity and responsibility for violation of the legislation are necessary for the solution of the problems existing in the market. Also regulatory legal acts on application of authorized certificates and the electronic signature should be developed. Besides, experts stated wishes on optimization of the legislation regulating application of KEP as cryptographic means, and to simplification of process of use of a CIPF in a mass segment. The register of certificates should be available in order that it was possible to check legitimacy of the shown data. Also UTs should get access to SIEI for verification of information at issue of KEP.

2016: The Ministry of Telecom and Mass Communications received powers on establishment of job requirements of the accredited certification centers

Since July 8, 2016 became effective provision of the law "About the Electronic Signature" which conferred Ministry of Telecom and Mass Communications Russia powers on establishment of job requirements of the accredited certification centers. The ministry of the requirement to the centers claimed. In 2016 the Ministry of Telecom and Mass Communications of the Russian Federation also had an opportunity to check the accredited certification centers both in a planned order, and in an unplanned order on citizens' appeals. Within this work several certification centers were deprived of accreditation in connection with the violations allowed by them.

2013: The plan of connection of UTs to SIEI

The subcommittee concerning use of IT when providing state services which will take place in the White House on November 28, 2013, is going to approve accession of information systems of a number of the certification centers (CC) to infrastructure of the electronic government. It is said in the agenda of a subcommittee which CNews studied.

UTs "Tensor", "CryptoStandart", "is going to connect Infotecs the Internet the Trust", "SKB Kontur", UTs of the Supreme Court State Dumas State Offices of Public Prosecutor, Investigative Committee and also FAU "[The Russian maritime register of shipping]]".

"UTs were included in the list as submitted the application for accession to infrastructure. On the basis of the order of 1382 they have such right", - reported CNews in the Ministry of Telecom and Mass Communications.

The connection purpose - verification of the data submitted the applicant at issue of the digital signature certificate (EDS), added in the ministry.

The certification centers which were included in the list on approval will be able to use infrastructure of the system of interdepartmental electronic interaction (SIEI) for obtaining information from state bodies, Nikita Baranov, the Services of Certification Center project manager of SKB Kontur company specified CNews.

According to him, this solution will very significantly affect practice of work of UTs.

At this time for release of the certificate of UTs, according to the law, it is obliged to receive from addressed a number of documents.

"For an example, the individual should provide at least the passport, the Insurance Number of Individual Ledger Account and the certificate of a TIN, and for the legal entity the list is supplemented with the statement USRLE, the certificate of PSRN and constituent documents, - Baranov explains. - Further legal position of all documents of the signed EDS depends on correctness of actions of UTs, and it can be agreements for very large sums. Therefore UTs is obliged to make sure that all provided documents are originals, to create copies of all provided documents and to organize their storage".

For the user it creates problems with collecting of documents, for UTs - with their check and storage, adds Rams: "All this taking into account a big geographically-distributed structure".

"Connection to SIEI will help, first, that we will be able to collect a part of documents in electronic form directly in the relevant department. Secondly, we will be able to check online validity of data with confirmation of state agencies. And, thirdly, we should not do and store copies of documents", - he says.

All this, according to the representative of SKB Kontur, "will lead to significant acceleration and hanging of reliability of the procedure of release and, at the same time to increase in convenience of users".

Process of connection of UTs to SIEI, according to Nikita Baranov, can take about half a year: "Technical implementation - creation, testing and start in operation of modules which send requests is necessary and receive answers (for example, verification of the passport in FMS)"[6].

2012: Order of FSB on requirements to digital signature facilities and UTs

On February 17, 2012, the order of FSB of the Russian Federation of December 27, 2011 No. 796 "About the approval of requirements to digital signature facilities and requirements to means of certification center" was published. Earlier there was an order of December 27, 2011 No. 795 "About the approval of requirements to a form of the qualified certificate of a key of verification of the electronic signature".

According to new regulations, means of the signature when signing the document should show the electronic document to the person which signs it, to wait for confirmation from this person, and after signing - to show it that the signature is created. At verification of the signature means should show the electronic document and also information on making changes in the signed document and to point to the person who signed it.

The format of the qualified certificate significantly differs from a format of certificates of the EDS which are issued at this time (according to federal law No. FZ-1). For example, it is necessary to include in the qualified certificate the name of the digital signature facilities and means of certification center used for generation of the signing key and a key of check (closed and the opened keys respectively) and also for creation of the certificate.

In comparison with certificates of the EDS the method of representation of powers of the certificate holder changed. The certificate of the EDS according to the statement of the owner could join any data confirmed by the relevant documents, and in the qualified certificate non-standard details (for example, registration number of the insurer) can join only if requirements to their appointment and arrangement in the certificate are defined in the documents provided for confirmation of conformity of means of certification center to requirements of FSB.


Rostelecom started creation of network of certification centers

Rostelecom started in April, 2011 creation of network of the certification centers forming "common trusted area" in which each resident of Russia will be able to receive the electronic digital signature. Until the end of 2011 the company is going to open 80 such centers which will be created based on the centers of sales and customer service in different regions of Russia.

The first UTs for obtaining the EDS by citizens opened in Moscow

The first certification centers in which citizens can receive the electronic signature opened in Moscow in April, 2011. For this purpose personal presence and the passport of the citizen will be required. The signature presenting itself the ciphered information in the file form in the presence of the applicant will be written on the certified electronic medium (the electronic card or a flash drive). The signature is free, but the cost of the carrier should be paid. The Ministry of Telecom and Mass Communications assumes that obtaining the qualified electronic signature will cost the citizen approximately 300 rub. As the director of legal department of the ministry Andrey Tikhomirov, obtaining the electronic signature – case especially voluntary emphasized. He also added that the citizen bears responsibility for safety of the electronic signature, having reminded that in case of loss or theft the signature can be blocked and then to recover through the same certification centers.[7]