Open Documentation Menu

Ident & Certificates

The signature on my qualified signed document is not displayed correctly. The validity of the signature is unknown. How can I rectify this error?

Where it does not work, it could be related to the lists of valid certificates. This can be checked as follows:

Open the document in Adobe Acrobat, then click on Edit --> Settings and in the new window at the bottom left click on Trust Services. Then click on Update now. The signature should now be displayed correctly.

802992826.png
Can I or third parties use d.velop sign without registration or identification?

With the advanced signature with Swisscom, you do not have to identify yourself personally, as this is a certification by a legal entity and therefore a seal. The signature protects the signed document from changes and ensures the integrity of the data. Whether this signature level is sufficient for you is subject to examination by a lawyer. We will be happy to put you in touch with a specialist if required.

Read more here.

Which identity documents do I use to identify myself if I am not an EU citizen?

You can view the current list here.

Please note that the information on European travel and identity documents in this database is not yet complete; several documents and versions of documents are still missing. Please visit the website https://www.consilium.europa.eu/prado/de/search-by-document-country.html to check whether the document you are looking for has now been added to the database.

Do I have to go through a new identification procedure if I change my e-mail address or mobile phone number?

Your e-mail address for the 1st factor and your telephone number for the 2nd factor (mobile/landline) will be linked to your identity as part of the Ident process. If the e-mail address for the 1st factor or the number for the 2nd factor changes, this link is removed and must then be recreated.

Do I have to identify myself again at sign-me (Bundesdruckerei) if I have lost my identification, e.g. by resetting my password?

Yes, for security reasons you must re-identify yourself.

When do I have to have myself identified?

If you wish to sign a document with a qualified signature, you must identify yourself once to D-Trust, a company of the Bundesdruckerei Group. This is done so that it can be proven that the digital signature can also be clearly assigned to the person signing. You can find out here which procedures you can use and how they work.

With the advanced signature, your system administrator can choose whether this signature should be executed with a Swisscom seal or a Bundesdruckerei signature (sign-me). Both advanced signatures protect the signed document against changes and ensure the integrity of the data. The advanced signature with Swisscom can be executed without prior identification and registration.

Why am I receiving a message that my certificate has been revoked?

Due to the replacement of hardware components (HSMs) in the data center of sign-me (identification service of D-Trust), all qualified signature certificates must be revoked and recreated. Revocation and creation take place as soon as you want to sign with one of the certificates. You will then receive the corresponding notifications by e-mail. This has no effect for you as a user, as the identification is stored at sign-me and the new certificates can continue to be used. All signatures made before the blocking remain valid.

Why are my certificates deleted when I upload them to Adobe sign or Docusign?

Docusign & Adobe are American signature providers that are designed to work only within their own solutions. To prevent error messages, delete all previous certificates applied to the document.

d.velop sign, on the other hand, is an open solution for other systems that implements remote signatures legally & in compliance with eIDAS specifications. This means that every signature created with d.velop sign can be validated with public verification mechanisms, e.g. with the EUTL. With the aforementioned market competitors, this is only possible in their ecosystems. If a document has to be signed with an American provider, we therefore recommend that you first sign the document with the American provider and then countersign it with d.velop sign.

What do I do if I have too few coins for an identification?

For identification with sign-me (identification service of D-Trust) from d.velop sign, it is not necessary to buy coins.

Here you will find instructions on how to register & identification with sign-meon our support page.

If your identification process is interrupted, it is important that you continue the process from within d.velop sign.

How can I switch from the sign-me authentication app to the SMS-TAN procedure?

If you want to participate in the SMS-TAN procedure, you must start a new registration in the portal www.sign-me.de under "App registration". First you have to request a TAN. If you want to end the process, click the "Back" button after entering the TAN to return to the sign-me start page.

The SMS-TAN procedure is now activated.

How can I use the D-Trust 2-factor process via the app?

You can also use the 2-factor procedure at D-TRUST via app to confirm your signature. The procedure is recommended by the provider due to its stability. You can find out how to activate this here .

How can I validate my signature?

The validation of the signature takes place within PDF display applications and depends on the procedure of the corresponding application. Here, no two readers are alike and the relevant standards, such as the necessary check against the European Trusted List (EUTL), are rarely adhered to. For some readers with an internal trust store, the certificate from the EUTL can be stored to enable an EUTL check. If, for example, your Adobe certificates are not up to date, an error message may appear when your signature is checked. You can find instructions on how to update your Adobe certificates here. For example, Acrobat Reader checks qualified signatures against the EUTL and also displays this directly in the signatures made. In principle, the validity of the QES is not affected by the incomplete check in various readers.

If a signature is to be verifiably checked, we recommend using the official EU validation page where you can upload and check your document(https://ec.europa.eu/cefdigital/DSS/webapp-demo/validation). This software checks according to the validation specifications and creates a test report at the end, which logs the process.

For more information, please watch the following video:

How can I verify a digital signature?
How can I download my certificates in sign-me?

A signature certificate is created during the signature process with sign-me (identification service of D-Trust). You can then download this from sign-me. To do this, go to your settings in d.velop sign at the top right and click on the tab sign-me Bundesdruckerei.

802992818.png

Now click on Edit sign-me account and log in with your data.

Once you have logged in to sign-me, you can select Manage signature certificates and download the relevant certificate.

802992819.png
802992820.png
How can certificates be updated in Adobe?

If your Adobe certificates are not up-to-date, an error message may appear when checking your signature. You can find instructions on how to update your Adobe certificates here.

How long is my sign-me certificate valid and how can I extend it?

Certificates with identification via Video-Ident generally have a term of two years. You will receive an e-mail notification in good time before expiry with information on the expiry date so that you can have new certificates issued. A reissue is free of charge and can reuse the existing identification data if your ID card is still valid and you initiate the reissue before the certificate expires. To do this, please revoke your qualified certificate in the menu item "Manage signature certificates" on the sign-me page and then follow the instructions under the menu item "Identify".

Certificates with identification via online ID function, Giro-Ident (currently not available) or PoS-Ident are valid as long as the document used to create them is valid.

Signature certificates with identification via Video-Ident are short-term certificates with a validity of 24 hours. This means that the certificate remains valid for 24 hours and if you sign a document after 24 hours, a new short-term certificate is generated based on legal requirements. The signatures executed with these short-term certificates remain valid (legally binding) on the basis of the certificate in combination with the PDF file.

A new certificate is automatically generated for a new signature process after the validity expires. Due to legal requirements, sign-me will inform you of this by e-mail.

Where can I view my certificates?

You can view your current signature certificates under the menu item Your signature certificates. If you have identified yourself via VideoIdent, you may not see a qualified certificate. In this case, sign-me (identification service of D-Trust) generates a short-term certificate for the signature, which is valid for 24 hours.