Qualified certificate 

The personal certificate granted by the Digital and Population Data Services Agency can be used for the authentication of a person, for the encryption of a message and for an electronic signature. The Digital and Population Data Services Agency’s signature certificate meets the requirements concerning approved certificates under the Act on Strong Electronic Identification and Electronic Signatures. The authentication and encryption certificate is a token that meets high-level requirements.

The Digital and Population Data Services Agency is Finland’s first and, currently, only provider of signature certificates that are of an acceptable standard. The Finnish Communications Regulatory Authority oversees the work of the CA. The Digital and Population Data Services Agency guarantees the correctness of electronic identity.

A digital signature refers to an electronic signature produced using an encryption method. An electronic signature of an approved standard is awarded the legal effect of a hand-written signature in all EU Member States, meaning an electronically signed document is as legally binding as one signed by hand. Digital and Population Data Services Agency-granted signature certificates are based on the public key infrastructure (PKI). A signature certificate contains both a private and a public key. The private key in the signature certificate is used to make an electronic signature. The public key is used to check the electronic signature. For example, an e-mail program creates a digital signature that is protected by the sender's private key in the message that is to be signed. The recipient of the message, or the party trusting the certificate, can check the signature in a message using the sender's signature certificate and the public key it contains. The recipient's e-mail software performs signature checking and message integrity checking. If the sent and received information match, the signature is intact, and the recipient can confirm that the sender of the message and that the contents of the message have not been changed after the message was sent.